Datasonic Group Berhad Annual Report 2021

2021 ANNUAL REPORT 79 STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL INTRODUCTION Board of Directors The Board recognises the importance of sound risk management and internal control system to ensure the reliability and integrity of financial and operational information, effectiveness and efficiency of operations, safeguarding of assets and compliance with laws, regulations, policies, procedures and contracts. Hence, the Boardwith the assurance from the Executive Directors and Management affirms its overall responsibilities for the Group’s risk management and internal control system. The oversight of these critical areas is carried out by the Audit Committee (“AC”) and Risk Management Committee (“RMC”) which are empowered by their respective terms of reference to provide oversight and perform regular reviews on the risk management and internal control systems to meet the Group’s objectives and for continuous improvement thereof. The Board acknowledges the limitations that are inherent in any risk management and internal control system. As such the systems designed are meant to manage and minimise the extent and severity of the risks, rather than to completely eliminate the risks of failure of achieving the Group’s objectives and strategies. Consequently, the Board recognises that a sound internal control system provides reasonable but not absolute assurance that the Group will not be hindered in achieving its business objectives in the ordinary course of business. Executive Directors and Management Executive Directors and Management are accountable to the Board and responsible for implementing the processes of identifying, evaluating, monitoring and reporting of risks and the effectiveness of internal control systems, taking appropriate and timely corrective actions as required. Regular reports on risks identified and actions taken to mitigate and / or minimise such risks and gaps in the internal control systems, if any, are presented to the AC and RMC and ultimately to the Board. The Executive Directors and Management have assured theBoard that theGroup’s risk management and internal control systems are operating adequately and effectively in all material aspects, based on the risk management framework and internal control systems adopted by the Group. Risks are managed by ensuring adequate controls and mitigation plans are in place and ensuring improvements are made as and when the needs arise. Risk Management Function The risk management function assists the RMC in discharging their risk management responsibilities. The risk management function comprises of Risk Facilitators who reports functionally to the RMC and administratively to the Managing Director and Deputy Managing Director. The risk management function facilitates periodical operational risk reviews, to act as the central contact and guide for clarification of Enterprise Risk Management (“ERM”) practices and issues within the Group, coordinate the risk management activities routinely among the various business units, monitoring progress of risk mitigation plans, and supervises ERM policy implementation within the Company. Internal Audit Department The Internal Audit Department (“IAD”) plays a role to provide some comfort to the Board on the adequacy and effectiveness of the risk management practices of the Group by adopting a risk-based audit approach and focusing on the key risk areas to determine the auditees and auditable areas. If necessary, the auditable areas are modified periodically to reflect any change and development in prevailing risk prioritisations and business concerns. A description of IAD’s activities for the financial year ended 31 March 2021 is available in the Audit Committee Report included in this Annual Report. RESP NSIB LITIES