Annual Report 2024

143 2024 Annual Report Transport International Holdings Limited The Group’s risk management structure is as follows: Risk rating is determined by Impact and Vulnerability. A dynamic risk rating matrix, using both quantitative and qualitative factors, is used to assess risk. A Key Risk Indicators Report (“KRI Report”) is submitted to the Audit and Risk Management Committee three times a year. The Group’s major risks as identified by the Management are listed in the KRI Report, along with a comprehensive profile of such risks and the monitoring mechanisms established by the Management. TIH Risk Management Framework Internal Audit Internal Audit Board of Directors Evaluates and provides direction to the Group on the nature and extent of the risks involved in achieving its strategic objectives (i.e. setting the Risk Appetite). Ensures that the effectiveness of the risk management and internal control systems is reviewed. Audit and Risk Management Committee Ensures that the Risk Management Taskforce (“RMTF”) and Business Lines have fulfilled their duties in establishing and maintaining an effective risk management programme. Reviews the KRI Reports three times a year. Risk Management Taskforce (“RMTF”) Comprises the Operations Director, Administration Director, Finance Director, Safety Director and Head of Legal Department. The RMTF is chaired by the Operations Director. Maintains an oversight of the Group’s risk management system, framework and programme. Proposes necessary enhancements, including those required to fulfil the statutory requirements of regulators or governance bodies, at least once a year for approval by the Board. Reviews and/or approves the Risk Inventory in the risk management programme, and monitors the KRI Reports. Ensures that the Group’s Business Lines allocate sufficient resources to carry out risk management exercises. Individual Department Head/Director (Collectively Referred to as “Business Lines”) Develops policies and controls to effectively embed the Group’s risk management direction into daily operations. Promotes a risk management culture among staff in the Business Lines, ensuring compliance with risk management policies and procedures in daily operations. Identifies the risks associated with business activities (including new business) within his/her own Business Lines, and implements appropriate action plans to manage the identified risks and opportunities.