Beruflich Dokumente
Kultur Dokumente
1. Goal : To ensure that all risks that threatened the accomplishment of of the Merger objectives i.e. value creation
are mitigated.
1. Strategic : (External) TBA
Objective
Description :
Owner :
Reference : Ei1101
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To ensure that CEO is the only N/A 17 Apr 2006 17 May 2006 0%
spokesperson for the
organization
Page 1 of 112
2. Risk Factor : Fs4-2: Media Risk
Description :
Owner :
Reference : Ei1102
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To ensure that media buys are N/A 17 Apr 2006 17 May 2006 0%
well coordinated through one
department, the corporate
communications department
Page 2 of 112
3. Risk Factor : Fs4-3: Event Scheduling Risk
Description :
Owner :
Reference : Ei1103
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To ensure that event dates are N/A 17 Apr 2006 17 May 2006 0%
well coordinated through the
corporate communications
department
Page 3 of 112
2. Strategic : (Regulatory (Compliance)) TBA
Objective
1. Risk Factor : Fs3A-2: Statutory Risk – BNM might not favor the decision of reducing takaful benefits
resulting injection of capital from Shareholders
Description : FS3.28 Addressing Takaful Annuities Benefits - Actuarial (Life)
Update Note:
Review from earlier risk factor based on 20060410 Risk Compilation v4: Fs3A-3: Statutory
Risks – Regulators might step in to impose special conditions since this is a nationwide interest
Owner :
Reference : Ri1102
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Notify and explain to BNM of N/A 13 Apr 2006 30 Jun 2006 0%
new product feature to reduce
benefits
Page 4 of 112
2. Risk Factor : Vc5-Brn5: Unfavorable New Insurance Act
Description : Possible new Insurance Act’s statutory requirements which might adversely effect the business
and operations at the branches
Owner :
Reference : Ri1103
Risk Theme :
Cause : 1. New changes to the Act might require new Cause Category
operational procedure
2. New changes to the Act might also require
changes to business processes
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Corporate Planning to assist N/A 17 Apr 2006 31 May 2006 0%
on feasibility study for
management decision
Page 5 of 112
3. Risk Factor : Vc6-5: Reputational & regulatory non-compliance risk, in the absence of capability of Syariah
unit
Description : Investment management for Takaful funds may have a potential of syariah non-compliance
due to the absence of capability separate syariah compliance unit
Owner :
Reference : Ri2101
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Establishment of separate syariah N/A
compliance unit under merged investment
management department
Controls Effectiveness
Control Likelihood Satisfactory
Control Impact Good
Target Rating
Target Likelihood Rare QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Effective selection process (in N/A 27 Apr 2006 30 Jun 2006 0%
terms of staffing for syariah
compliance unit)
Page 6 of 112
3. Strategic : (Corporate Governance (Strategy)) TBA
Objective
1. Risk Factor : Vc5-EC3: Failure to realize potential from MBB’s SMI/SME base
Description : To further capture the Maybank’s SMI/SME customers ( who are not yet being covered under
MFB Group )
Owner :
Reference : Gi1101
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Aggressive strategy of N/A 17 Apr 2006 01 Jul 2006 0%
executing value proposition
Page 7 of 112
2. Risk Factor : Vc5-EC5: Failure to develop a core marketing team
Description : The failure to develop a core marketing team to handle the sales & marketing reqd. of the MFB
Group
Owner :
Reference : Gi1102
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To identify and develop talent N/A 27 Apr 2006 01 Jul 2006 0%
pool early
Page 8 of 112
3. Risk Factor : Vc5-Brn1: Loss of key branch resources
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Obtain empowerment to retain N/A 17 Apr 2006 17 May 2006 0%
resources
Page 9 of 112
4. Risk Factor : Vc5-S/MS1- Disruption of planned activities / calendar
Description :
Owner :
Reference : Gi1104
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Obtain full picture of current N/A 17 Apr 2006 17 May 2006 0%
calendar
Page 10 of 112
5. Risk Factor : Vc5-S/MS3: Ineffective coordination among entities
Description :
Owner :
Reference : Gi1105
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Regular consultation and/or N/A 17 Apr 2006 17 May 2006 0%
meetings
Page 11 of 112
6. Risk Factor : Vc5-AG8: Lack of focus in Group Agency business development
Description : Need to improve the management of Group Agency business development
Owner :
Reference : Gi1106
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To recognize group business N/A 25 Apr 2006 25 May 2006 0%
performance (e.g. overseas
convention, club qualifiers)
Preventive To provide / strengthen N/A 25 Apr 2006 25 May 2006 0%
leaders management skill (e.g.
