Internal Audit Function (Cont’d) PKF serves as an important source of reasonable assurance and advice for the BARC concerning areas of weaknesses or deficiencies in internal control processes to facilitate appropriate remedial improvements by the Management. PKF also carries out investigative audits where required. The appointed internal auditor independently and objectively reviews the effectiveness of the internal control structures over the Group activities focusing on high-risk areas as determined using a risk-based approach. All high-risk activities in each auditable area are audited annually following the BARC-approved Internal Audit Plan. The audit reports which provide the findings and results of the audit conducted are discussed with the Management and presented to the BARC for review and deliberation. Key control issues, significant risks, and recommendations are highlighted, along with Management’s responses and action plans for improvement and/or rectification, where applicable. The BARC executes its oversight function by reviewing and deliberating on the audit issues, audit recommendations as well as Management’s responses to these recommendations. Where appropriate and applicable, the BARC directed the Management to take cognizance of the issues raised and established necessary steps to strengthen the system of internal control based on PKF’s recommendations. To ensure effective management and independence of BARC, the BARC is empowered by its TOR to: (a) Convene meetings with the Internal Auditor without the attendance of any executive, whenever deemed necessary. (b) Approve, then inform the Board of the appointment of the Internal Auditor; and (c) Review and assess the performance of the Internal Auditor. The BARC is satisfied that the PKF has been effective and able to discharge its duties and responsibilities. Risk Management Risk management remains the responsibility of the Board. The BARC has delegated responsibility to keep under review the adequacy and effectiveness of the Company’s internal financial controls and the internal control and risk management system. Risk management is reviewed at the BARC and the Board meetings as part of the formal Board process. The Board has identified and evaluated the significant risks faced by the REIT in delivering its strategy. Details of the principal risks identified are set out in the MDNA on pages 34 to 37 of the 2023 Annual Report. The BARC meets quarterly specifically to review the effectiveness of the Group’s risk management and internal control systems and to review the risks identified and the progress of actions taken to manage the risks. Following the review, progress and actions are reported to the Board. The Enterprise Risk Management Committee (ERMC) supports the BARC in implementing, monitoring, and assessing the mitigation actions of the identified risks. The Board is satisfied that the BARC has demonstrated an appropriate level of vigilance and diligence towards, among others, the detection of any financial anomalies or irregularities in the financial statement. The full details of the BARC activities in 2023 are elaborated in the Annual Report on pages 118 to 124. PRINCIPLE B: EFFECTIVE AUDIT AND RISK MANAGEMENT (CONT’D) CORPORATE GOVERNANCE OVERVIEW STATEMENT 109 CORPORATE GOVERNANCE 1 2 3 5 6 AL-`AQAR HEALTHCARE REIT ANNUAL REPORT 2023
RkJQdWJsaXNoZXIy NDgzMzc=