CORPORATE GOVERNANCE SECTION 4 119 Al-`Aqar Healthcare REIT | Annual Report 2024 Key Features of Internal Control The key elements and/or features of the internal control system established for maintaining strong corporate governance are as follows: (a) Organisation Structure and Reporting Lines The organisation structure and delegation of responsibilities are communicated across all levels, from the Board to the project/ risk owners in the organisation which set out, amongst others, authorisation levels, segregation of duties and other risk and control procedures. The Board and Board Committees are supported operationally by the Management Committee headed by the CEO. The Management Committee meeting (MCM) convenes on a fortnightly basis to discuss on strategic business plans, ongoing operational matters and the REIT’s financial performance hence has oversight of the REIT’s operations and maintenance of effective control. In addition, ad-hoc meetings to discuss the progress of high-risk corporate projects and exercises. In the absence of the CEO, the Management Committee meetings are chaired by the Chief Operating Officer as an Acting Chairman. (b) Internal Audit To ensure an independent and objective assurance of the adequacy and effectiveness of the internal control system, the Manager outsources the internal audit function of the REIT to an independent professional consulting firm, Messrs. PKF Risk Management Sdn Bhd (“PKF”). PKF adopts the International Professional Practices Framework (“IPPF”) in carrying out internal audit assignments by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, internal controls, and governance processes. The team from PKF is led by Dr. Wong Ka Fee, the Director of Risk and Governance Advisory. He possessed doctoral degree in Behavioural Finance and Master of Science in Management Consultancy. Dr. Wong Ka Fee has over 15 years of experience in a wide range of governance advisory, risk and internal audit work. The Internal Audit Team (IAT) at PKF consists of 8 permanent internal audit personnel staff who are qualified in the areas of internal audit and assurance. All the internal PKF audit personnel involved are free from any relationships or conflicts of interest, which could impair their objectivity and independence. Audit reviews and engagements are carried out based on a risk-based annual internal audit plan approved by the BARC. PKF executes the audit engagements with regard to risk exposures, compliance with policies and procedures, relevant laws and regulations, and against best practices. PKF then provides the BARC with periodic reports, highlighting observations, recommendations and action plans to improve the organisation’s internal control system. In addition, special reviews and scope extensions were also undertaken as required by the BARC and management. (c) The Standard Operating Procedures The Standard Operating Procedures with specified roles and responsibilities in the reporting structure incorporate the elements of checks and balances which are aligned to the business and compliance requirements. (d) Policies & Frameworks Documented policies and procedures are also in place subject to review every now and then to ensure that it maintains their effectiveness to support the REIT’s business activities. The Manager has revised the following policies and frameworks in the year under review: • Established an Outsourcing Policy proposed by the Management and tabled & approved by the Board of Directors on 14th August 2024. • Established a Green Procurement Guidelines proposed by the Management and tabled & approved by the Board of Directors on 18th September 2024. • Established a Mental Health Management Procedure which was proposed by the Management and tabled & approved by the Board Sustainability Committee on 20th August 2024. • Anti-Bribery & Corruption Manual: The management reviewed the manual and tabled & approved by the Board of Directors on 24th May 2024. • No Gift & Entertainment Policy: The policy was reviewed by the Management and tabled & approved by the Board of Directors on 24th May 2024. • Claim Management Procedure: The procedure was reviewed & revised by the management effective 1st of July 2024. (e) Digitalisation ICT Policy & Compliance The Manager adheres to Johor Corporation Group policy and adopts the JCorp digitalisation and IT strategy, approach and digital maturity roadmap. The Internal ICT audit and system are monitored and reviewed yearly to ensure compliance and standard operating policy and procedures. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL
RkJQdWJsaXNoZXIy NDgzMzc=