MII agency management
course)
Corrective To refocus & re engineer in N/A 25 Apr 2006 25 May 2006 0%
managing direct agents Action
Plan 3
Page 12 of 112
4. Strategic : (Financial) TBA
Objective
1. Risk Factor : Vc6-1: Not able to establish Mayban Fortis’ Investment Framework for MNI & TN
Description : The approved Investment Management Framework as current requirement in Mayban Fortis
may have a potential of non-adoption by MNI & TN
Owner :
Reference : Fi1101
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Adoption of Financial Risk Management N/A
framework (including the Investment
Management Guidelines)
Controls Effectiveness
Control Likelihood Good
Control Impact Good
Target Rating
Target Likelihood Rare QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Setting up joint Asset-Liability N/A 27 Apr 2006 30 Jun 2006 0%
Management Committee
(ALCO)
Preventive Asset-Liability Management N/A 27 Apr 2006 30 Jun 2006 0%
(ALM) analysis for each of MNI
& TN’s funds
Page 13 of 112
2. Risk Factor : Vc6-3: Non alignment of asset class mix as according to the strategic, maximum & minimum
asset mix
Description : Different methodology in terms of investment management for various entities may lead to
misalignment of investment strategy with regards to investment strategic mix as defined in
ALM framework
Owner :
Reference : Fi1102
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Compliance monitoring (in terms of N/A
investment strategic mix, including
maximum & minimum limits)
Controls Effectiveness
Control Likelihood Good
Control Impact Good
Target Rating
Target Likelihood Rare QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Compliance reporting to N/A 27 Apr 2006 31 Dec 2007 0%
various committees and
boards (ALCO, RMC, IC,
Boards)
Page 14 of 112
3. Risk Factor : Vc6-4: Non optimization in fixed income portfolio investment
Description : The different methodology in terms of managing credit risk for fixed income investment in
separate entities may result in non-optimization of the fixed income investment within
allowable limit (60% in terms of AA and higher rated instruments)
Owner :
Reference : Fi1103
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Compliance monitoring (in terms of credit N/A
risk assessment by funds)
Controls Effectiveness
Control Likelihood Good
Control Impact Good
Target Rating
Target Likelihood Rare QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Compliance reporting to N/A 27 Apr 2006 27 May 2006 0%
various committees and
boards (ALCO, RMC, IC,
Boards)
Page 15 of 112
4. Risk Factor : Vc8-4: Financial Risks – Take up rate on free-up space
Description : Huge space to be vacated
1. MNI Twins at 140k sq ft
2. BDZ at 65k sq ft
3. Potential reduction of occupancy retention rate on existing tenancy (non MIG
)
Owner :
Reference : Fi1104
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Detective Establishment of marketing strategy On going N/A
Detective Continuous update and communication to; On going N/A
1. Property brokers on marketing plan
2. Existing tenant/s on flexible package
Controls Effectiveness
Control Likelihood Some Weaknesses
Control Impact Some Weakness
Target Rating
Target Likelihood Possible QA
Target Impact Major
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Implementation of proper and N/A 25 Apr 2006 25 May 2006 0%
effective marketing strategy
Preventive Temporary/interim risk taking N/A 25 Apr 2006 25 May 2006 0%
to relocate staff at vacated
floor
Preventive To offer attractive tenancy N/A 25 Apr 2006 25 May 2006 0%
package to retain the existing
tenant
Page 16 of 112
Page 17 of 112
5. Risk Factor : Fs3F-3: Prolonged completion leading to higher costs
Description :
Owner :
Reference : Fi1105
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Detective Active project plan with clear N/A 06 Apr 2006 06 May 2006 0%
milestones and prompt issues
resolution
Page 18 of 112
6. Risk Factor : Fs3A-1.1: Business Risk – Reputational risk of Takaful if benefits are reduced subsequently not
matching the ‘PRE’
Description : FS3.28 Addressing Takaful Annuities Benefits - Actuarial (Life)
Note:
Fs3A-2: Business Risks – Loss of revenue due to negative perception of the model and fulfilling
PRE is merged into FS3A-1.1 based on 20060410 Risk Compilation v4.
Owner :
Reference : Fi1106
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Detail comprehensive N/A 06 Apr 2006 06 May 2006 0%
communications and
explanation plan
Preventive The front-liner N/A 13 Apr 2006 30 Jun 2006 0%
(Marketing,Agents,Corporate
Communications) be made
aware of the decision to
reduce benefits
Page 19 of 112
7. Risk Factor : Vc5-EC4: Failure to increase share of wallet
Description : Failure to increase business from existing customers by widening the products being offered &
sell to the customers
Owner :
Reference : Fi1107
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To set joint-market approach N/A 17 Apr 2006 01 Jul 2006 0%
of customers soon
Page 20 of 112
8. Risk Factor : Vc5-AD2: Low take-up rate
Description :
Owner :
Reference : Fi1108
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Refine database N/A 17 Apr 2006 17 May 2006 0%
Page 21 of 112
9. Risk Factor : Fs3-PB2: Failure to meet the Maybank Group’s deadlines
Description :
Owner :
Reference : Fi1109
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Desktop exercise to finalise N/A 17 Apr 2006 17 May 2006 0%
budget
Page 22 of 112
10. Risk Factor : Fs3-Fs3.29-2: Financial Risk – internal assessment may be conservative considering data
issues, hence may result in high IBNR reserve
Description : Note: FS3 Finance & Risk Management – FS3.29 Aligning MNI & TN IBNR Data for Reserving
Period Ending 30 June - Actuarial (General)
Owner :
Reference : Fi1110
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive A consultant may be able to N/A 17 Apr 2006 17 May 2006 0%
provide more accurate
estimate, and release margin
due to conservatism
Page 23 of 112
11. Risk Factor : Vc5-AG9: Lower than industry in persistency ratio
Description : High surrendered cases among policy holders especially in the first two years of the policy
term (Pls indicate the statistics). Currently stands at more than 1000 surrended cases per
month in TN alone
Owner :
Reference : Fi1111
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To establish Customer N/A 25 Apr 2006 25 May 2006 0%
Conservation Unit
Preventive To implement a consistent N/A 25 Apr 2006 25 May 2006 0%
agent disciplinary
conducts/enforcement
Preventive To incorporate persistency N/A 25 Apr 2006 25 May 2006 0%
ratio in agency promotion and
incentive programs
Preventive Suggested KRI N/A 25 Apr 2006 25 May 2006 0%
Page 24 of 112
5. Strategic : (Customers (Business)) TBA
Objective
Owner :
Reference : Ci1101
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Detective Usage of Maybank facilities. N/A
Controls Effectiveness
Control Likelihood Some Weaknesses
Control Impact Some Weakness
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Formulation of Branch SLA N/A 27 Apr 2006 27 May 2006 0%
Preventive Plan for agency awareness N/A 27 Apr 2006 27 May 2006 0%
program on alternative
facilities i.e. self service
facilities, Channel, I Pos etc at
branch level
Preventive To clearly identify all N/A 27 Apr 2006 27 May 2006 0%
processes handled at branch
and find alternative avenues
without reducing SLA. Work
with all Sales and Marketing
team.
Preventive Plan for outsourcing/ N/A 27 Apr 2006 27 May 2006 0%
centralization of function
alternative strategy
Page 25 of 112
Page 26 of 112
2. Risk Factor : Vc2-4: Integrating Takaful with conventional becomes an opportunity to our competitors.
Description : Competitors will exploit the sentiment that TN is not incompliance with Shariah, due to mixture
of conventional front & back end processes.
Owner :
Reference : Ci1102
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Purity campaign by TN N/A
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Some Weakness
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To propose for a team (consist N/A 27 Apr 2006 27 May 2006 0%
of branch and agency team) to
look into proposal to segregate
Takaful and non-Takaful
operation
Preventive Ensure that part of purity N/A 27 Apr 2006 27 May 2006 0%
campaign includes
communication policy to staff
on how to respond to queries
with regards to model,
operation etc
Page 27 of 112
3. Risk Factor : Vc4-2: Business Risks – Loss of revenue due to shortcomings in transition to Wakalah
Description : Refer to the possibility of reduced in the business growth due to lower return to the
participants
Owner :
Reference : Ci1103
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Possible QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive The DIP to ensure that a N/A 25 Apr 2006 01 Jul 2006 0%
comprehensive testing and
communications plan is
established prior to transition
points and to conduct phased
rollout
Preventive TN Account Dept to N/A 25 Apr 2006 01 Jun 2006 0%
analyze/study the viability of
the Takaful model. Currently
the study is conducted for
General & Group Family
Takaful.
Page 28 of 112
Page 29 of 112
4. Risk Factor : Vc4-3: Business Risks – Loss of revenue due to unfavorable response of agents and customers
to new fee structure
Description : 1. The MTB wakalah model will reduce the return to the client as opposed to TN’s existing
model
2. The Wakalah model work to MTB due to its share of Maybank’s captive market.
Owner :
Reference : Ci1104
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Likely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Propose to review the current N/A 25 Apr 2006 01 Jun 2006 0%
MTB sharing of surplus ratio
Preventive Test and survey agent and N/A 25 Apr 2006 25 May 2006 0%
customer response to new fee
structure prior to actual rollout
Preventive To review the model based on N/A 25 Apr 2006 25 May 2006 0%
the survey results
Page 30 of 112
5. Risk Factor : Vc5-BA1: Lost of 3rd party banca partners
Description : The loss of 3rd. party business channel i.e other Banks
Owner :
Reference : Ci1105
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Develop 2-3 integrated banca N/A 17 Apr 2006 30 Jun 2007 0%
relationships
Page 31 of 112
6. Risk Factor : Vc5-BA2: Banca partners do not accept products
Description : Non acceptance of the bancassurance products to be offered through the Banca partners.
Owner :
Reference : Ci1106
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Ensure buy-in by educating N/A 17 Apr 2006 30 Sep 2006 0%
and/or promoting
Page 32 of 112
7. Risk Factor : Vc5-BA3: Banca partners disagree on rollout timing
Description : The timing or launch date might not be agreeable to the Banca partner.
Owner :
Reference : Ci1107
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Early involvement of partners N/A 17 Apr 2006 30 Sep 2006 0%
Page 33 of 112
8. Risk Factor : Vc5-AG5: Rejection by Takaful agents
Description : Related to the perception about Takaful business operation and issue of purity of takaful
business conduct
Owner :
Reference : Ci1108
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Plan training and incentive N/A 17 Apr 2006 30 Jun 2006 0%
schemes
Preventive To ensure to separate the two N/A 25 Apr 2006 25 May 2006 0%
agency force entity i.e. takaful
ans conventional agents
Page 34 of 112
9. Risk Factor : Vc5-AG6: (KIV) Agents lose focus on life business
Description :
Owner :
Reference : Ci1109
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Develop communication plan N/A 17 Apr 2006 17 May 2006 0%
and develop min. hurdles for
life products
Page 35 of 112
10. Risk Factor : Vc5-EC1: Lost of key (top 25) customers
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Ensure visitation on merger N/A 17 Apr 2006 01 Jul 2006 0%
update; involve CEO in client
relationship; constant
communication
Page 36 of 112
11. Risk Factor : Vc5-EC2: Failure to capture the 200 MBB large customers
Description : To further capture the 200 Maybank’s major customers ( who are not yet being covered by
MFB Group )
Owner :
Reference : Ci1111
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Aggressive strategy of N/A 17 Apr 2006 01 Jul 2006 0%
executing value proposition
Page 37 of 112
12. Risk Factor : Vc5-S/MS4: Lack of preparedness of agency force
Description :
Owner :
Reference : Ci1112
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Early preparation and N/A 17 Apr 2006 17 May 2006 0%
communication with agents
Page 38 of 112
13. Risk Factor : Fs3-Fs3.25-2:Business Risk – MNI’s carried forward surplus reduced substantially if MLA’s
bonus allocation practice is adopted
Description : Note: FS3 Finance & Risk Management – FS3.25 Aligning Various Bonus Practices of
Participating Policies - Actuarial (Life)
Owner :
Reference : Ci1113
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Adopt MNI’s bonus allocation N/A 17 Apr 2006 17 May 2006 0%
practice
Page 39 of 112
14. Risk Factor : Fs3-Fs3.26-1:Business Risk – Valuation basis affects surplus arising in the life funds and ROSF
Description : Inconsistent valuation basis / practice is not reasonable and difficult to justify
Note: FS3 Finance & Risk Management – FS3.26 Alignment of Differing Valuation Bases -
Actuarial (Life)
Owner :
Reference : Ci1114
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Review valuation basis for N/A 17 Apr 2006 17 May 2006 0%
common items where the basis
is not stipulated in the
Insurance Act
Page 40 of 112
15. Risk Factor : Vc5-AG10: Uncompetitive Agency Value Propositions
Description : Poor Agency Value Propositions planning and budgeting
Owner :
Reference : Ci1115
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Rare QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Conduct thorough market N/A 27 Apr 2006 27 May 2006 0%
research and develop
competitive and innovative
agency value propositions and
budget
Page 41 of 112
16. Risk Factor : Vc5-AG11: Ineffective Agency Training
Description : Ineffective Agency Training Plan
Owner :
Reference : Ci1116
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Conduct training need analysis N/A 27 Apr 2006 27 May 2006 0%
and develop appropriate
training program and calendar
for the different categories of
agents.
Page 42 of 112
6. Strategic : (Products and Services) TBA
Objective
1. Risk Factor : Vc5-BA5: Product cannibalization by 3rd party banca sales force
Description : Products not being pushed due to issues of the 3rd. party Banca sales force
Owner :
Reference : Pi1102
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Ensure adequate product N/A 27 Apr 2006 30 Sep 2006 0%
features differentiation
Page 43 of 112
2. Risk Factor : Vc5-BA6: Low take-up rate for motor takaful
Description : Low take up rate for motor takaful cover through the 3rd. party bancassurance channel.
Owner :
Reference : Pi1103
Risk Theme :
Consequence : Motor takaful product sales target not met. Consequence Category
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Promotion campaign and work N/A 27 Apr 2006 27 May 2006 0%
closely with TN banca partners
Page 44 of 112
3. Risk Factor : Vc5-AD4: Cooperatives may opt for MBB products only
Description :
Owner :
Reference : Pi1104
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Page 45 of 112
4. Risk Factor : Vc5-S/MS5: Product ideation and launches delayed due to inappropriate or uncoordinated
product management
Description :
Owner :
Reference : Pi1105
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Work very closely with PDC N/A 17 Apr 2006 17 May 2006 0%
and operations; take a
proactive role and monitor the
progress of each product
closely
Page 46 of 112
5. Risk Factor : Vc2-5:Product Development
Description : 1. Product development to the respective market segment
2. Possibility that own products from different areas ( conventional and takaful ) will
cannibalize each other due to the establishment of composite branch
Owner :
Reference : Pi7101
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Ensuring the effectiveness of Product N/A
Development Committee of Mayban Fortis
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Market analysis to be N/A 27 Apr 2006 27 May 2006 0%
undertaken to support
marketing and sales strategy
which will drives product
specification and development.
Page 47 of 112
7. Strategic : (Suppliers (Business)) TBA
Objective
Owner :
Reference : Si1101
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Objective vendor selection process As Appropriate N/A
Preventive IT to vet through the contract to ensure As Appropriate N/A
that comprehensive arrangement for each
vendor selected i.e. in term of resources
quality and replacement availability
Preventive To consider multiple vendor for various As Appropriate N/A
projects
Preventive Contract to include penalty clauses As Appropriate N/A
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To liaise with legal to consider N/A 25 Apr 2006 25 May 2006 0%
for favourable spread for the
payment term to vendor
Page 48 of 112
8. Strategic : (Human Capital (People)) TBA
Objective
1. Risk Factor : Vc3-4: People Risks – Internal resistance to process harmonization between takaful and
conventional operations
Description : No in depth understanding and awareness of staff on management structure on takaful and
conventional operations
Owner :
Reference : Hi1101
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Prepare communications strategy to On going N/A
address staff concerns and issues ie formal
communication via Townhall session,
Newsletter etc
Preventive Generate feedback from staff On going N/A
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Rare QD
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Formalize training and related N/A 06 Apr 2006 06 May 2006 0%
knowledge sharing
program/session on Takaful
and conventional requirements
to staff
Page 49 of 112
2. Risk Factor : Vc4-1: Personnel Risks – Failure to effectively educate and train staff, agents and customers
on the changes
Description : 1. Takaful operation to change from modified mudharabah to wakalah.
2. Is correct wakalah model used for the integration as per Saudi scholar fatwa.
3. Legitimacy/permissibility of the wakalah concept used.
4. Given the wakalah model is finalized.
Owner :
Reference : Hi1102
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Establishment of training department N/A
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To ensure that a N/A 25 Apr 2006 15 Jun 2006 0%
comprehensive training is
considered in preparing the
Detailed Implementation Plan
(DIP).
Preventive Training department to N/A 25 Apr 2006 25 May 2006 0%
develop a comprehensive
communications, and training
plan (specific module) to
address on Takaful model
Preventive To prepare plan for the N/A 25 Apr 2006 25 May 2006 0%
establishment of the
conservation unit for Takaful
Page 50 of 112
3. Risk Factor : Vc6-2: Unable to integrate investment division for the merged entity
Description : The merger process may have a potential of problems in integrating 3 investment departments
into one merged entity
Owner :
Reference : Hi1103
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Common management (& governance) for N/A
separate departments under merged entity
Controls Effectiveness
Control Likelihood Good
Control Impact Good
Target Rating
Target Likelihood Rare QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Effective selection process (in N/A 27 Apr 2006 30 Jun 2006 0%
terms of staffing)
Page 51 of 112
4. Risk Factor : Fs3F-1: Personnel risk – loss of key staff
Description :
Owner :
Reference : Hi1104
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Identify alternate support staff N/A 06 Apr 2006 06 May 2006 0%
Page 52 of 112
5. Risk Factor : Fs3F-2: Personnel risk – mismatch of competency / talent
Description :
Owner :
Reference : Hi1105
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Identify alternate support staff N/A 06 Apr 2006 06 May 2006 0%
Page 53 of 112
6. Risk Factor : Fs3R-1: Loss of key personnel during the period of integration
Description :
Owner :
Reference : Hi1106
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Corrective Succession program, N/A 06 Apr 2006 06 May 2006 0%
headcount assessment
Page 54 of 112
7. Risk Factor : Fs3R-2: Workload of personnel in the period of integration
Description :
Owner :
Reference : Hi1107
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Priority list, time management N/A 06 Apr 2006 06 May 2006 0%
Page 55 of 112
8. Risk Factor : Vc5-AG4: Implementation problems due to insufficient staff
Description : Additional staff (Development Officers) for an effective agency development program
Owner :
Reference : Hi1108
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Rare QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Work with HR on getting N/A 25 Apr 2006 31 May 2006 0%
Manpower planning. To study
the existing manpower
availibity and compentency
level and to propose to HR as
needed
Preventive To ensure that ADE is N/A 25 Apr 2006 25 May 2006 0%
empowered with enough
authority to implement and
monitor development
programs effectively
Page 56 of 112
9. Risk Factor : Vc5-AD5: Insufficient staff to handle tasks
Description :
Owner :
Reference : Hi1109
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Ensure and pre-plan N/A 17 Apr 2006 17 May 2006 0%
manpower requirement and
prepare back-up data entry
personnel
Page 57 of 112
10. Risk Factor : Vc5-Brn2: Negative response of agents/clients
Description : Negative perception/response by agents/clients due to previous experience etc.
