CORPORATE GOVERNANCE
6 RISK GOVERNANCE
AND INTERNAL CONTROL (CONTINUED)
Risk Architecture
With a a a a a a a a a view to to fully identify measure assess and mitigate our exposure to to risks an an an Enterprise Risk Management (ERM) framework and a a a a a Business Continuity Management (BCM) plan were implemented within the Group in in in in 2016 The Group’s strategic objectives objectives were defined and the the risk appetite was determined for each of these objectives objectives based on a a a a a a a group- wide approach considering risks across all departments functions and activities Risk Hierarchy
BOARD
Approve and maintain the Risk Management Policy Set and review the Risk Appetite on a a a periodic basis Maintain oversight of the Risk Management Framework The Risk Hierarchy
is is illustrated hereunder:
3rd line of defence
GROUP INTERNAL AUDIT
Carry out internal audits on a a a a risk basis Provide assurance on adequacy of controls across specific risk risk areas (including risk risk management) CHIEF RISK OFFICER
Review and approve risk reviews Approve appropriate action to to bring organisational risks within tolerance level Report to to to the the Risk Monitoring
Committee on on on the the key risk/control indicators DEPARTMENT HEADS (RISK OWNERS)
Attend periodic meetings to discuss risk management reports Maintain oversight of their respective risk/control owners RISK & COMPLIANCE OFFICER
Implementation of the risk management framework nd 2 line of defence
1st line of defence
92 - UBP INTEGRATED REPORT 2020