GOVERNANCE INTERNAL AUDIT FUNCTION The Group has engaged Vaersa, an outsourced independent internal audit service provider, to complement the inhouse internal audit team. This dual approach ensures a robust and independent evaluation including the effectiveness and adequacy of the Group’s internal control systems. This structure provides the RMC, AC, and the Board with reasonable assurance regarding the scope, operational agility, and resource adequacy of the internal audit function. The internal audit process adopts a risk-based methodology to assess the internal controls established by Management. During FY2025, audit engagements included: • Interviews and consultations with key management personnel; • Comprehensive reviews of established policies, procedures, and discretionary authority limits; and • Substantive testing of the internal controls on a sample basis. The results of these internal audit reviews, including action plans to address identified weaknesses and recommendations for enhancements, are reported to the AC, who then provides a detailed report to the Board. The internal audit activities for FY2025 were executed in accordance with the annual audit plan approved by the AC. The scope of business process audits encompassed: • Logistics Department • Telemarketing Department • Human Resources Department • Industrial Relations Department • Information Technology Department • Operation Department Findings and recommendations for process enhancements were discussed and addressed with Senior Management and subsequently presented to the AC during quarterly meetings. The AC, in turn, apprises the Board of significant matters and the progress of remediation plans. The audit process did not identify any significant control weaknesses, providing reasonable assurance that the Group’s internal control systems remain effective in safeguarding assets and managing organisational risks. Based on the internal audit reviews conducted, no significant control weaknesses were identified that resulted in material losses, contingencies, or uncertainties that require separate disclosure in this IAR2025 The total costs incurred for the internal audit function for FY2025 amounted to approximately RM30,000. To maintain strict independence, Vaersa met with the AC on 27 February 2025, 20 May 2025, 22 August 2025 and 19 November 2025. These sessions included private discussion held without the presence of executive Board members and Senior Management to facilitate an open dialogue on audit-related matters. OTHER KEY ELEMENTS OF INTERNAL CONTROLS The following are the key elements of the Group’s internal control systems: i. Quarterly review of the financial performance: The AC and the Board conduct quarterly reviews of the Group’s financial performance to ensure transparency, accuracy, and alignment with strategic objectives. ii. Clearly defined reporting and responsibility structures: The Group maintains well-defined lines of reporting and responsibility, ensuring accountability and effective communication across all levels of the organisation. iii. Operations review meetings: Regular operations review meetings are held to monitor the progress of business operations, address significant issues, and implement corrective measures in a timely manner. RISK MANAGEMENT AND INTERNAL CONTROL STATEMENT (cont’d) 187
RkJQdWJsaXNoZXIy NDgzMzc=