MKH Annual Report 2019

072 A N N U A L R E P O R T 2 0 1 9 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL Internal Audit Function During the financial year, the Audit Committee worked closely with the Internal Audit team, distinct from the external auditors, to provide independent internal audit services to the Group, who reports independently to the Audit Committee. The internal audit function provides the Audit Committee with quarterly reports, based on the audits conducted, highlighting observations, recommendations and management action plans to improve the internal control system and contribute towards improving the Group’s risk management. The key role of the internal audit function is to assess management’s adherence to establish policies and procedures as well as to act as an independent sounding board to the Audit Committee concerning areas of weaknesses or deficiencies in the risk management, governance and control processes for appropriate remedial measures to be carried out by the management. Review By The External Auditors As required by paragraph 15.23 of Bursa Securities Main Market Listing Requirements, the external auditors have conducted a limited assurance engagement on this Statement on Risk Management and Internal Control. Their limited assurance engagement was performed in accordance with Malaysian Approved Standard on Assurance Engagements, International Standard on Assurance Engagements, ISAE 3000, Assurance Engagements other than Audits or Reviews of Historical Financial Information and Audit and Assurance Practice Guide 3 (“AAPG 3”): Guidance for Auditors on Engagements to Report on the Statement of Risk Management and Internal Control included in the Annual Report. Based on their procedures performed, the external auditors have reported to the Board that nothing has come to their attention that causes them to believe that the Statement on Risk Management and Internal Control is not prepared, in all material aspects, in accordance with disclosure required by paragraphs 41 and 42 of the Statement of Risk Management and Internal Controls: Guidance for Directors of Listed Issuers to be set out, nor is factually inaccurate. AAPG 3 does not require the external auditors to consider whether the Statement on Risk Management and Internal Control covers all risks and controls, or to form an opinion on the adequacy and effectiveness of the Group’s risk management and control system including the assessment and opinion by the Board and management thereon. The external auditors are not required to consider whether the processes described to deal with material internal control aspects of any significant problems disclosed in the Annual Report will, in fact, remedy the problems. The report from the external auditors was made solely for and directed solely to the Board of Directors in connection with their compliance with the Bursa Securities Main Market Listing Requirements and for no other purposes or parties. Management Assurance In accordance with the requirements of the Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers, the Group Managing Director and the Chief Financial Officer have given reasonable assurance to the Board that the Group’s risk management and internal control system, in all material aspects, is operating adequately and effectively. Board’s Conclusion The Board is of the view that an appropriate risk management and internal control system, procedures and processes in operation during the year in review was reasonably adequate and effective to safeguard the assets of the Group and interest of shareholders. For the financial year under review, no significant control failures or weaknesses that result in material losses and require disclosure in the Group’s Annual Report were identified. This Statement has been approved by the Board on 26 December 2019.