GHL System Berhad Annual Report 2018

G H L S y s t e m S B e r h a d ( 2 9 3 0 4 0 - D ) 44 STAT EMENT ON R I SK MANAGEMENT AND I NT ERNA L CONTROL C O N T ’ D KEY INTERNAL CONTROL PROCESSES (cont’d) 2. Monitoring and Reporting Monthly management meetings are chaired by the Group CEO and led by the respective Country Heads for various lines of operations and business units, on key business performance, operating statistics and regular matters. This enables effective monitoring of significant variances and deviation from standard operating procedures and budget. The Board is also kept appraised of the Company’s performance during the scheduled board meetings with the Company’s business performance and plans being reviewed and deliberated. 3. Policies and Procedures The Group has defined and documented internal policies and standard operating procedures to ensure inter alia sound internal controls are implemented and compliance with applicable laws and regulations. The policies and procedures are also being reviewed on a regular basis to ensure its relevance and effectiveness; in which Group Internal Audit ("GIA") function carried out a review on the Group’s operations policies and procedures. 4. Internal Audit Function As part of the Group’s efforts to establish a sound framework for risk management and internal control, an in- house audit function is established as a key component of its internal control processes. The Group Internal Audit reports independently to the ARC and is guided by a formalised Internal Audit Charter and the Institute of Internal Auditor’s International Professional Practice Framework. Acting as the third layer of defence in internal control, the GIA undertakes internal audit reviews for the Group based on an annual internal audit plan approved by the ARC. The results of all internal audit reviews, together with the findings and recommendations, are presented to Management for discussion and formulation of the necessary corrective action plans prior to finalisation of the internal audit reports. At each ARC meeting, the Head of Internal Audit updates the ARC of all the status of ongoing audits, and when appropriate relevant parties are invited to be present during such presentations. The GIA is headed by Mr. Liow Tien Chin, a member of Certified Practising Accountant (CPA) Australia and Chartered Member of The Institute of Internal Auditors Malaysia, with more than 10 years of experience in the profession. GIA department is supported by a reasonable workforce whom possesses the relevant qualification and experience and has adequate resources to fulfil the internal audit plan for the next financial year. ARC is satisfied that the internal audit personnel are free from any relationship or conflict of interest, which could impair their objectivity and independence and that the audit programme for the financial year under review was carried out by the Internal Auditors as planned. 5. Risk Management a. Risk Management Committee (“RMC”) The RMC was established by the Board in 2012 as a key component of the Risk Management Framework. The RMC, which is headed by the Group’s Chief Executive Officer (“CEO”), comprises the Group’s Chief Financial Officer (“CFO”) and Country Heads from each country. The responsibilities of RMC are as follow:- • To identify and assess, on an ongoing basis, the risks faced by the Group and thereafter to design and implement appropriate risk management processes and internal controls to address or mitigate such risks in an effective manner; • To periodically assess and review the continued effectiveness and appropriateness of risk management processes; • To determine and recommend to the Board the Group’s risk appetite and tolerance; • To continuously promote an effective risk awareness culture throughout the Group with written policies and other forms of communication to employees and stakeholders; and • To be accountable and periodically report to the Board, through the ARC, for the design, implementing and monitoring of the risk management system.