Owner :
Reference : Hi1110
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Formulate strategy to N/A 17 Apr 2006 17 May 2006 0%
communicate to clients/
agents
Page 58 of 112
11. Risk Factor : Fs2-1: Retention of key employees during the merger
Description :
Owner :
Reference : Hi1111
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Design re-recruitment’ N/A 17 Apr 2006 17 May 2006 0%
exercise for key employees:
identify, assess, select and
place –level 3 and level 4 jobs
and implement ‘
Page 59 of 112
12. Risk Factor : Fs2-2: Address employee “me” issues – grade, salary, benefits etc.
Description :
Owner :
Reference : Hi1112
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Harmonise T&C’s of service N/A 17 Apr 2006 17 May 2006 0%
including grades, salary and
benefits
Preventive Migrate all employees to N/A 17 Apr 2006 17 May 2006 0%
common structure
Page 60 of 112
13. Risk Factor : Fs2-3: Maintain employee productivity during and immediately after the merger
Description :
Owner :
Reference : Hi1113
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Assess cultural differences N/A 17 Apr 2006 17 May 2006 0%
Page 61 of 112
14. Risk Factor : Fs3-PB1: Shortage of resources to carry out the tasks
Description :
Owner :
Reference : Hi1114
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Redeployment of personnel N/A 17 Apr 2006 17 May 2006 0%
Page 62 of 112
15. Risk Factor : Fs3-PB3: Confusion over roles and responsibilities during the transition
Description :
Owner :
Reference : Hi1115
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Conducting briefings on the N/A 17 Apr 2006 17 May 2006 0%
planning/budgeting process
and expectations
Page 63 of 112
16. Risk Factor : Fs3-Fs3.24-1: People risks loss of key staff
Description : Note: FS3 Finance & Risk Management – FS3.24 Develop Integrated Actuarial Functions
Owner :
Reference : Hi1116
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Retention program for key N/A 17 Apr 2006 17 May 2006 0%
staff to be agreed on &
implemented
Page 64 of 112
17. Risk Factor : Fs3-Fs3.24-2: People risks – lack of key skills and relevant expertise to support integrated
functions
Description : Note: FS3 Finance & Risk Management – FS3.24 Develop Integrated Actuarial Functions
Owner :
Reference : Hi1117
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Define skills & expertise N/A 17 Apr 2006 17 May 2006 0%
needed to support critical
functions.
Preventive Identify suitable staff (& N/A 17 Apr 2006 17 May 2006 0%
back-up support) for
development & training
Page 65 of 112
18. Risk Factor : Fs3-Fs3.30-2: People Risk – require product knowledge and skill in developing the models.
Description : Note: FS3 Finance & Risk Management – FS3.30 Harmonization of actuarial reports
Owner :
Reference : Hi1118
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Identify suitable staff N/A 17 Apr 2006 17 May 2006 0%
Preventive Ensure precise documentation N/A 17 Apr 2006 17 May 2006 0%
Page 66 of 112
19. Risk Factor : Vc1-IT1: People Risks - IT resources
Description : 1. Loss of key staff to competitors
2. Insufficient staff with key skills & expertise
3. Insufficient staff with execution & leadership capabilities
Note:
- Risk from insufficient /inappropriate staffing imply the inability to allocate a skilled workforce
to the project, regardless of availability.
- The integration is a big scale project and a lot of resources are required.
- The increase need for more human capital resources for the core and non-core system
integration for the enlarged entity.
- The concern is on the ability to retain experienced staff to support throughout the integration
period.
- There is a need for ‘industry knowledge’ to be brought in
Owner :
Reference : Hi1119
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Adoption of Maybank’s System Selection As Appropriate N/A
Criteria.
Controls Effectiveness
Control Likelihood Some Weaknesses
Control Impact Unsatisfactory
Target Rating
Target Likelihood Possible QB
Target Impact Moderate
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To prepare detailed N/A 24 Apr 2006 30 Jun 2006 0%
implementation planning (DIP)
Page 67 of 112
and specific attention will be
provided to address the above
issues
Preventive IT will define skills required for N/A 24 Apr 2006 24 Apr 2006 0%
HR to initiate:
- Hiring and/or training
process
- Retention program
- IT team to focus on detailed
execution and build
capabilities
Page 68 of 112
20. Risk Factor : Vc1-IT4: Execution Risks
Description : Delay or failure in executing critical path merger activities
- The project has many interdependencies. In most cases, projects are dependant on many
milestones.
- Inability of the VCs and FSs to complete the milestones will result in delay or failure of
execution i.e. co-location, site preparation, etc.
Owner :
Reference : Hi1120
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive High awareness of key dependencies and N/A
communication of the same to the whole
project team
Detective IT progress review meeting N/A
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Possible QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To ensure that the DIP N/A 16 Jun 2006 15 Jul 2006 0%
prepared identify and
subsequently properly map all
the critical
paths/dependencies.
