Press Metal Annual Report 2024

Integrated Annual Report 2024 SECTION 4 • EFFECTIVE STEWARDSHIP THROUGH GOOD GOVERNANCE 73 PRINCIPLE B: EFFECTIVE AUDIT AND RISK MANAGEMENT (CONT’D) I. Audit Committee (cont’d) Internal Audit Function The Group has an in-house internal audit (“IA”) department, which is augmented with outsourced Internal Auditors for specialised expertise in selected areas. The IA function is independent of the activities or operations of the other operating units in the Group. The IA function adopts a risk-based audit approach when executing each audit assignment which is carried out in accordance with the annual audit plan. The annual audit plan covers the major subsidiaries of the Group. The IA function provides the AC and the Board with assurance regarding the adequacy and integrity of the systems of risk, governance and internal controls. The AC is responsible for assisting the Board in ensuring the adequacy and effectiveness of internal controls. The system of internal control and risk management in place during 2024, is sound and sufficient to safeguard the Group’s assets, as well as shareholders’ investments and the interests of all stakeholders. The composition, attendance for meetings and summary of key activities of the AC, as well as the activities of the External Auditors and Internal Auditors of the Company during the financial year under review are further detailed in the AC Report on pages 77 to 83 of this IAR 2024. II. Risk Management and Internal Control Framework The Board has ultimate responsibility for reviewing the Company’s risks, approving the risk management framework and policies and overseeing the Company’s strategic risk management and internal control framework to achieve its objective within an acceptable risk profile as well as safeguarding the interest of stakeholders and shareholders and the Group’s assets. The Group has put in place an ERM Framework which comprises the following elements: • Provide guiding principles and approach towards risk management; • Process of identification, assessment, evaluation and management of the various principal risks which affect the Group’s business; • Creation of a risk-awareness culture and risk ownership for more effective management of risks; • Regular review, track and report on key risks identified and corresponding mitigation procedures; and • Regular review the effectiveness of the system of internal control. The framework is applied to determine, evaluate and manage principal risks of the Group. This is complemented by the system of internal control that is integrated into the Group’s operations and processes. The Board through the RMC, which comprises a majority of Independent Non-Executive Directors, who reports to the Board on a quarterly basis, reviews the key risks identified to ensure proper management and mitigation of risks. The RMC, which comprises a majority of Independent Non-Executive Directors, reviews the Group’s risk management framework and risk tolerance for enterprise risks to ensure proper management and mitigation of risks. Using qualitative and quantitative measures, risks are calibrated so that balanced control processes are matched against the strategic objectives of each business unit. The Board, with the assistance of the RMC and AC, undertakes periodic reviews and a formal annual assessment on the adequacy and effectiveness of the Group’s risk management and internal control systems. The RMC reports to the Board on a quarterly basis. A risk-based audit approach is implemented to ensure that higher risk activities in each auditable area are audited more frequently. This is designed to evaluate and enhance risk management, control and governance processes to assist the Management in achieving the corporate goals. The audits further help to ensure that appropriate instituted controls are in place and effectively applied, and risk exposures are mitigated to an acceptable level in accordance with the Group’s risk management policy. The details of the Group’s Risk Management and Internal Control Framework are set out in the Statement on Risk Management and Internal Control on pages 84 to 87 of this IAR 2024. Corporate Governance Overview Statement

RkJQdWJsaXNoZXIy NDgzMzc=