NB Food Supply Sdn. Bhd.: Risk Management and Internal Control Policy

Cheong, Wan Keng (2025) NB Food Supply Sdn. Bhd.: Risk Management and Internal Control Policy. Masters thesis, Tunku Abdul Rahman University of Management and Technology.

Text 43 Cheong Wan Keng (MCG).pdf Restricted to Registered users only Download (1MB)

Abstract

Small family-owned enterprises require strategically implemented risk management and internal control systems to ensure organizational resilience and sustainable growth. However, their long-term survival and growth often depend on their ability to manage operational risks and maintain robust internal control systems. These businesses frequently operate in dynamic and competitive environments, making strategic risk management not merely a choice but a necessity. This study seeks to explore the essential role that governance mechanisms play in helping these enterprises mitigate risks effectively while also capitalizing on potential growth opportunities. Recognizing the unique nature of family businesses, the research emphasizes that conventional risk frameworks may need to be adjusted to align with the specific characteristics of these firms. Through an extensive review of existing literature, the study identifies a number of recurring challenges that family-owned enterprises typically face when attempting to implement formal risk management practices. Firstly, limited financial and human capital often constrains the scope and scale of risk-related initiatives, with many family businesses lacking the specialized personnel or technology infrastructure needed to support complex risk frameworks. Secondly, intricate power dynamics among family members—shaped by interpersonal relationships, trust, and sometimes unspoken expectations—can lead to inefficiencies in decision-making and blurred lines of authority. These dynamics are frequently exacerbated when governance structures are informal or insufficiently documented. Thirdly, succession planning presents a major area of uncertainty, especially when transitioning leadership across multiple generations. The reluctance to relinquish control, combined with differing visions among family members, often impedes the institutionalization of formal control mechanisms and limits organizational agility. To address these pressing concerns, this paper proposes a tailored risk management framework that integrates established international standards—namely the COSO Enterprise Risk Management framework and the ISO 31000:2018 guidelines—with customized solutions specifically designed for the family business context. By adapting these globally recognized frameworks, the study ensures that the proposed model remains both credible and adaptable. The framework emphasizes simplicity and practicality, aiming to deliver tangible value without overwhelming the business with unnecessary complexity or administrative burden. It introduces core tools such as risk registers and risk assessment matrices, while also offering guidance on how to implement governance policies that align with family values and business culture. Each element of the framework is carefully selected and discussed with an eye toward its effectiveness in resource-constrained settings. The analysis further illustrates how the adoption of well-structured risk management processes can yield multiple strategic benefits beyond mere compliance or hazard avoidance. For instance, when risk assessments are carried out regularly and transparently, they can improve the quality of strategic decision-making and provide a foundation for open communication among stakeholders. Enhanced transparency can, in turn, boost confidence among investors, customers, and employees—reinforcing the company's reputation and trustworthiness. Moreover, the presence of internal controls and proactive governance fosters a culture of accountability and innovation, enabling family firms to seize new opportunities in a calculated and confident manner. Innovation is particularly crucial for small businesses aiming to differentiate themselves in increasingly saturated markets. Ultimately, this research offers a set of empirically grounded recommendations that aim to equip small family-owned enterprises with practical tools to navigate an ever-evolving business environment. While acknowledging the limitations these businesses face, the study underscores the potential for resilience and sustainable growth through the thoughtful implementation of risk management strategies. By aligning professional governance practices with the intrinsic values and operational realities of family enterprises, the paper contributes to both academic literature and practical management discourse. The proposed framework serves as a guide for family businesses that aspire not only to survive but also to thrive across generations—preserving their legacy while maintaining a competitive edge in the modern marketplace. Keywords: risk assessment, risk mitigation strategies, risk identification tools, ISO 31000:2018 compliance, COSO internal control framework, family business governance, organizational resilience