Annual report 2014
37
INTERNAL AUDIT FUNCTION
The Group has established an internal audit function as a key component of its internal control appraisal process.
The Group Internal Audit (“GIA”) reports independently to the ARC and is guided by a formalised Internal Audit
Charter.
The main responsibility of the GIA function is to undertake independent assessments on the adequacy and
effectiveness of internal controls pertaining to key areas as below:
• Reliability and integrity of financial and operational information;
• Effectiveness and efficiency of operations;
• Safeguarding of assets; and
• Compliance with applicable laws, and regulations
In attaining this, the GIA undertakes Internal Audit reviews for the Group based on an annual internal audit
plan approved by the ARC. The GIA has also incorporated a structured internal audit rating methodology that
appraises an overall rating of an audit report by a scoring system. The said system conveys the management
and the ARC a consistent and concise assessment of the net risk posed by the area or function being reviewed.
The results of all internal audit reviews together with recommendations are presented to the management for
discussion and agreement on necessary corrective action plans. At each ARC meeting, the Head of Internal
Audit updates the ARC of the status of ongoing audits and where appropriate, presents internal audit reports
and observations. Relevant management are invited to be present to during such presentations. Periodic follow
up audits are also performed by the GIA in ensuring corrective actions arising from the previous internal audit
findings were implemented accordingly.
During FY2014, the major activities undertaken by the internal audit function were as follows:
• Developed an annual internal audit plan.
• Continuous monitoring of the Group’s compliance with the MCCG Guide.
• Reviewed the adequacy and effectiveness of internal controls pertaining to key business processes of
the group’s subsidiaries with specific emphasis on of e-pay Asia Limited (“e-pay”) as the newly acquired
subsidiary. Key areas audited include fixed assets management, human resource management and
inventory control.
• Engaged third party service providers and consultant for an end-to-end process improvement review of the
inventory management for e-pay.
• Followed up on the implementation of recommendations adopted by Management to ensure all key issues
identified are addressed.
• Assisted the Committee and RMC in risk management function and facilitated Group risk assessment.
• Carried out one special ad-hoc investigation review as requested by the ARC.
In ensuring the GIA staff remains competent and abreast with the latest developments on the auditing standards,
reasonable budget were allotted during the course of the year in order to attend briefings, conferences and
seminars mainly organised by the Institute of Internal Auditors Malaysia.
The total cost incurred by GIA in discharging its functions and responsibilities, in respect of the financial year was
approximately RM111,813.
Audit and risk
Committee Report
