Financial Budgets
A detailed budgeting process has been established requiring all Heads of Department to prepare budgets and business plans annually for
deliberation and approval by the Board. In addition, AAB has a reporting system on actual performance against the approved budgets which
requires explanations for significant variances and plans by Management to address such variances.
Human Capital Management
The Group acknowledges that robust risk management and internal control system is dependent on its employees applying responsibility,
integrity and good judgment to their works. As such, the Group has in place policies and procedures that govern its recruitment, appointment,
performance management, compensation and reward mechanisms as well as policies and procedures that govern discipline, termination and
dismissal of employees.
Limits of Authority
The Group documented its Limits of Authority (“LOA”) clearly defining the level of authority and responsibility in making operational and
commercial business decisions. Approving authorities cover various levels of Management and the Board. The LOA is reviewed regularly and
any amendments made must be tabled to and approved by the Board. The latest version of LOAwas approved by the Board in November 2017.
Moving forward, AAGB would adopt the same LOA.
Insurance
The Group maintains adequate insurance and physical safeguards on assets to ensure these are sufficiently covered against any incident
that could result in material losses. Specifically, the Group maintains the Group Aviation Insurance which provides coverage for the following:
●
Aviation Hull and Spares All Risks and Liability;
●
Aviation Hull and Spares War and Allied Perils (Primary and Excess);
●
Aircraft Hull and Spares Deductible; and
●
Aviation War, hijacking and other perils excess liability (Excess AVN52).
Information Security
Information Technology (“IT”) security protects information from a wide range of threats as well as safeguards the confidentiality, integrity
and availability of information. IT security in the Group is achieved through a set of controls which includes policies, standards, procedures,
guidelines, organisation structures and software control functions.
The Group acknowledges the importance of leveraging IT to promote effectiveness and efficiency of business operations. However, heavy
reliance on IT may pose emerging cyber security threats. In response to such threats, the Group has a Cyber Risk Management programme
through which it -
●
has established an Information Security Management System to design, implement and maintain a coherent set of policies and processes
to manage information risks; and
●
conducts penetration tests, system vulnerability assessments and reviews to minimise IT security incidents.
[ ]
AirAsia Group Berhad
REPORTS AND FINANCIAL STATEMENTS
201