top of page

Risk Management Policy

Risk Assessment & Monitoring

The purpose of this Risk Management Policy is to outline the framework, processes, and responsibilities for identifying, assessing, mitigating, and monitoring risks within Data Cohorts.


This policy applies to all employees, contractors, and stakeholders involved in Data Cohorts' operations, projects, and activities.

Risk Management Framework

a. Risk Identification: Risks shall be identified through regular risk assessments, project planning sessions, incident reports, and feedback mechanisms.

b. Risk Assessment: Identified risks shall be assessed based on their likelihood, impact, and severity. Risks shall be categorized into high, medium, or low priority based on these criteria.

c. Risk Mitigation: Appropriate risk mitigation strategies shall be developed for high and medium priority risks. These strategies may include risk avoidance, risk transfer, risk reduction, or risk acceptance.

d. Risk Monitoring: Risks shall be continuously monitored throughout the project lifecycle. Key risk indicators (KRIs) shall be established to track the effectiveness of mitigation measures.

e. Risk Reporting: Regular risk reports shall be generated and shared with relevant stakeholders, including senior management, project teams, and external partners.

Roles and responsibilities

a. Senior Management: Senior management shall be responsible for endorsing the risk management framework, allocating resources for risk management activities, and providing oversight.

b. Risk Management Committee: A cross-functional risk management committee shall be established to oversee risk management activities, review risk assessments, and escalate critical risks to senior management.

c. Project Managers: Project managers shall be responsible for conducting risk assessments, developing risk mitigation plans, and implementing risk controls within their projects.

d. Employees: All employees shall be responsible for identifying and reporting risks in their respective areas of work, complying with risk mitigation measures, and participating in risk management training and awareness programs.

Compliance and review

a. This Risk Management Policy shall be reviewed annually or as needed to ensure its effectiveness and relevance.

b. Non-compliance with this policy may result in disciplinary action, including but not limited to warnings, retraining, or termination of employment.

policy adoption

This Risk Management Policy shall be communicated to all employees upon adoption and made available in the company's policy repository for reference.

How to contact Data Cohorts

To contact DC with questions about this Privacy Statement or if you would like to communicate with any of our Data Protection Officers or the BCP Team, including to request to exercise your rights of access, rectification, or erasure, please contact us at:

Data Cohorts
Attention: Legal Department
2nd Floor West Wing, ECM Libra,

8 Jalan Damansara Endah

Damansara Heights

50490 Kuala Lumpur



bottom of page