101
AirAsia X Berhad • Annual Report 2014
Risk Management Process
There are four (4) steps within the risk management process in AAX. At each stage, there
are distinct decisive factors to be considered before the next stage is reached. A structured
framework approach to risk management that incorporates all the necessary steps was
developed. These steps are depicted in Figure 1 below.
Figure 1: AAX Risk Management Process Diagram
Conclusion
The Board is of the opinion that the Group’s Risk Management System is effective and
functioning adequately, and that everyone in the Group has been made aware of and alert
to the requirements of the system and its procedures. The Board has acknowledged that all
identified risks are being managed to an acceptable level, and that the system is proficient
in helping to keep the Group in line with its long term goals and objective. To facilitate
the aforementioned process, AAX uses a web-based risk management information system,
namely RedRadar. The objectives of RedRadar are to capture risk information i.e. roots
causes and consequences of identified risks, the existing controls and its effectiveness, as
well as proposed management actions to mitigate these risks which will be performed by
the appointed risk owners.
The Board also monitors the progress of implementation plan and the level of risk rating on
quarterly basis. As of December 2014, there are a total of thirty (30) identified risks for AAX
which categorised as follows:
No
Type of Risk
Net Risk Rating
High
Medium Low
1 Business Development
0
1
0
2 Commercial
1
1
1
3 Routes & Regulatory
1
1
0
4 Legal
1
4
1
5 Engineering
0
1
0
6 Ground Operations
0
3
0
7 Flight Operations
0
1
0
8 Safety & Security
1
2
0
9 Finance
1
3
1
10 People
0
3
0
11 ICT
0
2
0
Internal Control
Key elements of the Company’s internal control system, including the processes in place to
review its adequacy, are as follows:
Control Environment
The internal control mechanism is embedded in the various work processes and procedures
at appropriate levels in the Company especially for operations activities. The work
processes and procedures for flight operations and ground operations are documented in
Flight Operations Manuals and Ground Operations Manuals respectively. These manuals
assist in ensuring continuity of best practice and effective control of various tasks in
operations. Continuous efforts are also being undertaken by the heads of departments to
review and update the manuals regularly or when it is deemed necessary.
Organisational Structure
AAX has a well-defined organisational structure that is aligned to its business and
operational requirements. Each strategic operating function is headed by a responsible
Departmental Head. Clear lines of accountability and responsibility, approval, authorization,
and control procedures have been laid down and communicated throughout AAX.
People Department
AAX believes that the key strategy to maintain business growth in an environment of
intense competition is to enhance the operational efficiency and productivity of human
capital. Thus, formal appraisal process namely Performance Review Appraisal Process using
Performance Appraisal Form and guided by Expectations, Goals and Measurements (EGM)
provide a framework to translate and align the strategy of human capital development
to the Group’s Strategic Plan. It is also being used as a performance measurement tool.
AAX continued to emphasise on the talent and competencies of employees by establishing
Talent Management Framework.
1
2
3
4
Identify Risk
• Identify Risk
• Determine Cause &
Consequences
Assess Risk
• Determine Likelihood
& Impact
• Identify controls
& effectiveness
• Risk rating & profiling
Mitigate Risk
• Prioritise Risk
• Determine
treatment option
• Formulate
treatment plan
Monitor and
Reporting
• Monitor & review
risk profiles
• Track action plans
• Periodic reporting
STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL
