PRG Holdings Berhad Annual Report 2017

• PRG HOLDINGS BERHAD 50 ii. Evaluate the risks and develop risk mitigating action plans; and The identified risks, which may fall into the category of strategic risk, operational risk, credit risk, finance/account risk or IT risk, will be evaluated by RMT and thereafter effective controls and risk mitigating action plans will be developed and implemented to address and mitigate the risks identified. iii. Monitor the progress of action plans and review the business risks from time to time. RMT will closely monitor the outcome of the implementation of the controls and action plans carried out by the various levels of management and will re-evaluate the risks and formulates new mitigating strategy if the desired results are not achieved. • Risk Reporting Risk management is conducted every quarter. Significant risks identified by RMT are reported to RMC, Audit Committee and the Board during quarterly meetings. The internal auditors provide an independent assessment of the adequacy and reliability of the operational risk management processes and report its findings to the Audit Committee. Internal Audit Function The Group maintains an in-house internal audit department for the Manufacturing Division that carries out regular reviews of the Division’s operations and system of internal control by examining and evaluating business processes to determine the adequacy and efficiency of financial and operating controls, and highlighting significant risks and non-compliance impacting the Group. Where applicable, the internal audit department provides recommendations to improve the effectiveness of risk management, controls and governance processes. The internal audit function for the Corporate and Property Development & Construction Divisions was outsourced to an independent consulting firm who performs the audit in accordance with Generally Accepted Auditing Practices for Internal Control Review to assess the adequacy and integrity of the Group’s risk management. The Internal Auditor reports directly to the Audit Committee on improvement measures pertaining to internal control, including subsequent follow-up to determine the extent of their recommendations that have been implemented by the Management. Periodic audit reports and status on follow up actions are submitted to the Audit Committee, who reviews the findings with Management at its quarterly meetings. The Management is responsible for ensuring that corrective actions to control weaknesses are implemented within a defined time frame. The status of implementation is monitored through follow- up audits which are also reported to the Audit Committee. The Audit Committee reviews the internal audit function, the scope of the annual internal audit plan, as well as the findings within its scope of responsibilities. The Audit Committee meets at least four times a year with the Board to discuss significant issues found during the internal audit process and makes the necessary recommendations to the Board. In the financial year under review, the following functions’ processes of the Group’s operations were reviewed by the internal auditors: Manufacturing Division: • Production & quality control including compliance with Environmental & Safety & Health Regulations • Human resource • Purchasing • Inventory • Sales, credit control & account receivables • Finance and Information Technology • Inventory costing (covering raw materials, work-in-progress & finished goods) • Annual stock check • Related party transaction including recurrent related party transactions S T A T E M E N T O N R I S K M A N A G E M E N T A N D I N T E R N A L C O N T R O L ( C O N T ’ D )