Corrective To look into the possibility of N/A 02 May 2006 02 May 2006 0%
using superior project
management tool (Principal
II/Prince II) to replace the
existing manual tools.
Page 69 of 112
Page 70 of 112
21. Risk Factor : VC8-6 - Low staff morale Associated with relocation exercise
Description : Based on estimation, almost 40% of employees will be getting lower/smaller working station
specification
Owner :
Reference : Hi1121
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Establishment of Co-Location Steering As Appropriate N/A
Committee (CLSC) to focus on relocation
related matters
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To recommend “incentive N/A 25 Apr 2006 25 May 2006 0%
package” to lessen/mitigate
the staff low morale issues due
to reduction in size of
workstation specifications
Page 71 of 112
22. Risk Factor : Vc5-AG7: Manpower size at agency – Small manpower size & many part time agents halts the
agency sales model program
Description : To improve and increase productivity 238 “Star” (high-performing) agent’s current FYCP of
RM50K-RM500K by 30% each year.
Small number of Star Agency Group
Owner :
Reference : Hi1122
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Analyse and establish various N/A 25 Apr 2006 25 May 2006 0%
agency groups (segments) -
Star, Average, and Laggard
Preventive Plan and establish agency N/A 25 Apr 2006 25 May 2006 0%
development pograms for each
identified segment
Preventive Roll out pilot program at N/A 25 Apr 2006 25 May 2006 0%
selected branches
Preventive Implement full blown N/A 25 Apr 2006 25 May 2006 0%
development programs to all
branches
Preventive Identify and recruit additional N/A 25 Apr 2006 25 May 2006 0%
staff for agency development
program
Preventive Establish and monitor N/A 25 Apr 2006 25 May 2006 0%
productivity improvement
targets including MDRT
qualifiers
Page 72 of 112
Preventive Allocate budget for agency N/A 25 Apr 2006 25 May 2006 0%
development and incentive
programs
Page 73 of 112
9. Strategic : (Operations (& Systems)) TBA
Objective
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Detective Key users involvement in the IT evaluation On going N/A
team.
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Establishment of a Business N/A 27 Apr 2006 27 May 2006 0%
Analyst Team to look into
system & method, process &
system integration and
implementing best of breed I.T
system solution
Preventive To look into the possibility to N/A 27 Apr 2006 27 May 2006 0%
appoint subject matter expert
consultants to assist and
develop the I.T system
solution
Page 74 of 112
Page 75 of 112
2. Risk Factor : Vc2-2: Meeting the SLA with 3rd parties Bancasurrance partner.
Description : 1. Team expects high impact on the area of banca in regards to expectation by the partners.
2. Other sales channel the impact is relatively low.
Owner :
Reference : Oi1102
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Detective Operation is manage in such a way to cater On going N/A
to respective channel i.e. priority service
team.
Controls Effectiveness
Control Likelihood Very Good
Control Impact Very Good
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Detective PMO should validate the values N/A 06 Apr 2006 06 May 2006 0%
to ensure no duplications
Page 76 of 112
3. Risk Factor : Vc3-1: Operational Risks – Integration impact to service levels
Description : 1. Potential down time and disruption of operations arise during M&A process
2. Lack of system optimization
3. Perception issues from customers (internal & externally
)
Owner :
Reference : Oi1103
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Establishment of VC3 to focus on; As Appropriate N/A
Controls Effectiveness
Control Likelihood Satisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QB
Target Impact Major
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Ensure greater commitment & N/A 06 Apr 2006 06 May 2006 0%
motivation; enhanced
processes & systems;
increased professionalism
Preventive To implement and continuous N/A 27 Apr 2006 27 May 2006 0%
monitoring of the proposed
action plans and strategy
Page 77 of 112
4. Risk Factor : Vc3-2: Operational Risks – Disruption and delays to existing operations
Description : 1. Centralizing process between HQ and branches
2. Harmonizing process between MNI, TN and MF
Owner :
Reference : Oi1104
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Develop action plans for centralization and As Appropriate N/A
harmonization of operations
Preventive Objectives, timelines and project milestone On going N/A
to be tracked
Controls Effectiveness
Control Likelihood Satisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QA
Target Impact Catastrophic
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Full commitment & support N/A 06 Apr 2006 06 May 2006 0%
from management to staff
exposed to integration tasks
Page 78 of 112
5. Risk Factor : Vc3-3: System Risks – Delay in IT, systems or automation initiatives
Description : Identifying one platform to streamline the process and implement high automated
environment
Owner :
Reference : Oi1105
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Develop detailed IT execution plan and As Appropriate N/A
proposed contingency plan and/or work
around solution to cater for potential delay
Preventive Establishment of IT Steering Committee for As Appropriate N/A
M&A exercise (ITSC) to look into IT
direction
Controls Effectiveness
Control Likelihood Satisfactory
Control Impact Some Weakness
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To ensure implementation is N/A 27 Apr 2006 27 May 2006 0%
tracked and monitored
Detective Prepare transition plan to N/A 06 Apr 2006 06 May 2006 0%
account for potential delays
Page 79 of 112
6. Risk Factor : Vc6-6: Non integration of investment management system
Description : Separate investment departments for each different entities may have different investment
system to support each of entities’ current investment activities
Owner :
Reference : Oi1106
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Corrective Initiative under investment management N/A
VC team to integrate investment system
Controls Effectiveness
Control Likelihood Some Weaknesses
Control Impact Some Weakness
Target Rating
Target Likelihood Rare QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Monitoring of initiatives N/A 27 Apr 2006 31 Dec 2007 0%
undergone by the VC team
Corrective To consider alternative system N/A 06 Apr 2006 06 May 2006 0%
Page 80 of 112
