106 KEYFIELD INTERNATIONAL BERHAD 202001038989 (1395310-M) PRINCIPLE B: EFFECTIVE AUDIT AND RISK MANAGEMENT (CONT’D) PART II: RISK MANAGEMENT AND INTERNAL CONTROL FRAMEWORK 11. Effective Risk Management and Internal Control Framework The Board affirms its duties in ensuring the adequacy and reliability of the Group’s internal control and risk management system, with the objective of safeguarding the Group’s assets, shareholders’ investments, and stakeholders’ interests. To fulfil this commitment, the Board has established an Enterprise Risk Management Framework (“ERM Framework”) with 6 key risk management process: 1. Communication and consultation; 2. Establishing the scope, context and criteria; 3. Risk assessment; 4. Risk treatment; 5. Monitoring and review; and 6. Recording and reporting. Additionally, the Board has established various internal control systems, including company policies and standard operating procedures (“SOPs”), to enhance the effectiveness of business operations while upholding sound governance principles. The ARMC assists the Board in overseeing the adequacy and effectiveness of the Group’s risk management and internal control systems, ensuring that the risk management process is wellestablished and functioning effectively. The ARMC is supported by the Executive Committee, which is responsible for monitoring and reviewing the risks and opportunities associated with the business strategies, operating processes, and the achievement of objectives. Whereas, the Governance, Risk and Compliance (“GRC”) team is responsible for driving the risk management process across the Group and reporting to the Executive Committee. The Heads of Department are primarily responsible for conducting regular reviews to identify and assess the risks, as well as implementing risk action plans to mitigate their likelihood and impact. Further details on the current state of risk management and internal controls within the Group is set out in the Statement on Risk Management and Internal Control in this Annual Report. 12. Internal Audit Function The ARMC is responsible for ensuring the effectiveness of the internal audit function within the Group, including but not limited to: (i) reviewing the adequacy of the scope, functions, competency and resources of the internal audit functions; and (ii) evaluating the internal audit plan, processes, the results of the internal audit assessment or investigation undertaken and ensuring the appropriate corrective actions are taken based on the recommendations of the internal audit function. The internal audit function of Keyfield is outsourced to an independent professional firm, Baker Tilly Monteiro Heng Governance Sdn Bhd The Internal Auditors are independent and free from any relationships or conflicts of interest within the Group, enabling them to conduct internal audit reviews objectively, impartially, proficiently and with due professional care. The Internal Auditors perform quarterly internal audit reviews based on the approved internal audit plan and in accordance with the International Professional Practice Framework (“IPPF”), and report directly to the ARMC. CORPORATE GOVERNANCE OVERVIEW STATEMENT (cont’d)
RkJQdWJsaXNoZXIy NDgzMzc=