EXCEL FORCE MSC BERHAD Annual Report 2017

36 EXCEL FORCE MSC BERHAD (570777-X) ANNUAL REPORT 2017 THE KEY ELEMENTS OF THE GROUP’S INTERNAL CONTROL SYSTEM INCLUDE: (cont’d) 5. Management accounts and reports are prepared regularly for monitoring of actual performance; 6. Board participation at the macro perspective in the performance monitoring of all subsidiaries under the Group; 7. An internal audit function carries out quarterly internal audit to ascertain the adequacy of internal control system and to monitor the effectiveness of operational and financial procedures. The internal audit also reviews and assesses risks faced by the Group and reports directly to the Audit Committee; 8. Regular internal audit visits to monitor compliance with policies and procedures to assess the integrity of both financial and non-financial information provided; and 9. Follow-up visits are then subsequently conducted by the internal auditor to ensure proper implementation of agreed action plans by the respective process owners. RISK MANAGEMENT FRAMEWORK The Board recognises that risk management is an integral part of the Group’s business operations and that the identification and management of risks will affect the achievement of the Group’s business objectives. To this end, the Board has formalised a Risk Management Framework by implementing an on-going process of identifying, evaluating, monitoring and managing the significant risks affecting the achievement of its business objectives and has considered the guidance of the Malaysian Code on Corporate Governance. The management of risks in the daily business operation is assigned to management team and significant risks are identified and related mitigating responses as well as the corresponding internal control measures were deliberated at the Audit Committee and Board meeting. ASSURANCE FROM MANAGEMENT The Board has received assurance from the Chief Executive Officer and Head of Finance that the Group’s risk management and internal control system are operating adequately and effectively in all material aspects, based on the risk management and internal control system of the Group. REVIEW OF THE STATEMENT BY EXTERNAL AUDITORS As required by Bursa Securities Listing Requirements paragraph 15.23 of the MMLR, the External Auditors have reviewed this Statement on Risk Management and Internal Control for inclusion in the 2017 Annual Report. Their limited assurance review was performed in accordance with Audit and Assurance Practice Guide (AAPG) 3: Guidance for Auditors on Engagements to Report on the Statement on Risk Management and Internal Control included in the Annual Report issued by the Malaysian Institute of Accountants. AAPG 3 does not require the external auditors to form an opinion on the adequacy and effectiveness of the risk management and internal control systems of the Group. Based on their review, the External Auditors have reported to the Board that nothing has come to their attention that causes them to believe that this Statement is not prepared, in all material respects, on the basis of the reporting criteria as set out in Paragraph 41 and 42 of the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers. CONCLUSION For the financial year 31st December 2017 and up to the date of approval of this statement, the Board is of the opinion that the risk management and internal control system currently in place is adequate and effective to safeguard the Group’s interests and assets. For the coming year, the Board will continually assess the adequacy and effectiveness of the Group’s system of internal control and to strengthen it, as and when necessary. This statement is made in accordance with the resolution passed by the Board dated 13 April 2018. Statement On Risk Management And Internal Control (cont’d)