Datasonic Group Berhad
(Company No. 809759-X)
49
STATEMENT ON RISK MANAGEMENT
AND INTERNAL CONTROL
INTRODUCTION
Principle 6 of theMalaysian Code of CorporateGovernance 2012 states the Board of Directors (“the Board”)
should establish a sound risk management framework and internal control system. In conjunction with this
principle, Paragraph 15.26(b) of theMain Market Listing Requirements (“MMLR”) of BursaMalaysia Securities
Berhad (“Bursa Malaysia”) stipulates that a listed issuer must ensure that its Board makes a statement with
regard to the state of internal control of the listed issuer as a group in its annual report.
As the Group operates in a dynamic and cyclical business environment in which risk management and
internal control system must be responsive in order to be able to support its business objectives, the Board
and the Management uphold their ongoing commitment to maintain and continuously improve the
Group’s risk management and internal controls system to safeguard the shareholders’ investments and
the Group’s assets.
The efforts to embed the risk management and controls framework into the culture, processes and structures
of the Group continued to emerge and evolve on a progressive basis during the financial year ended
31 March 2016 and up to the date of approval of this Statement for inclusion into the Annual Report. In
recognition of this responsibility, the Board hereby issues this Statement in accordance with the Statement
on Risk Management and Internal Control: Guidelines for Directors of Listed Issuers (“Guidelines”).
BOARD’S RESPONSIBILITY
The Board recognises the importance of sound risk management and internal control systems to ensure the
reliability and integrity of financial and operational information, effectiveness and efficiency of operations
and programs, safeguarding of assets and compliance with laws, regulations, policies, procedures and
contracts. Hence, the Board with the assurance from the Executive Directors and Senior Management
affirms its overall responsibilities for the Group’s risk management and internal control systems. To fulfil
these duties, the Board acknowledges the need to establish on-going processes and provides its oversight
functions in identifying, evaluating and managing the significant risks faced by the Group and to regularly
review these processes in conjunction with the Guidelines for continuous improvement in both areas.
The Board acknowledges the limitations that are inherent in any risk management and internal control
system. As such the systems designed are meant to manage and minimise the extent and severity of the
risks, rather than eliminate the risks of failure of achieving the Group’s objectives. Consequently, the Board
recognises that a sound internal control system provides reasonable but not absolute assurance that the
Group will not be hindered in achieving its business objectives in the ordinary course of business.
Further, the internal audit function plays a vital role to provide some comfort to the Board on the adequacy
and effectiveness of the risk management practices of the Group by adopting a risk-based approach
and focusing on the key risks areas to determine the auditees and auditable areas. During the financial
year ended 31 March 2016, the adequacy and effectiveness of internal controls were reviewed by the
Audit Committee in relation to the internal audits conducted by the Internal Audit Department (“IAD”) on
a quarterly basis. Audit issues and actions taken by the Management to address the shortcomings raised
by the IAD were deliberated and accepted during the Audit Committee meetings. Minutes of the Audit
Committee meetings which recorded these deliberations and decisions were subsequently presented to
the Board.