Page 126 - KWAP_AR2022
P. 126

124            KUMPULAN WANG PERSARAAN (DIPERBADANKAN)  FoR BEttER GovERNANcE




                                                 RISK MANAGEMENT
                                                  AND COMPLIANCE


          In 2022, the fraud and corruption risk assessment   The objectives of BCM exercises and programmes were
          workshops  were conducted  collaboratively  by  those  two   to:
          departments. The two departments continued to instil the
          awareness on fraud and corruption risk during training   i.   Simulate the real scenario of BCM activation for KWAP
          programmes and challenge sessions with all departments.   personnel;
                                                            ii.   Readiness of departmental Business Continuity Plan
          Moving forward, we will continue to:
                                                               (BCP) in responding to any BCM activation;
          i.   Strengthen fraud risk governance framework in KWAP
             by periodically reviewing the fraud risk management   iii.   Ensure departmental Business Impact Analysis (BIA) is
             policy and guidelines;                            relevant and up-to-date;
                                                            iv.   Ensure system recovery strategy is aligned with
          ii.  Conduct continuous training and awareness for a
             strong culture on anti-fraud and anti-corruption within   KWAP’s operations;
             KWAP; and                                      v.  Readiness  of  all  systems  at  alternate  site

          iii.  Actively address KWAP’s vulnerabilities to internal   KWAP-Kuala Lumpur Office to KWAP-Cyberjaya Office
             and  external  fraud  and  corruption  risk  through   and vice-versa;
             periodic fraud and corruption risk assessment for all   vi.  Ensure basic infrastructures such as IT hardware/
             departments and subsidiaries.                     software, devices function properly at the alternate

          BUSINESS CONTINUITY MANAGEMENT                       site;

          Business Continuity Management (BCM) has always been   vii.  Verify  system  capabilities  based  on  accessibility  and
          essential to KWAP in responding to the internal or external   functionality;
          threats to the organisation. In 2022, in line with its business   viii  Ensure employees’ telephone numbers are correct and
          expansion, KWAP has conducted several BCM exercises   updated; and
          and programmes:
                                                            ix.  Measure the ability to resume business  operations
          •   BCM Exercise involving critical system and business   within the stipulated timeframe based on criticality of
             functions in a live and non-live environment.     business functions.
          •   Call Tree Exercise.                           BCM  exercises  were  successfully  conducted  throughout

                                                            2022 which not only test the continuity of KWAP operations
          •   Mobilisation  of  KWAP  personnel  to  alternate  site  to
             perform system recovery and critical business functions.   through crisis scenarios, but also successfully identified
                                                            weaknesses and gaps for which workarounds are devised
          •   Implementation  of  split  team  arrangement  due  to   as well as more strategic long-term fixes.
             COVID-19 situation.
   121   122   123   124   125   126   127   128   129   130   131