MENU PLACES PEOPLE PARTNERS PERFORMANCE PEPERFORFORRMMAANNCCEE (ENVIRONMENT) ((EECCONOONOMMIICC)) Performance (Economic) 2022 Progress Corporate Governance Risk Management and Internal Controls Green Financing Investor Relations Risk Management and Internal Controls GRI The Board is responsible for evaluating and determining the nature and extent of the risks it is willing to 2-12, 201, 403 take in achieving the Company’s strategic objectives and for ensuring that the Company establishes and maintains appropriate and effective risk management and internal control systems. The Board and management are responsible for identifying and analysing the risks underlying the achievement of business objectives, and for determining how such risks should be managed and mitigated. The Board oversees management in the design, implementation and monitoring of the risk management and internal control systems, and management provides confirmations to the Board on the effectiveness of these systems. The management of risks is subject to audit by GIAD, with support from specialist external consultants where necessary. The following diagram illustrates the key risk management processes of the Company. Risks that impact the achievement of business objectives are identified by management and categorised with reference to a risk taxonomy. Risk Identification Adequacy and effectiveness of Impact of the identified risks and risk management and internal Risk Risk vulnerability of the entity to the controls are closely monitored Monitoring Analysis risks are evaluated to determine by management through regular the risk level. review exercise. Risk Risk Reporting Mitigation Risks are regularly reviewed and Internal control procedures and reported to the Audit Committee response protocols are designed, and other relevant governing documented and implemented parties. to manage the risks and mitigate their impact. SUSTAINABLE DEVELOPMENT REPORT 2022 251