PREAMBLE RISK MANAGEMENT POLICY Risk is inherent in all administrative and business activities. Risks are such events r the cnditins that has a harmful r negative impact n the rganizatinal gal r its business bjectives. The expsure t the cnsequences f uncertainty cnstitutes a risk. Every member f the Organisatin cntinuusly manages risk. The systematic appraches t managing risk have evlved and are nw regarded as gd management practice. The bjective f this plicy is t manage the risks invlved in all sphere f the activities f the Cmpany t maximize pprtunities and minimize the adversity. Effective risk management requires: - A strategic fcus, - Frward thinking and active appraches t management, - Balance between the cst f managing risk and the anticipated benefits, and - Cntingency planning in the event that missin critical threats are realised. SCOPE This Plicy Standard sets ut the detailed requirements and minimum levels f achievement necessary t implement the risk management elements f the business. This plicy facilitates management f risks assciated with ur activities and minimize the impact f undesired and unexpected events. Taking and managing apprpriate levels f risk is an integral part f all ur business activities. Risk Management, perfrmed rigrusly and cmprehensively, creates stability, indirectly cntributes t prfit and is a key element f reputatin management. KEY DEFINITIONS The key definitins fr this plicy fllw: Risk The chance f smething happening that will have an impact n the achievement f the Organisatin s bjectives. Risk is measured in terms f cnsequences and likelihd Risk Assessment The systematic prcess f identifying and analysing risks, which shall cver Risk Identificatin and Categrizatin, Risk Descriptin and Risk Estimatin. Risk Management Risk Management is the prcess f systematically identifying, quantifying, and managing all risks and pprtunities that can affect achievement f a crpratin s strategic and financial gals. RISK MANAGEMENT PROCESS The systematic applicatin f management plicies, prcedures and practices t the tasks f establishing the cntext, identifying, analysing, evaluating, treating, mnitring and cmmunicating risk. RISKS AND CONCERNS 1. Operatinal and Liquidity risks Infrastructure prjects generally have lng gestatin perids which may result in inrdinate delays in recvery f dues, which may have a direct impact n the liquidity psitin f the Cmpany and may affect the peratins and earnings f the Cmpany.
Quick and just turnver f prjects depends n cmpetency f the Cmpany as well as availability and prper deplyment f skilled manpwer. Any gap therein may affect the Cmpany s perfrmance. 2. Risks assciated with Strategy and Cmpetitin We perate in a cmpetitive and rapidly changing market and cmpete with bth dmestic as well as internatinal Cmpanies in the business f urban infrastructure. Ecnmics f scale with cmpetitrs and unfair cmpetitin can affect ur peratins thereby affecting market share and business. 3. Risks Factrs: The bjectives f the Cmpany are subject t risks that are external and internal as enumerated belw: a. External Risk Factrs Ecnmic Envirnment and Market cnditins Fluctuatins in Freign Exchange Plitical Envirnment Cmpetitin Revenue Cncentratin Inflatin and Cst structure Technlgy Obslescence b. Internal Risk Factrs Financial Reprting Risks Cntractual Cmpliance Cmpliance with Lcal laws Quality and Prject Management Envirnmental Management Human Resurce Management Culture and values RISK MANAGEMENT POLICY In rder t fulfil the bjectives f this plicy and lay a strng fundatin fr the develpment f an integrated risk management framewrk, the plicy utlines the fllwing guiding principles f Risk Management: 1. All business decisins will be made with the prir infrmatin and acceptance f risk invlved 2. The Risk Management Plicy shall prvide fr the enhancement and prtectin f business value frm uncertainties and cnsequent lsses 3. All emplyees f the cmpany shall be made aware f risks in their respective dmains and their mitigatin measures 4. The risk mitigatin measures adpted by the cmpany shall be effective in the lng-term and t the extent pssible be embedded in the business prcesses f the cmpany
5. Risk tlerance levels will be regularly reviewed and decided upn depending n the change in cmpany s strategy 6. The ccurrence, prgress and status f all risks will be prmptly reprted and apprpriate actins be taken theref. RISK MANAGEMENT POLICY STATEMENT The plicy statement is as given belw: T ensure prtectin f sharehlder value thrugh the establishment f an integrated Risk Management Framewrk fr identifying, assessing, mitigating, mnitring, evaluating and reprting f all risks T cntinually strive twards strengthening the Risk Management System thrugh cntinuus learning and imprvement RISK STRATEGY OR MITIGATION OF RISK POLICY Based n the Risk level determined and reviewed frm time t time, the cmpany shuld frmulate its Risk Management Strategy. The strategy will bradly entail chsing amng the varius ptins fr risk mitigatin fr each identified risk. The risk mitigatin can be planned using the fllwing key strategies: In rder t achieve the effective Risk mitigatin strategy, fllwing framewrk shall be used: a. Risk Avidance: By nt perfrming an activity that culd carry risk. Avidance may seem the answer t all risks, but aviding risks als means lsing ut n the ptential gain that accepting (retaining) the risk may have allwed. b. Risk Transfer: Mitigatin by having anther party t accept the risk, either partial r ttal, typically by cntract r by hedging. c. Risk Reductin: Emplying methds/slutins that reduce the severity f the lss. d. Risk Retentin: Accepting the lss when it ccurs. Risk retentin is a viable strategy fr small risks where the cst f insuring against the risk wuld be greater ver time than the ttal lsses sustained. All risks that are nt avided r transferred are retained by default. This includes risks that are s large r catastrphic that they either cannt be insured against r the premiums wuld be infeasible. RISK MANAGEMENT SYSTEM As a diversified enterprise, the cmpany has always had a system- based apprach t business risk management. Backed by strng internal cntrl systems, the current risk management framewrk cnsist f the fllwing elements: - The Crprate Gvernance Plicy clearly lays dwn the rles and respnsibilities f the varius entities in relatin t risk management. A range f respnsibilities, frm the strategic t the peratinal is specified in the Gvernance Plicy. These rle definitins, inter alia are aimed at ensuring frmulatin f apprpriate risk management plicies and prcedures, their effective implementatin and independent mnitring and reprting by Internal Audit.
