annual - Maxis

More documents

Recommendations

Info

86 | Maxis BERHAD Annual Report 2009 All risks identified are assessed to determine the risk ranking and they are displayed on a 5x5 risk matrix. With this visual representation, the business owners and Senior Management team are able to prioritise their efforts and manage the different classes of risks appropriately. The Board of Directors is ultimately responsible for identifying principal risks and ensuring the implementation of appropriate systems to manage these risks. The oversight of this critical area is carried out through the Audit Committee and reported to the Board at quarterly meetings. The ongoing effectiveness of the risk management framework is confirmed by Internal Audit through annual audit and review procedures. There is a dedicated independent risk management department responsible for managing the risk management process in the Group. The responsibilities of the department amongst others are to: • Steer the Group’s Risk Management programme and ensure timely updates of risk profiles by the respective business units; • Provide quarterly reports to the Audit Committee on the consolidated risks faced by the respective business units and action plans to mitigate such risks; • Present a summary of key risks to the Audit Committee quarterly; • Conduct risk awareness and review sessions with relevant heads of departments/risk owners to promote a proactive risk management culture and track risk implementation issues, if any; • Provide assistance to key business units to ensure risk management is firmly embedded as a process and that all key risks are identified and appropriate mitigating actions and controls are in place; • Analyse risk assessment reports from all business units and conduct quarterly presentations at the Senior Leadership team meeting (chaired by the CEO), for deliberation of risks that impact the annual operating plans and objectives by senior management; and • Provide relevant information on risk management to all Maxis staff through the internal website. Risk Rating Scale Scale – 5 x – 55x5 Matrix Matrix 1. CATASTROPHIC HIGH 2. MAJOR IMPACT 3. MODERATE MEDIUM 4. MINOR 5. INSIGNIFICANT LOW 1. UNLIKELY 2. LOW PROBABILITY 3. POSSIBLE 4. HIGH PROBABILITY 5. ALMOST CERTAIN LIKELIHOOD OF OCCURENCE HIGH MEDIUM LOW
This chart needs a title Risk Rating Scale – 5 x 5 Matrix IMPACT 1. CATASTOPHIC HIGH IMPACT 1. CATASTROPHIC Maxis BERHAD Annual Report 2009 | 87 HIGH 2. MAJOR 2. MAJOR 3. MODERATE MED. 3. MODERATE MED. 4. MINOR 4. MINOR 12.3 5. UNLIKELY Managing Operational Risks – Business Continuity LIKELYHOOD OF OCCURENCE 1. UNLIKELY 2. LOW PROBABILITY In addition to the risk management function, Maxis has put in place disaster recovery and business continuity plans which are tested regularly to ensure prompt recovery of critical business functions in the event of major business and/or system disruptions. This is carried out via the establishment of a Crisis Management Team (“CMT”) to ensure uninterrupted service to our customers in Malaysia. To preserve shareholder value, Maxis is committed to ensuring the timely recovery of its core business and its continuity in the event of a disaster at any of it locations. 21.3 Business Continuity (“BC”) is of paramount importance to 42.1 the company and its focus is maintained by a dedicated team of 21.3 certified BC practitioners. Maxis is certified under the British 42.1 Standard BS 25999 ( Business Continuity Management) therefore key BC disciplines such as risk evaluation, development of BC strategies and infrastructure plus testing of response plans 18.5 18.5 are in line with international BC best practices. 22.3 TOTAL ASSETS 7.6 LOW 3. POSSIBLE 4. HIGH PROBABILITY 7.6 5. ALMOST CERTAIN 12.3 22.3 5. INSIGNIFICANT LIKELIHOOD OF OCCURENCE For the financial LOW year, the Group spent more than RM20 million in building additional redundancies in network infrastructure and establishing alternate sites, where key operational activities 1. 2. 3. 4. 5. can be resumed UNLIKELY in LOW case of any POSSIBLE disruption HIGH to our ALMOST operations. In PROBABILITY PROBABILITY CERTAIN addition during the financial year, critical areas as identified by risk priority were tested to assess the effectiveness of the implemented BCP initiatives. Annually, company-wide crisis simulation exercises involving core divisions of operations are conducted whereby the response of the CMT members 7.6 are put to the test. In addition, 7.6 an average of 21.3 fifty simulation tests of various complexities are conducted annually on core divisions and their respective critical equipment. 42.1 On going awareness programs are also being conducted for CMT 21.3 coordinators and staff nationwide. 12.3 The progress of these initiatives are reported monthly 18.5 to management and presented twice yearly to the BCP Steering 18.5 Committee which is chaired by the Chief Financial Officer. 22.3 In addition, key 22.3 risks are highlighted to the Audit 12.3Committee in conjunction with the Enterprise-wide Risk Management process. Where appropriate, the Group mitigates risk of high impact loss events by appropriate insurance coverage. T OTAL EQUITY & LIABILITIES HIGH MEDIUM LOW 42.1 Business Community Continuity Process Flow Flow PHASE 1 PROGRAMME JUSTIFICATION AND AUTHORISATION PHASE 2 PLAN, DEVELOPMENT, TESTING AND TRAINING PHASE 3 MAINTENANCE 1. PROJECT INITIATION RISK ASSESSMENT DEVELOP BCP CAPABILITIES 2. RISK IDENTIFICATION 4. RECOVERY STRATEGIES Risk avoidance Risk reduction Risk transfer BUSINESS 5. RECOVERY IMPACT INFRASTRUCTURE ANALYSIS 1 Network facilities IT infrastructure Office facilities and others 8. TESTING 9. PLAN MAINTENANCE 3. BUSINESS IMPACT ANALYSIS 6. RESPONSE PLAN 7. AWARENESS/TRAINING 10. AUDIT REVIEW 6
Page 2:
ANNUAL REPORT 2009 ANNUAL REPORT 20
Page 5 and 6:
Maxis BERHAD Annual Report 2009 | 3
Page 7:
Maxis BERHAD Annual Report 2009 | 5
Page 10 and 11:
8 | Maxis BERHAD Annual Report 2009
Page 12 and 13:
Page 14 and 15:
Page 16 and 17:
home automation netWORKING security
Page 18 and 19:
Page 20 and 21:
Page 22 and 23:
Page 24 and 25:
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
MONEY MATTERS One day, your weekly
Page 36 and 37:
Page 38 and 39: 36 | Maxis BERHAD Annual Report 200
Page 42 and 43: home automation travel netWORKING s
Page 44 and 45: 42 | Maxis BERHARD Annual Report 20
Page 48 and 49: home automation health MONEY securi
Page 50 and 51: 48 | Maxis BERHARD Annual Report 20
Page 60 and 61: NAVIGATION health netWORKING securi
Page 72 and 73: home automation health netWORKING s
show all

annual - Maxis

Create successful ePaper yourself

Delete template?

Save as template?