PRG Holdings Berhad Annual Report 2018

49 iii. Monitor the progress of action plans and review the business risks from time to time. RMT will closely monitor the outcome of the implementation of the controls and action plans carried out by the various levels of management and will re-evaluate the risks and formulates new mitigating strategy if the desired results are not achieved. • Risk Reporting Risk management review is conducted every quarter. Significant risks identified by RMT are reported to RMC, Audit Committee and the Board during quarterly meetings. The internal auditors provide an independent assessment of the adequacy and reliability of the operational risk management processes and report its findings to the Audit Committee. Internal Audit Function The Group has an in-house internal audit department for the Manufacturing Division that carries out regular reviews of the Division’s operations and system of internal control by examining and evaluating business processes to determine the adequacy and efficiency of financial and operating controls, and highlighting significant risks and non-compliance impacting the Group. Where applicable, the internal audit department provides recommendations to improve the effectiveness of risk management, controls and governance processes. The internal audit functions for the Corporate, Property Development & Construction and Healthcare Divisions was outsourced to an independent consulting firm who performs the audit in accordance with the Internal Auditors’ International Standards for the Professional Practice of Internal Auditing for Internal Control Review to assess the adequacy and integrity of the Group’s risk management. The Internal Auditor reports directly to the Audit Committee on improvement measures pertaining to internal control, including subsequent follow-up to determine the extent of their recommendations that have been implemented by the Management. Periodic audit reports and status on follow up actions are submitted to the Audit Committee, who reviews the findings with Management at its quarterly meetings. The Management is responsible for ensuring that corrective actions to control weaknesses are implemented within a defined time frame. The status of implementation is monitored through follow-up audits which are also reported to the Audit Committee. The Audit Committee reviews the internal audit function, the scope of the annual internal audit plan, as well as the findings within its scope of responsibilities. The Audit Committee meets at least four (4) times a year with the Board to discuss significant issues found during the internal audit process and makes the necessary recommendations to the Board. In the financial year under review, the following functions’ processes and/or identified key risk areas of the Group’s operations were reviewed by the Internal Auditors: Manufacturing Division: • Production & quality control including compliance with Environmental & Safety & Health Regulations • Human resource • Purchasing • Inventory • Sales, credit control & account receivables • Finance and Information Technology • Inventory costing (covering raw materials, work-in-progress & finished goods) • Annual stock check • Related party transaction including recurrent related party transactions statement on risk management and internal control (continued) PRG HOLD I NGS BERHAD