7. Risk Factor : Vc8-1: Process/Supplier Risks – Delay in decision making process on finalization of existing
and future engagement of vendor/suppliers
Description : 1. Delay in establishing printed items standard
2. Expiry of vendors/suppliers appointments later than implementation date
3. Expiry of current service providers agreements
Owner :
Reference : Oi1107
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Detective Establishment of project committee to N/A
focus on;
1. Review and document vendors/suppliers
selection process
2. Review of current active agreements
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Close loop communication on N/A 06 Apr 2006 06 May 2006 0%
operations printing strategy
Preventive To prepare detailed N/A 25 Apr 2006 25 May 2006 0%
implementation planning and
execution approach by;
Page 81 of 112
8. Risk Factor : Vc8-2: Project Risks – Delay in relocation exercise
Description : The relocation exercise of MNI and TN Head Office to Dataran Maybank, Bangsar
Owner :
Reference : Oi1108
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Detective Establishment of Co-Location Steering As Appropriate N/A
Committee (CLSC)
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Implementation and N/A 01 Jul 2006 31 Dec 2006 0%
continuous monitoring of the
relocation exercise that need
to be completed by – Dec 31,
2006
Preventive Escalation to Merger N/A 25 Apr 2006 25 May 2006 0%
Management Steering
Committee (MMSC) on out of
control situation
Page 82 of 112
9. Risk Factor : VC8-3: Project Risks – Under scope relocation costing due to omission of unforeseen request
Description : Inadequate relocation budget to meet unforeseen requirements
Owner :
Reference : Oi1109
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Establishment of Co-Location Steering As Appropriate N/A
Committee
Controls Effectiveness
Control Likelihood Satisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To revisit, confirm and seek N/A 25 Apr 2006 25 May 2006 0%
additional budget (if any) from
management
Page 83 of 112
10. Risk Factor : Vc8-5: Project Risks – Underscope Building Maintenance Budget
Description : 1. Maintenance of buildings (Tower A, B & C) at Dataran Maybank currently being handled by
outsourced parties at service fee of RM400k per year
2. Tower B & C directly owned by MIG whereas Tower A owned by MBB – Maintenance issues
Owner :
Reference : Oi1110
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Possible QB
Target Impact Moderate
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To develop the cost benefit N/A 25 Apr 2006 25 May 2006 0%
analysis on Dataran Maybank
Building Maintenance –
Outsourcing Vs Inhouse
Maintenance cost
Preventive To discuss, negotiate and seek N/A 25 Apr 2006 25 May 2006 0%
permission to allow insurance
group to maintain our own
buildings
Page 84 of 112
11. Risk Factor : Fs3R-3: Inaccurate information gathered for the purpose of integration exercise (financial &
insurance risk program)
Description :
Owner :
Reference : Oi1111
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Detective Independent check, reliability N/A 06 Apr 2006 06 May 2006 0%
tests
Page 85 of 112
12. Risk Factor : Vc5-BA4: Delay in approvals from respective authorities
Description : Delay in approval by Bank Negara Malaysia
Owner :
Reference : Oi1112
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Understand requirements early N/A 17 Apr 2006 30 Sep 2006 0%
and then complete fulfillment
Page 86 of 112
13. Risk Factor : Vc5-AG1: High drop-out rate due to lack of monitoring tool
Description : Lacking in monitoring tools that halted agency business development program
Owner :
Reference : Oi1113
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Prioritize development or N/A 25 Apr 2006 30 Jun 2006 0%
acquisition of tool. Agency
Development Division (ADD)
to establish the required
reports and monitoring
requirements and to submit to
IT
Preventive IT support – reports & N/A 25 Apr 2006 25 May 2006 0%
monitoring tool. IT support
(generation of weekly reports
as monitoring tool
Preventive To seek help from IT to N/A 25 Apr 2006 25 May 2006 0%
develop the required report
and monitoring capabilities
Preventive To set an effective policy with N/A 25 Apr 2006 25 May 2006 0%
regard to number of
Page 87 of 112
productive agent per agency
leader
Preventive Develop programmes to N/A 25 Apr 2006 25 May 2006 0%
improve the recruitment of
high potential and productive
agents
Page 88 of 112
14. Risk Factor : Vc5-AG2: Incapability of back-office processes
Description : Capability of backroom processes to support front business activities is not up to the mark
Owner :
Reference : Oi1114
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Early communication - To N/A 25 Apr 2006 30 Jun 2006 0%
"legalise" SLA between Agency
business and all backroom
support units. To develop an
early detection mechanism on
the level of support to agency
force
Preventive Branch Sales Support - To N/A 25 Apr 2006 25 May 2006 0%
develop KPI for all branches to
adhere to the agreed SLA
Preventive Develop unit at branches to N/A 25 Apr 2006 25 May 2006 0%
specifically service life
business
Preventive Agency leaders - required to N/A 25 Apr 2006 25 May 2006 0%
provide info on the level of
support provided to the agents
and clients
Page 89 of 112
Preventive To immediately review existing N/A 25 Apr 2006 25 May 2006 0%
and establish new mode of
payments to policy holders
Page 90 of 112
15. Risk Factor : Vc5-AG3: New products not delivered (Lack of systematic and strategic focus on new product
development proceses)
Description : Ineffective new product development plan that can help agency business to grow
Owner :
Reference : Oi1115
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QD
Target Impact Insignificant
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Ensure product ideas are N/A 25 Apr 2006 25 May 2006 0%
viable etc.; work closely with
ODC and operations
Preventive To seek help from ORM to N/A 25 Apr 2006 25 May 2006 0%
establish cost of capital (RBC
requirements) on every new
product developed
Page 91 of 112
16. Risk Factor : Vc5-EC6: Problems in arranging manual facultative insurance
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Execute transactions from list N/A 17 Apr 2006 01 Jul 2006 0%
of accounts established
Page 92 of 112
17. Risk Factor : Vc5-AD1:Backend integration issues and timing
Description :
Owner :
Reference : Oi1117
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Work closely with IT N/A 17 Apr 2006 17 May 2006 0%
