EXCEL FORCE MSC BERHAD Annual Report 2020

EXCEL FORCE MSC BERHAD - ANNUAL REPORT 2020 37 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL (CONT’D) THE KEY ELEMENTS OF THE GROUP’S INTERNAL CONTROL SYSTEM INCLUDE: 1. Organisation structure with defined lines of responsibility, authority and accountability; 2. Policies and procedures for key business processes are formalised and documented for implementation and continuous improvements; 3. Quarterly Board meetings and periodical management meetings are held where information is provided to the Board and management covering financial performances and operations; 4. Training and development are provided as andwhen required by employeeswith the objective of enhancing their knowledge and competency; 5. Management accounts and reports are prepared regularly for monitoring of actual performance. 6. Board participation at the macro perspective in the performance monitoring of all subsidiary companies under the Group; 7. An internal audit function carries out a quarterly internal audit to ascertain the adequacy of the internal control system and tomonitor the effectiveness of operational and financial procedures. The internal audit also reviews and assesses risks faced by the Group and reports directly to the AC; 8. Regular internal audit visits to monitor compliance with policies and procedures to assess the integrity of both financial and non-financial information provided; and 9. Follow-up visits are then subsequently conducted by the internal auditors to ensure proper implementation of agreed action plans by the respective process owners. RISK MANAGEMENT FRAMEWORK The Board recognises that risk management is an integral part of the Group’s business operations and that the identification and management of risks will affect the achievement of the Group’s business objectives. To this end, the Board has formalised a Risk Management Framework by implementing an on-going process of identifying, evaluating, monitoring andmanaging the significant risks affecting the achievement of its business objectives and has taken into account the guidance of the MCCG. The management of risks in the daily business operation is assigned to the management team and significant risks are identified and related mitigating responses as well as the corresponding internal control measures were deliberated at the AC and Board meeting. ASSURANCE FROM MANAGEMENT The Managing Director and Head of Finance have provided assurance to the Board, to the best of their knowledge and belief, that the Group’s risk management and internal control systemwas operating adequately and effectively in all material aspects, to meet the Group’s objectives during the financial year under review until the date of this Statement on Risk Management and Internal Control. REVIEW OF THE STATEMENT BY EXTERNAL AUDITORS As required by paragraph 15.23 of the MMLR, the external auditors have reviewed this Statement on Risk Management and Internal Control for inclusion in this Annual Report for the financial year ended 31 December 2020. Their limited assurance review was performed in accordance with Audit and Assurance Practice Guide (“AAPG”) 3: Guidance for Auditors on Engagements to Report on the Statement on Risk Management and Internal Control included in the Annual Report issued by the Malaysian Institute of Accountants. AAPG 3 does not require external auditors to form an opinion on the adequacy and effectiveness of the risk management and internal control systems of the Group. Based on their review, the external auditor has reported to the Board that nothing has come to their attention that causes them to believe that this Statement on Risk Management and Internal Control is not prepared in all material respects, in accordance with the disclosures required by paragraphs 41 and 42 of the Guidelines, nor is it factually inaccurate.