35
Datasonic Group Berhad
(Company No. 809759-X)
INTRODUCTION
Principle 6 of theMalaysian Code of CorporateGovernance 2012 states the Board of Directors (“the Board”)
should establish a sound risk management framework and internal control system. In conjunction with this
principle, Paragraph 15.26(b) of theMain Market Listing Requirements (“MMLR”) of BursaMalaysia Securities
Berhad (“Bursa Malaysia”) stipulates that a listed issuer must ensure that its Board makes a statement with
regard to the state of risk management and internal control of the listed issuer as a group in its annual report.
The Board and the Management uphold their ongoing commitment to establish and implement a sound
system of risk management and internal controls system to safeguard the shareholders’ investments and
the Group’s assets. The efforts to embed the risk management and controls framework into the culture,
processes and structures of the Group continued to emerge and evolve on a progressive basis during the
financial period ended 31 March 2015 and up to the date of approval of this statement for inclusion into
the Annual Report. In recognition of this responsibility, the Board hereby issues this Statement in accordance
with the
Statement on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers
(“Guidelines”).
BOARD’S RESPONSIBILITY
The Board recognises the importance of sound risk management and internal control systems to ensure the
reliability and integrity of financial and operational information, effectiveness and efficiency of operations
and programs, safeguarding of assets and compliance with laws, regulations, policies, procedures and
contracts. Hence, the Board with the assurance from the Executive Directors and Management affirms its
overall responsibilities for the Group’s risk management and internal control systems. To fulfil these duties,
the Board acknowledges the need to establish on-going processes and provides its oversight functions
in identifying, evaluating and managing the significant risks faced by the Group and to regularly review
these processes in conjunction with the Guidelines for continuous improvement in both areas.
The Board acknowledges the limitations that are inherent in any risk management and internal control
system. As such the systems designed are meant to manage and mitigate the extent and severity of the
risks, rather than eliminate risks. Consequently, the Board recognises that a sound internal control system
provides reasonable but not absolute assurance that the Group will not be hindered in achieving its business
objectives in the ordinary course of business.
RISK MANAGEMENT PROCESS
Although there is no Risk Management Committee and Risk Management Department established during
the financial period under review, the Board has adopted an Enterprise Risk Management Framework (“ERM
Framework”) in February 2014. The ERM Framework essentially outlines the Group’s overall risk management
objectives which is to ensure that the Group creates value for its shareholders whilst minimising potential
adverse effects on its financial position and performance.
Further, the internal audit function has a role to provide some comfort to the Board on the adequacy and
effectiveness of the risk management practices of the Group by adopting a risk-based audit approach
and focusing on the key risks areas to determine the auditees and auditable areas. Hence, the Executive
Directors and the Management are responsible to create an awareness culture on the importance of
effective internal control and risk management systems and to ensure that the underlying principles are
embedded in key operational processes. Even though the processes were not undertaken in a formalised
manner, theManagement asserts that there has been an on-going process of risk management throughout
the financial period and the key risks involved were in fact reviewed by the Management in the course
of managing the business activities.
STATEMENT ON RISK MANAGEMENT
AND INTERNAL CONTROL
