Frontken Berhad Annual Report 2017

32 Frontken Corporation Berhad (651020-T) ANNUAL REPORT 2017 INTERNAL CONTROL SYSTEM (cont’d) • internal policies and procedures on key business processes are formalised in writing for adherence across the Group. These policies and procedures serve as guidance to enable compliance by personnel with internal control requirements and applicable laws and regulations; • structured whistle-blower policies and procedures are formalised in writing to enable employees of the Group to raise genuine concerns about suspected improprieties on matters of financial reporting, non-compliance with laws and regulations, malpractices or unethical business conduct within the Group at the earliest opportunity and in an appropriate way without fear of reprisal; and • where issues arise that affect the reliability and integrity of financial information of any business unit, special audits are commissioned by the Audit Committee or Senior Management, as the case may be, to assist the Board in fulfilling its oversight responsibilities. INTERNAL AUDIT FUNCTION During the financial year, the internal audit function was outsourced to an independent professional firm, namely BDO Governance Advisory Sdn Bhd, a firm which has a 50-strong staff force. The appointment of the service provider followed an assessment of its suitability and capability by the Audit Committee. The internal audit team, which was helmed by 5 professionals from the firm, including the head of the team who is a member of the Malaysian Institute of Accountants and the Institute of Internal Auditors, Malaysia, conducted an assessment of the Group’s system of internal control, focusing on selected significant business units and reported its observations, including Management’s response and action plans thereto, directly to the Audit Committee. The internal audit function was also tasked to conduct a follow-up on the status of implementation by Management on the recommendations highlighted, as deemed relevant. The Audit Committee took note of the issues raised and questions were posed to Management on the timeliness of measures to address the concerns as reported. The internal audit plan for the financial year was prepared based largely on the Group’s financial information and the relative risks of the business units to the achievement of the Group’s objectives. The internal audit function adopted a risk-based and process life cycle approach in identifying auditable entities within the Group as well as the auditable areas. For the financial year ended 31 December 2017, the following 2 significant business units in Malaysia, together with the identified processes, were selected for internal audit with the Audit Committee’s concurrence: Name of business unit Processes covered by internal audit, addressing the key business risks therein Frontken (Singapore) Pte Ltd • Sales to receipts (including credit control) • Procure to pay (including expenses management) • Fixed assets management (including maintenance and spare part management) Frontken (East Malaysia) Sdn Bhd • Sales to receipt (including credit control) • Procure to pay (including expenses management) • Fixed assets management (including maintenance and spare part management) Detailed internal audit tests were carried out by the internal audit function to assess the adequacy and operating effectiveness of the Group’s system of internal controls in achieving business objectives. Transactions and activities were selected for testing on a sample basis. Internal audit observations on systems weakness and areas for improvement, including recommended mitigating measures to address the concerns raised, were included in internal audit reports presented to the Audit Committee. Further details of the internal audit function and its activities are provided in the Audit Committee Report included in this Annual Report. For the financial year ended 31 December 2017, the Audit Committee reviewed the work of the internal audit function, its observations and recommendations in order to obtain assurance on the adequacy and effectiveness of the Group’s risk management and internal control system. The total cost incurred for the outsourced internal audit function for the financial year under review amounted to approximately RM68,000 (2016: RM115,000). Statement On Risk Management And Internal Control (cont’d)