We have identified major risk categories that relate to our business and within these categories specific key risks are identified. We manage risk internally at key risk level
We have a clear structure to enable us to identify the above risks throughout the business which fits in with the ‘three lines of defence’ Governance approach to risk which can be summed up as follows.
Almaseer operates a ‘3 lines of defence’ approach to risk management, as detailed in the diagram below
The ‘3 lines of defence’ model allows the Al-Maseer board to demonstrate the independence of the risk monitoring and oversight function from the risk taking business departments, as well as providing a fully independent internal audit. This governance arrangement is supported by the systems of risk management and internal control.
The model operates as follows;
- Staff in the first line of defence have direct responsibility for the management and control of risk (staff and management working within or managing operational areas)
- Staff in the second line of defence co-ordinate, facilitate and oversee the effectiveness and integrity of the risk management framework)
- Staff in the third line of defence provide independent assurance and challenge across all business functions in respect of the integrity and effectiveness of the risk management framework (i.e. internal and external audit).