Notes for BCM Institute's Course Participants: This is the template for completing the "Part 5: Inter-dependencies."
The effectiveness of Compliance, Governance, and Reporting (CBF-5) at Bandtree is highly
Understanding these relationships is crucial for ensuring operational continuity, particularly in the context of risk oversight, regulatory compliance, strategic reporting, and corporate governance functions.
This analysis provides essential insight for continuity planning, enabling a timely response to disruptions that could impact regulatory compliance, audit functions, ESG reporting, and statutory obligations.
Here is the table for Critical Business Function CBF-5 Compliance, Governance & Reporting for Bandtree, incorporating sub-processes (Sub-CBFs) and detailing their dependencies in line with BCMpedia's interdependency concepts.
|
|
|
|
Type of Dependency |
|
||
|
Sub-Critical Business Function |
Sub-CBF Code |
Name of Business Unit or Vendor/ Supplier/ Outsource Partner |
Internal |
External |
Direction |
Description of Nature of Dependency |
|
Regulatory & Legal Compliance |
5.1 |
Legal & Compliance Department |
✔️ |
✔️ |
Up-stream |
Relies on updates and mandates from regulators; provides guidance downstream to operations. |
|
Internal Audit & Risk Oversight |
5.2 |
Internal Audit & Risk Management Unit |
✔️ |
X |
Mutual |
Provides oversight and receives reports from departments; ensures enterprise-wide compliance. |
|
Corporate Governance Monitoring |
5.3 |
Board Secretariat |
✔️ |
✔️ |
Up-stream |
Aligns business activities with board directives and best practices in governance. |
|
ESG Reporting |
5.4 |
Strategy & Sustainability Unit |
✔️ |
✔️ |
Down-stream |
Consolidates data and reports from departments for ESG disclosures. |
|
Business Continuity Governance |
5.5 |
Business Continuity Management Team |
✔️ |
✔️ |
Mutual |
Coordinates with departments to implement BCM policies and provides BCM governance and reporting. |
|
Strategic & Statutory Reporting |
5.6 |
Finance, Strategy & Corporate Planning Units |
✔️ |
✔️ |
Down-stream |
Receives data from business units for analysis and reporting to stakeholders. |
The interdependencies outlined in this chapter highlight the interconnected nature of CBF-5 Compliance, Governance, and Reporting, and reinforce its strategic role within Bandtree.
These dependencies are not isolated but reflect a broader ecosystem where internal and external relationships significantly influence the organisation’s ability to meet legal, ethical, and reporting standards.
By documenting and evaluating these relationships, Bandtree strengthens its resilience and improves its readiness to manage disruptions across critical reporting and governance functions.
This proactive approach supports sustainable compliance practices, preserves regulatory trust, and upholds corporate integrity across the company’s operations.
Notes for BCM Institute's Course Participants: This is the template for completing the "Part 6: Vital Records."
Part 6: Vital Records serves as a critical component of Bandtree Sdn Bhd’s Business Continuity Management (BCM) framework, specifically supporting CBF-5: Compliance, Governance & Reporting.
This section identifies and catalogues the essential records required to maintain the continuity and integrity of key compliance and governance activities during and after a disruption.
Given Bandtree’s role as a government-linked company (GLC) under Darussalam Assets Sdn Bhd, and its responsibilities in upholding regulatory, corporate governance, and ESG obligations, it is imperative that vital records are protected, retrievable, and consistently updated.
These records not only ensure adherence to legal and statutory requirements but also safeguard the company's reputation and operational resilience.
This chapter outlines the types of vital records associated with each sub-process within CBF-5, including their formats, storage locations, and custodianship.
Emphasis is placed on both physical and digital recordkeeping practices to ensure redundancy, traceability, and secure access.
Based on the sub-processes (Sub-CBF) of CBF-5: Compliance, Governance & Reporting for Bandtree, and following the structure for documenting Vital Records as referenced from BCM Institute's guidance notes, this is the table:
|
Sub-Critical Business Function |
Sub-CBF Code |
Description of Vital Records |
Media Type |
Location |
In Whose Care |
|
Regulatory & Legal Compliance |
5.1 |
Regulatory filings, licenses, legal correspondences, acts, and regulatory obligations |
Digital, Paper |
Compliance Department SharePoint & Local Drive |
Compliance Manager |
|
Internal Audit & Risk Oversight
|
5.2 |
Internal audit reports, risk assessments, audit trails, risk registers |
Digital |
Internal Audit Secure Server |
Head of Internal Audit |
|
Corporate Governance Monitoring |
5.3 |
Board resolutions, corporate governance policies, and meeting minutes |
Digital, Paper |
Board Secretariat File Room & Digital Archive |
Company Secretary |
|
ESG Reporting |
5.4 |
ESG strategy documents, sustainability reports, stakeholder engagement logs |
Digital |
ESG Reporting Database |
ESG Officer |
|
Business Continuity Governance |
5.5 |
BCM policy, BIAs, BC plans, recovery strategies |
Digital, Paper |
BCM Office Repository & Cloud Backup |
BCM Coordinator |
|
Strategic & Statutory Reporting |
5.6 |
Annual reports, quarterly performance reports, and financial statements submitted to regulators |
Digital |
Finance Department Server |
CFO / Reporting Manager |
The proper identification and management of vital records underpin the effectiveness of Bandtree’s compliance and governance capabilities.
In times of disruption, the availability of accurate and complete records enables informed decision-making, supports regulatory accountability, and sustains operational integrity.
Through the structured documentation presented in this chapter, Bandtree reinforces its commitment to robust governance and responsible reporting.
Ongoing reviews and secure archival of these vital records will remain essential to ensuring continuity, transparency, and alignment with national and industry standards.
Implementing Business Continuity Management for Bandtree: A Practical Guide |
||||||
| eBook 3: Starting Your BCM Implementation |
||||||
| MBCO | P&S | RAR T1 | RAR T2 | RAR T3 | BCS T1 | CBF |
| CBF 5: Compliance, Governance & Reporting | ||||||
| DP | BIAQ T1 | BIAQ T2 | BIAQ T3 | BCS T2 | BCS T3 | PD |
To learn more about the course and schedule, click the buttons below for the BCM-300 Business Continuity Management Implementer [BCM-3] and the BCM-5000 Business Continuity Management Expert Implementer [BCM-5].
|
Please feel free to send us a note if you have any questions. |
||