ENRA Group Berhad Annual Report 2019

48 ENRA GROUP BERHAD ∞ Annual Report 2019 page Statement On Risk Management And Internal Control Paragraph 15.26(b) of the Main Market Listing Requirements of Bursa Malaysia Securities Berhad (“Bursa Securities”) requires the Board of Directors of a public listed company to include in its annual report a statement about the state of risk management and internal control of the listed issuer as a group. The Bursa Securities’ Statement on Risk Management & Internal Control (Guidelines for Directors of Listed Issuers) provides guidance for compliance with these requirements. The Malaysian Code on Corporate Governance 2017 issued by the Securities Commission Malaysia requires the Board to establish a sound risk management framework and internal control system. ENRA Group Berhad’s (“ENRA”) Board of Directors (“Board”) is pleased to provide the following statement that is prepared in accordance with the “Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers” endorsed by Bursa Securities which outlines the nature and scope of the Risk Management and Internal Control of ENRA during the financial year under review. BOARD RESPONSIBILITY The Board acknowledges the importance of sound internal controls and risk management practices to safeguard various stakeholders’ interest and to address all key risks, which the Board considers relevant and material to ENRA and its subsidiaries (“Group”) operations. The Board affirms its overall responsibility for the Group’s system of internal control and risk management process, which includes the establishment of an appropriate control environment and framework. The Board is also responsible for reviewing the effectiveness, adequacy and integrity of those systems. These systems are designed to manage rather than to eliminate any risk that may impact the Group arising from non-achievement of the Group’s policies, goals and objectives. Such system provides reasonable but not absolute, assurance against material misstatement or loss. The Group has in place an on-going process for identifying, evaluating, monitoring and managing the operating and financial controls affecting the achievement of its business objectives throughout the financial reporting period. The Internal Audit Department plays a role in this respect. The process is quarterly reviewed by the Audit and Risk Management Committee (“ARMC”). The Board maintains ultimate responsibility over the Group’s system of internal control and risk management process that it has delegated to the Executive Committee for implementation. The Internal Audit function is to provide reasonable assurance that the designed controls are in place and are operating as intended. RISK MANAGEMENT FRAMEWORK The Board reviewed the risk management processes in place within the Group with the assistance of the Executive Risk Management Committee (“ERMC”) and the Internal Audit Department. The ERMC meets on a quarterly basis to deliberate on risks identified, controls and risk mitigation strategies arising from the risk assessment process conducted.