Risk Management

Max Energy strongly believes that by identifying possible risks and managing them appropriately, company can sidestep the potential risk, minimize the impact and maximize the business opportunities.

As a subsidiaries of Max Myanmar, the review of effectiveness of internal control and the report to the shareholders should be from the perspective of the group as a whole.

Objectives of Risk Management and Internal Control

  • Reflect sound business practices whereby risk management and internal control systems are embedded in business processes by which a company pursues its strategic and operational objectives.
  • Remain relevant over time in the continually evolving business environment.
  • Enable each company to apply this guidance in a manner which is suitable to it and takes company specific circumstances into account.
  • A company’s risk management and internal control systems have key roles in the management of risks that are significant to the fulfillment of its business objectives. A sound system of internal control contributes to safeguarding the shareholders’ investment and the company’s assets.
  • Enterprise risk management enables management to identify, assess, and manage risks in the face of uncertainty, and is integral to value creation and preservation. Enterprise risk management is most effective when these mechanisms are built into the entity’s infrastructure and are part of the essence of the enterprise. By building in enterprise risk management, an entity can directly affect its ability to implement its strategy and achieve its mission.
  • Risk management and internal control systems are an integral part of enterprise risk management. This enterprise risk management framework encompasses internal control, forming a more robust conceptualization and tool for Max Myanmar’s management.
  • Internal control facilitates the effectiveness and efficiency of operations of Max Myanmar and its subsidiaries and it also helps ensure the reliability of internal and external reporting and assists compliance with laws and regulations.
  • The objectives of Max Myanmar Group, its internal organization and the environment in which it operates are continually evolving and, as a result, the risks it faces are continually changing. Sound risk management and internal control systems therefore depend on a thorough and regular evaluation of the nature and extent of the risks to which the company is exposed. Since profits are, in part, the reward for successful risk-taking in business, the purposes of risk management and internal control systems are to help manage and control risk appropriately rather than to eliminate it.

Risk management and Internal Control Procedures

The risks of company shall be identified with respect to its major work activities from business activities and office activities are consolidated to form the register of risks. Information reviewed for risk identification shall include but is not limited to the following:
  • Work process flow and procedures;
  • Legal requirements/ non-statutory guidance notes;
  • General specifications and Particular specifications;
  • Observations in site inspections;
  • Records of complaints and/or non-compliance;
  • Past monitoring records; and
  • Records for past management reviews and/or audits;
  • Feedback of interested parties;
  • Consideration of interested parties needs and expectation;
  • Local authority’s issues.

Evaluation of Risks and Updating the Register of Risks

Risks have been filtered by the following table which levels the probability and consequence of each activity. If the multiplication of the probability and consequence are above the scales of 16, it is considered that the risk is high and it has to be controlled by HODs monthly review.
Probability Consequence Mark
1 Rare happen once every 5 or 10 years Limited risk (0-5) Negligible
2 Rarely happen once a year Low risk (6-10) Low Risk
3 Monthly happen Medium risk (11-15) Medium
4 Weekly Serious risk (16-25) High Risk
5 Daily/ always during operation Very serious risk

The QMS Committee shall identify risks, opportunities and evaluate with the aid of the evaluation criteria method as above to cover the process/ activity where the aspect is identified, a brief description of the aspect, the expected to result from the risk, score of the impacts based on the evaluation criteria, the control mechanism for each risk; present control, reduce/ remove actions, responsible persons and opportunities.

All employees of Max Energy have some responsibility for internal control as part of their accountability for achieving objectives. They, collectively, should have the necessary knowledge, skills, information, and authority to establish, operate and monitor the system of internal control. This will require an understanding of the company, its objectives, the industries and markets in which it operates, and the risks it faces.

Enterprise Risk Management

Enterprise Risk Management