85 ENRA GROUP BERHAD ANNUAL REPORT 2025 Audit, Risk Management and Sustainability Committee Report (Cont’d) SUMMARY OF WORK PERFORMED (CONT'D) Internal Audit a) The ARMSC had on 19 February 2025, approved the Internal Audit Plan for FYE 2026. The Audit Plan was developed using a risk-based audit methodology where entities and processes were selected for audit based on risk assessments carried out periodically by the GIA. b) Conducted annual assessment of GIA function and head of GIA. The ARMSC reviewed the adequacy of the GIA department’s resource requirements, programmes and the GIA department’s competency, performance and staff composition. Generally, the ARMSC was satisfied that the GIA function met the expectations. c) The Chairman of the ARMSC had also met with the head of GIA on 20 February 2025 without the presence of the Executive Directors and Management to ensure there were no restrictions on the scope of GIA’s audit. The head of GIA were given the opportunity to raise any matters of concern arising from their IA’s work. d) Reviewed and deliberated the internal audit reports that highlighted audit issues, major findings, audit recommendations and Management’s responses. The ARMSC also reviewed the status of implementation of corrective measures taken by Management to ensure appropriate remedial actions were taken on a timely basis to address all areas of risk and internal control issues. Compliance and others a) Reviewed the related party transaction and recurrent related party transactions of revenue or trading nature entered into by the Group presented by Management at the quarterly ARMSC meeting, to ensure that these transactions were undertaken in the Company’s best interest and not detriment to the minority shareholders interest and were done under fair and reasonable grounds and normal commercial terms. b) Reviewed the Corporate Governance Overview Statement, ARMSC Report, Statement on Risk Management and Internal Control and Sustainability Report, pursuant to the MMLR and the MCCG 2021 and recommended the same to the Board for approval. c) Reviewed the half-yearly report on the status of compliance of the Group’s Code of Business Conduct to ensure any non-compliance was properly investigated. d) Received quarterly reports on whistleblowing issues to ensure actions were taken on any cases reported. No whistleblowing cases were reported during the financial year under review. e) Reviewed and deliberated the corporate governance compliance of the Company and areas for improvement. f) Reviewed and received the sustainability governance status report at the quarterly ARMSC meeting and ensuring the Company’s reporting on environmental, social, and governance (“ESG”) was in line with MMLR and the SC’s guidelines. g) Reviewed and monitored all conflict of interest (“COI”) or potential COI situations within the Group as well as the measures taken to eliminate such situations. During the financial year, the ARMSC reviewed the potential COI in relation to the mezzanine loans that the Directors provided to the Group. The loans were provided on arm’s length basis and the Company was advised to source for other financing to mitigate such situation. GROUP INTERNAL AUDIT FUNCTION The ARMSC is supported by an independent in-house GIA in the discharge of its duties and responsibilities. The internal audit function operates within the framework of the International Professional Practices Framework by the Institute of Internal Auditors as stated in its Internal Audit Charter, which is approved by the ARMSC. The internal audit function provides the ARMSC with independent opinions of processes, risk exposure and systems of internal control using the “Committee of Sponsoring Organization of the Treadway Commission’s Internal Control – Integrated Framework” as a guide. The internal audit function assess the Group’s Internal Control system according to the following five interrelated control elements: • Control Environment • Risk Assessment • Control Activity • Information & Communication • Monitoring
RkJQdWJsaXNoZXIy