Page 93 of 112
18. Risk Factor : Vc5-AD3: Wrong FT database contactable rate
Description :
Owner :
Reference : Oi1118
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Page 94 of 112
19. Risk Factor : Vc5-AD6: Backend integration problems
Description :
Owner :
Reference : Oi1119
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive IT to expedite integration N/A 17 Apr 2006 17 May 2006 0%
Page 95 of 112
20. Risk Factor : Vc5-AD7: Credit card acceptance
Description :
Owner :
Reference : Oi1120
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To secure assurance from N/A 17 Apr 2006 17 May 2006 0%
Maybank and establish M2U
merchant account
Page 96 of 112
21. Risk Factor : Vc5-AD8: Security concerns
Description :
Owner :
Reference : Oi1121
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Awareness program N/A 17 Apr 2006 17 May 2006 0%
Page 97 of 112
22. Risk Factor : Vc5-AD9: Issues with authorities
Description :
Owner :
Reference : Oi1122
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Develop education program – N/A 17 Apr 2006 17 May 2006 0%
online training & examination
for cyber agents
Page 98 of 112
23. Risk Factor : Vc5-Brn3: Delay in resource replacement
Description : Time delay in replacement of staff at the branches
Owner :
Reference : Oi1123
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Satisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive HC to speed up re-deployment N/A 17 Apr 2006 31 May 2006 0%
& replacement of key positions
Page 99 of 112
24. Risk Factor : Vc5-Brn4: Negative effects of centralization process
Description : Centralization of key operational functions might have negative impact to branches
Owner :
Reference : Oi1124
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Demand SLA from HQ N/A 17 Apr 2006 17 May 2006 0%
Operations on key processes
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Work very closely with IT; N/A 17 Apr 2006 17 May 2006 0%
constant communications with
agents
Description : Note: FS3 Finance & Risk Management – FS3.25 Aligning Various Bonus Practices of
Participating Policies - Actuarial (Life)
Owner :
Reference : Oi1126
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Recommend a common N/A 17 Apr 2006 17 May 2006 0%
practice
Note: FS3 Finance & Risk Management – FS3.27 Consolidation of MNI & MLA Reinsurance
Treaties - Actuarial (Life)
Owner :
Reference : Oi1127
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Review reinsurance N/A 17 Apr 2006 17 May 2006 0%
arrangements to identify
affected risks.
Preventive Notify reinsures & Operations. N/A 17 Apr 2006 17 May 2006 0%
Description : Note: FS3 Finance & Risk Management – FS3.27 Consolidation of MNI & MLA Reinsurance
Treaties - Actuarial (Life)
Owner :
Reference : Oi1128
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Identify treaties for N/A 17 Apr 2006 17 May 2006 0%
consolidation.
Preventive Negotiate with reinsures to N/A 17 Apr 2006 17 May 2006 0%
maintain the best terms &
conditions
Description : Note: FS3 Finance & Risk Management – FS3.29 Aligning MNI & TN IBNR Data for Reserving
Period Ending 30 June - Actuarial (General)
Owner :
Reference : Oi1129
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To engage a consultant to do N/A 17 Apr 2006 17 May 2006 0%
IBNR computation for FYE
30/06/2006 without having to
tabulate historical date for
corresponding new financial
period.
Description : Note: FS3 Finance & Risk Management – FS3.30 Harmonization of actuarial reports
Owner :
Reference : Oi1130
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Controls Effectiveness
Control Likelihood N/A
Control Impact N/A
Target Rating
Target Likelihood N/A NA
Target Impact N/A
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive Identify information required N/A 17 Apr 2006 17 May 2006 0%
Owner :
Reference : Oi1131
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive High awareness of key dependencies and N/A
communication of the same to the whole
project team
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Unlikely QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Detective To prepare and review N/A 01 May 2006 30 Jun 2006 0%
approval timeline for all
projects and to ensure that the
timeline will consider the
above uncertainties as
identified in the causes and
contingency measures.
Owner :
Reference : Oi1132
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive High awareness on commitment and N/A
support from respective entities
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Possible QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To request from the PMO for a N/A 16 Jun 2006 15 Jul 2006 0%
full time resources to be
allocated to the projects
Preventive To built in contingency with N/A 16 Jun 2006 16 Jul 2006 0%
regards to resources allocation
within the team
Preventive For a package system which N/A 16 Jun 2006 15 Jul 2006 0%
highly dependant on vendor,
the team will acquire the
vendor assistance to look for
possible arrangement for
external support and
resources.
Owner :
Reference : Oi1133
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Detective Project manager and/or business analyst Weekly N/A
engage for the respective project to
provide report to Project Steering on
regular basis to ensure the adequacy and
quality of business requirement. Any
shortcomings are to be reported via the
escalation process established by the
merger PMO.
Detective Establishment and close monitoring of Weekly N/A
respective project charter.
Detective Establishment and close monitoring of Weekly N/A
respective project charter.
Controls Effectiveness
Control Likelihood Some Weaknesses
Control Impact Unsatisfactory
Target Rating
Target Likelihood Possible QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To prepare and review N/A 16 May 2006 30 Jun 2006 0%
approval timeline for all
Risk Theme :
KPI Owner Trigger Unit Score Actual Target Status Last Trend
Value Month
Existing Controls
Type Name Owner Interval Effectiveness
Preventive Data cleansing before implementing As Appropriate N/A
Preventive Conversion planning and strategy As Appropriate N/A
Controls Effectiveness
Control Likelihood Unsatisfactory
Control Impact Unsatisfactory
Target Rating
Target Likelihood Possible QC
Target Impact Minor
Management Actions
Type Name Owner Priority Start Date Due Date Status
Preventive To establish specific data N/A 01 Aug 2006 15 Sep 2006 0%
migration and conversion risk
scorecard to ensure all specific
risks details addressed