Datasonic Group Berhad 78 Statement on Risk Management and Internal Control The Anti-Bribery and Anti-Corruption Policy is published on the Company’s website at www.datasonic.com.my. 11. Financial Budgeting and Project-Level Budgeting Annual budgets are prepared and reviewed by the GMC prior to tabling to the Board for approval. Actual performance is reviewed against the approved budget by the GMC on a monthly basis allowing responses and corrective actions to be taken. A project-level budgeting is implemented as part of the initiatives of cost optimisation efforts to monitor and control the expenditures incurred for each project. The Heads of project are responsible for ensuring the project expenses are within the approved budgets and any significant variances against the approved budgets will be reported to the Management for attention and formulation of necessary action plans to address the areas of concern, as applicable. 12. Continuous improvement on IT systems The Group had undertaken continuous development and improvement on the information technology systems and platforms to support the operational efficiency in various operational activities, and to enable effective decisionmaking by providing the decision makers with timely and accurate information. 13. Group Disaster Recovery Plan The Group’s disaster recovery/business continuity plan (“DR/BCP”) has been developed and the implementation was ongoing during the financial year. The plan will help to minimise downtime and data loss, and to ensure the continuity of business operations in the unfortunate event of management systems breakdown and other potential hazards such as fire and flood. Key information and data backups are systematically performed on a periodical basis. 14. Reviews by the Audit Committee and Risk Management Committee Reviews carried out by the AC on the adequacy and effectiveness of the internal control system concerning operational issues reported by the internal and external auditors and attributable actions taken by the Management in respect of the findings to provide assurance that control procedures are in place and are being followed as intended. Reviews carried out by the RMC on the adequacy and effectiveness of the risk management system and the mitigation controls to manage the key risk areas reported by the risk management function to provide assurance that the systems are operating as intended in order to manage the overall risk exposures of the Group. Internal control and key risks related matters that warranted the attention of the Board were conveyed by the AC and RMC to the Board. 15. Independent Reviews by the Internal Audit Department (“IAD”) The IAD performs regular reviews of the Group’s operations and system of internal controls and evaluates the adequacy and effectiveness of the controls processes implemented by the process owners and the Management. During the financial year ended 31 March 2022, the adequacy and effectiveness of internal controls were reviewed by the AC based on the reports from audits conducted by the IAD according to the approved audit plan. Audit issues and actions taken by the Management to address the shortcomings raised by the IAD were deliberated and accepted at the AC meetings. There were 17 Internal Audit Reports issued and reviewed by the AC throughout the financial year in which the IAD has provided its recommendations to the Management to improve on the design and/or effectiveness of controls where applicable. Additionally, the AC also reviewed the implementation progress of the corrective action plans committed by the Management for all key findings and recommendations highlighted in previous Internal Audit Reports to ensure that all the corrective actions were implemented appropriately. From the Internal Audit Reports issued, there were weaknesses and gaps in internal controls identified, and subsequently the remedial actions and corrective measures including monitoring have been and are being taken to address such weaknesses. A description of the IAD’s activities for the financial year ended 31 March 2022 are available in the Audit Committee Report included in this Annual Report. 16. Continuous Compliance Review The Management team together with the respective Project Directors and Heads of Department continuously perform review on the compliance level in regard to the contractual obligations and the terms and conditions imposed on certifications and licenses granted to the Group. The list of certifications and licenses granted to the Group are available in the Sustainability Statement included in this Annual Report.
RkJQdWJsaXNoZXIy NDgzMzc=