- A cmbinatin f centrally issued plicies and divisinally evlved prcedures brings rbustness t the prcess f ensuring business risks are effectively addressed. - Apprpriate structures have been put in place t effectively address the inherent risks in businesses with unique / relatively high risk prfiles. - A strng and independent Internal Audit Functin at the crprate level carries ut risk fcused audits acrss all businesses, enabling identificatin f areas where risk managements prcesses may need t be imprved. The Audit Cmmittee f the bard reviews internal Audit findings, and prvides strategic guidance n internal cntrls. Mnitrs the internal cntrl envirnment within the Cmpany and ensures that Internal Audit recmmendatins are effectively implemented. The cmbinatin f plicies prcesses as utlined abve adequately addresses the varius risks assciated with yur Cmpany s businesses. The senir management f the Cmpany peridically reviews the risk management s framewrk t maintain its cntemprariness s as t effectively address the emerging challenges in a dynamic business envirnment. ROLES AND ACCOUNTABILITIES IN RISK MANAGEMENT Every staff member f the Organisatin is respnsible fr the effective management f risk including the identificatin f ptential risks. Management is respnsible fr the develpment f risk mitigatin plans and the implementatin f risk reductin strategies. Risk management prcesses shuld be integrated with ther planning prcesses and management activities. Training and facilitatin will, in the first instance, be the respnsibility f the Office f Internal Audit/Risk Manager in cnjunctin with the Office f Human Resurces. The Bard f Directrs The Directrs shall ensuring that a risk management system is established, implemented and maintained in accrd with this plicy. Assignment f respnsibilities in relatin t risk management is the prergative f the Chairman / Managing Directr r the Bard. Prject In Charge / Business Unit Head Business Unit Heads shall have the prime respnsibility fr the management f risk in their business unit. They shall ensure all the cntractual bligatin, deviatin frm them may result in serius risk n the respective prject and verall prfitability f the Organisatin. This includes the identificatin f risks and actins that mitigate these risks while supprting the business t achieve its bjectives. Senir Executives Senir Executives are accuntable fr strategic risk management within areas under their cntrl including the devlutin f the risk management prcess t peratinal managers. Cllectively the Senir Executives shall be respnsible fr: - Implementatin f this plicy within their respective areas f respnsibility; - The frmal identificatin f strategic risks that impact upn the rganizatinal gal; - Allcatin f pririties; - The develpment f strategic risk management plans; and - Ensuring cmpliance with risk assessment prcedures Chief Financial Officer The CFO f the Cmpany shall ensure the financial stability and will ensure that a risk management plan is cmpleted fr each cmmercial venture. Advice will be sught frm the Internal Auditr n risk management issues in relatin t these matters.
Human Resurces - Head The head f HR shall ensure fr the ccupatinal health and safety and wrkers cmpensatin prtfli, prcedures and administratin. Advice will be sught, as required, frm the Directr Internal Audit/Risk Manager n risk management issues in relatin t these matters. Internal Audit The purpse f the internal audit is t prvide an independent, bjective review f the cmpany s key financial and peratinal cntrls and the effective management f risk. The Internal Auditr shall be accuntable fr the implementatin f this plicy in key areas f the Organisatin, maintaining a prgrammer fr risk reassessment and a Risk Registers fr the Organisatin. Key areas will flw frm the risk management plan develped by Senir Executives. The Internal Audit will prvide advice t the relevant Risk Management Cmmittee n risk management matters pertaining t the Cmpany s financial stability and t ccupatinal health and safety and wrkers cmpensatin issues. External Audit External Audit is respnsible fr prviding an pinin n the truth and fairness f the annual financial reprt. In ding s, they shall assess the management f risk and key internal cntrl systems. General The Bard f Directrs f the Cmpany and the Risk Management Cmmittee shall peridically review the risk management plicy f the Cmpany s that management cntrls the risk thrugh prperly defined netwrk. Head f Departments shall be respnsible fr implementatin f the risk management system as may be applicable t their respective areas f functining and reprt t the Bard and the Audit Cmmittee. The decisin f the Bard f Directrs f the Cmpany with regard t any r all matters relating t this plicy shall be final and binding n all cncerned. The Bard f Directrs f the Cmpany shall have the pwer t mdify, amend r replace this plicy in part r full as may be thught fit frm time t time in their abslute discretin. --------------------