RISK GOVERNANCE AND INTERNAL CONTROL CSE ENTERPRISE RISK MANAGEMENT (ERM) FRAMEWORK CSE is committed to establishing an organisation that ensures ‘managing risks’ is an integral part of its business activities and a core capability where ERM is used to support decision-making. In CSE, ERM implementation aims to achieve more specifically the following objectives: • Promote good corporate governance and a sound system of Risk Management and internal controls; • Embed a structured and disciplined approach to systematically identify key risks that will impact CSE’s businesses, assess the likelihood and impact of these risks and develop action plans to treat these risks; • Establish a system to monitor and report key risks to the Group CEO through the Management Risk Committee (MRC) as part of the risk management framework; • Develop and embed an organisational risk culture within CSE; • Enhance compliance with relevant legal and regulatory requirements; and • Minimise unexpected losses and manage expected losses. CSE’s Enterprise Risk Management (ERM) framework provides the Group with a holistic and systematic approach to risk management. It outlines the reporting structure, monitoring mechanisms, processes and tools, as well as policies and limits, in addressing the Group’s key risks. Our ERM framework is constantly refined, ensuring relevance in a dynamic operating environment. The main references of this ERM Framework are: • ISO 31000 - This ERM Framework Manual is based on the ISO 31000:2018 Risk Management - Guidelines. ISO 31000 is a generic framework on Risk Management and is not specific to any sector or industry. Whilst CSE’s ERM Framework Manual has drawn guidance from ISO 31000, further customisation has been made to better suit CSE’s operating environment. • COSO Enterprise Risk Management Framework. 62 CSE GLOBAL LIMITED
RkJQdWJsaXNoZXIy NTM2MDQ5