73 / 174
sustainability & governance
Annual Report 2017
71
STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL
INTERNAL CONTROL
The key processes that the Board has established in reviewing the adequacy and integrity of the system of internal control and risk
management systems include the following:
1.
Operational and follow-up audits are conducted throughout the financial year based on approved annual audit plan to provide
reasonable assurance that the systems of internal controls and its framework, and governance processes put in place by
Management continue to operate satisfactorily and effectively and to add value and improve the Group’s business operations.
2.
Each line of business is responsible for the conduct and performance of its operating units, including the identification and
evaluation of significant risks applicable to their respective business areas, the design and operation of suitable internal control
and in ensuring that an effective system of internal control is in place.
3.
A meeting of Heads of Divisions chaired by the Managing Director is held monthly to deliberate on the Group’s financial
performance, business development, operational and corporate issues. The Managing Director will update the Board of any
significant matters that require the Board’s immediate attention.
4.
The Managing Director actively participates and involves in the day-to-day running of the major business and regular discussions
with the Senior Management.
5.
Monthly financial summary report and quarterly management reports on key business performance, operating statistics and
regular matters are provided to the members of the Board for review and to monitor the achievements of the Group’s performance.
6.
There is a budgeting and forecasting system. Each line of business submits a business plan annually for approval by the Board.
The results of the lines of businesses are reported monthly and variances are analysed against budget and acted on in timely
manner. The Group’s strategic directions are also reviewed annually taking into account changes in market conditions and
significant business risks.
7.
The periodic and streamlining review of limits of authority and other standard operating procedures within the Group provides
a sound framework of authority and accountability within the organisation and to facilitate quality, well informed and timely
corporate decision making at the appropriate level in the organisation’s hierarchy.
8.
The compliance function, which includes the Audit Committee and internal audit function carried out by the Group Internal
Audit Department established by the penultimate holding company, Kumpulan Fima Berhad, assists the Board to oversee the
management of risks and review the effectiveness of internal controls. The Committee reviews reports of the Group Internal Audit
(“GIA”) and also conducts annual assessment on the adequacy of the GIA’s scope of work.
9.
The Audit Committee convenes regular meetings to deliberate on findings and recommendations for improvement by both the
internal and external auditors on the state of the system of internal control. Minutes of the Audit Committee meetings are tabled
to the Board.
10. The RMC convenes annually to review and recommend the risk management policies, strategies, key risk profiles and risk
mitigation actions for the Group and reports to the Audit Committee
11. Major contracts are awarded by a Tender Committee comprising of Senior Management. A minimum of three quotations is called
for and tenders are awarded based on criteria such as quality, track record and speed of delivery.
12. Clearly documented standard operating procedure manuals set out the policies and procedures for day-to-day operations to
be carried out. Regular reviews are performed to ensure that documentation remains current, relevant and aligned with evolving
business and operational needs.
13. The competency of staff is enhanced through rigorous recruitment process and development programmes. A performance
appraisal system of staff is in place, with established targets and accountability and is reviewed on an annual basis.