74 CORPORATE GOVERNANCE ENRA GROUP BERHAD ANNUAL REPORT 2023 INTERNAL AUDIT FUNCTION At present, there is an in-house Internal Audit function. The Internal Audit function operates within the framework of the International Professional Practices Framework by the Institute of Internal Auditors as stated in its Internal Audit Charter, which is approved by the ARMSC. The Internal Audit function provides the ARMSC with independent opinions of processes, risk exposure and systems of internal control using the “Committee of Sponsoring Organization of the Treadway Commission’s Internal Control – Integrated Framework” as a guide. The Internal Audit function assesses the Group’s Internal Control system according to the following five interrelated control elements: • Control Environment • Risk Assessment • Control Activity • Information & Communication • Monitoring The Internal Audit team is headed by Mr. Melvinder Singh Harminder Singh, Group Head of Compliance & Governance, who is a Chartered Member of the Institute of Internal Auditors Malaysia with more than 20 years of experience in internal auditing. Mr. Melvinder and his team independently reviews the key business processes, and reports to the ARMSC on a quarterly basis. The ARMSC reviews and evaluates the key audit issues raised by the Internal Audit function and ensures that appropriate and prompt remedial action is taken by the Management. During the financial year ended 31 March 2023, the Internal Audit function prepared and presented an annual audit review schedule to the ARMSC. This annual schedule outlines the key business processes of the Group’s governance process, ESG efforts and policy, property development subsidiaries as well as oil & gas services. The ARMSC had reviewed and approved the schedule providing the Internal Audit team with the mandate in assessing the adequacy and effectiveness of the Group’s internal control system. The Internal Audit team completed a holistic Corporate Governance Review of ENRA with reference to the Malaysian Code of Corporate Governance 2021, an ESG Gap analysis, data gathering and drafting the ESG policy using the MMLR as a guideline, a routine audit of the property division and two follow-up audits in accordance with the ARMSC” s approved annual review schedule. The area of coverage is aligned with the Group’s Risk Management assessment covering Finance, Human Resource, Operations, Procurement, Inventory, General IT, Sales, Marketing, Fraud Assessment and Project Management. CONTROL ENVIRONMENT AND STRUCTURE Apart from the above, the other key elements of the Group’s internal control system include: a) Policies, procedures and limits of authority make up the Control Activities and Authority. • Formally documented internal policies, standards and procedures are in place and periodically updated to reflect and enhance operational efficiency. Cases of non-compliance with policies and procedures are reported to the ARMSC. • Formally defined delegation of responsibilities to committees of the Board and to Management including organisation structures and appropriate authority levels. AUTHORITY ETHICS & COMPLIANCE MONITORING • Current risk pro le • Action plans CONTROL ACTIVITIES Statement On Risk Management And Internal Control (Cont’d)
RkJQdWJsaXNoZXIy NDgzMzc=