EXCEL FORCE MSC BERHAD 39 THE KEY ELEMENTS OF THE GROUP’S INTERNAL CONTROL SYSTEM INCLUDE: (CONT’D) 7. An internal audit function carries out a quarterly internal audit to ascertain the adequacy of the internal control system and to monitor the effectiveness of operational and financial procedures. The internal audit also reviews and assesses risks faced by the Group and reports directly to the AC; 8. Regular internal audit visits to monitor compliance of the policies and procedures and to assess the integrity of both financial and non-financial information provided; 9. Follow-up visits are then subsequently conducted by the internal auditors to ensure proper implementation of agreed action plans by the respective process owners; and 10. Anti-BriberyandCorruptionPolicyandWhistleBlowing Policyare inplace and in compliancewith the listing requirements in relation to anti-corruption measures. RISK MANAGEMENT FRAMEWORK The Board recognises that risk management is an integral part of the Group’s business operations and that the identification and management of risks will affect the achievement of the Group’s business objectives. To this end, the Board has formalised a Risk Management Framework by implementing an ongoing process of identifying, evaluating, monitoring and managing the significant risks affecting the achievement of its business objectives and has taken into account the guidance of the Malaysian Code on Corporate Governance. Themanagement of risks in the daily business operation is assigned to themanagement teamand significant risks are identified and related mitigating responses as well as the corresponding internal control measures were deliberated at the Audit Committee and Board meeting. ASSURANCE FROM MANAGEMENT The Managing Director and Head of Finance have provided assurance to the Board, to the best of their knowledge and belief, that the Group’s risk management and internal control system was operating adequately and effectively in all material aspects, to meet the Group’s objectives during the financial year under review until the date of this Statement on Risk Management and Internal Control. REVIEW OF THE STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL BY EXTERNAL AUDITORS As required by paragraph 15.23 of the MMLR, the external auditors have reviewed this Statement on Risk Management and Internal Control for inclusion in this Annual Report for the financial year ended 31 December 2021. Their limited assurance reviewwas performed in accordance with Audit and Assurance Practice Guide (“AAPG”) 3: Guidance for Auditors on Engagements to Report on the Statement on Risk Management and Internal Control included in the Annual Report issued by the Malaysian Institute of Accountants. AAPG 3 does not require external auditors to form an opinion on the adequacy and effectiveness of the risk management and internal control systems of the Group. Based on their review, the external auditor has reported to the Board that nothing has come to the attention that causes them to believe that this Statement on Risk Management and Internal Control is not prepared in all material respects, in accordance with the disclosures required by paragraphs 41 and 42 of the Guidelines, nor is it factually inaccurate. CONCLUSION For the financial year ended 31 December 2021 and up to the date of approval of this Statement on RiskManagement and Internal Control, the Board is of the opinion that the risk management and internal control system currently in place are adequate and effective to safeguard the Group’s interests and assets. For the coming year, the Board will continually assess the adequacy and effectiveness of the Group’s system of internal control and to strengthen it, as and when necessary. This Statement on Risk Management and Internal Control is made in accordance with a resolution of the Board dated 18 April 2022. Statement on Risk Management and Internal Control (cont’d)
RkJQdWJsaXNoZXIy NDgzMzc=