EXCEL FORCE MSC BERHAD Annual Report 2017

35 EXCEL FORCE MSC BERHAD (570777-X) ANNUAL REPORT 2017 RISK MANAGEMENT (cont’d) The management has been embedded the responsibility to manage the risk and internal controls that is associated with the operations of the Group and to ensure compliance with the applicable laws and regulations. Any significant issues and control implemented were discussed at management meetings and quarterly Audit Committee meetings. INTERNAL AUDIT FUNCTIONS In accordance with the Malaysian Code on Corporate Governance, the Group in its efforts to provide adequate and effective internal control system had appointed Sterling Business Alignment Consulting Sdn Bhd (“Sterling”), an independent consulting firm to review the adequacy and integrity of its system of internal control. Sterling acts as the internal auditor and reports directly to the Audit Committee on the quarterly basis. The internal audit reviews and addresses critical business processes, identified risks and internal control gaps, assesses the effectiveness and adequacy of the existing state of internal control of the Group and recommended possible improvements to the internal control process. This is to provide reasonable assurance that such systems continue to operate satisfactorily and effectively within the Group. The Internal Auditor uses the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Control – Integrated Framework as a basis for evaluating the effectiveness of the internal control systems. Each quarterly audit is engaged by approximately 2 to 4 audit personnel depending on the areas of audit. Quarterly audit reports and status report on follow up actions were tabled to the Audit Committee and Board during its quarterly Audit Committee Meetings. The Internal Auditors are free from any relationships or conflict of interest, which could impair their objectivity and independence of the internal audit function. The Internal Auditors does not have any direct operational responsibility or authority over any of the activities audited. The Audit Committee is of the opinion that the internal audit function is effective and able to function independently. For the financial year ended 31 December 2017, three (3) internal audit reviews and one (1) risk management review had been carried out by Internal Auditor: Audit Period Reporting Month Name of Entity Audited Audited Areas January - March 2017 May 2017 Excel Force MSC Berhad • Sales and Marketing function April - June 2017 August 2017 Excel Force MSC Berhad • Research and Development function July - September 2017 November 2017 Excel Force MSC Berhad • Finance and Accounts function • Procurement function October - December 2017 February 2018 Excel Force MSC Berhad • Review of Risk Management performed by the Management. Based on the internal audit reviews conducted, none of the weaknesses noted have resulted in material losses, contingencies or uncertainties that would require separate disclosure in this Annual Report. THE KEY ELEMENTS OF THE GROUP’S INTERNAL CONTROL SYSTEM INCLUDE: 1. Organisation structure with defined lines of responsibility, authority and accountability; 2. Policies and procedures for key business processes are formalised and documented for implementation and continuous improvements; 3. Quarterly Board meetings and periodical management meetings are held where information is provided to the Board and management covering financial performances and operations; 4. Training and development is provided as and when required by employees with the objective of enhancing their knowledge and competency; Statement On Risk Management And Internal Control (cont’d)