• Sets out KPS Berhad’s definition of risk, enterprise risk management and key principles that all divisions, departments, subsidiaries and associate must adhered to.
• Sets out the foundations and arrangements that KPS Berhad will adopt consistent with the ISO31000:2018, Risk Management Guidelines in embedding the risk management process throughout KPS Berhad including subsidiaries.
• Enterprise Risk Management ("ERM") Reporting and Monitoring Structure which facilitates the process of communicating risk related information and ensuring effective oversight of risks and risk management activities throughout the organisation.
• A structured ERM processes that are consistent with the ISO31000:2018 - Risk Management Guidelines tailored to KPS Berhad risk appetite.

• ERM creates and protect value
• ERM is an integral part of KPS Berhad decision making processes
• ERM explicitly addresses uncertainty
• ERM is systematic, structured and timely
• ERM is based on the best available information
• ERM is tailored to KPS Group’s needs
• ERM takes human and cultural factors into account
• ERM is transparent and inclusive
• ERM is dynamic, interactive and responsive to change
• ERM facilitates the continuous improvement process at KPS Group

This Policy applies to KPS Group collectively for implementing the ERM policy across KPS Berhad and all subsidiaries.

• Keep the Board of KPS Berhad informed and advised of all aspects of ERM and significant key risk areas and emerging risk as the need arises.
• Continuously enhance the risk awareness and understanding amongst KPS Group’s Senior Management and staff.
• Provide guidance for the establishment and effective implementation of ERM processes in including establishing proper risk structure and strategy, a process to identify, analyse, evaluate, treat, communicate and monitor risk.
• Embedded into the day to day decision making process.