Sasbadi Annual Report 2021

54 SASBADI HOLDINGS BERHAD INTERNAL AUDIT FUNCTION The Group has outsourced the internal audit function to a professional service firm, which is independent of the activities and operations of the Group, to review the adequacy of the internal control system of the Group. The outsourced internal auditors, which report directly to the Audit Committee, conducted internal control assessment on the Group in order to identify areas for improvement, besides compliance with internal best practices, guidelines and objectives. During the financial year under review, the outsourced internal auditors have carried out an internal control assessment based on the internal audit plan for the FYE 31 August 2021 as approved by the Audit Committee, covering the following subsidiaries and functional areas/sections: i. The Malaya Press Sdn Bhd, Big Tree Publications Sdn Bhd and Jinbang Publications Sdn Bhd • Sales and Marketing, in respect of new market identification processes and procedures, distributor / agent appointment processes and procedures, pricing control processes and procedures, order processing, selling and distribution expenses allocation processes and procedures, credit and accounts receivable management, goods return management, customer retention management, performance monitoring and reporting and implementation process of business development strategy • Procurement, in respect of purchasing processes and procedures, supplier evaluation and control, outsourcing processes and procedures, outsourcing evaluation and control, purchasing planning processes and procedures, purchase requisition processes, receiving and inspection processes and procedures and follow-up on goods receiving. ii. Sasbadi Holdings Berhad, MindTech Education Sdn Bhd and Sasbadi Online Sdn Bhd • Management Information Systems (including I-Learn Ace), in respect of software and hardware maintenance and management, software licensingmanagement, purchasing / disposing of computer software and hardware, database management, change request control processes and procedures, virus protection and security management, access security and data integrity management, data backup and restore policies and procedures, redemption point management, third-party contract management, performance monitoring and access management control procedures, apps application (mobile) maintenance and management and disaster recovery / business continuity planning iii. Follow-up review on previously reported audit findings to ensure weaknesses identified have been or are being addressed Upon completion of the work, the outsourced internal auditors presented their reports to the Audit Committee during the quarterly meetings whereby the outsourced internal auditors’ findings and recommendations as well as the Management’s responses and action plans were deliberated. WEAKNESSES IN INTERNAL CONTROLS WHICH RESULTED IN MATERIAL LOSSES, IF ANY During FYE 31 August 2021 and up to the date of approval for issuance of this Statement, there were no material losses incurred by the Group arising from weaknesses in its internal control system. CONCLUSION Based on the foregoing, the Board is of the view that the Group’s risk management and internal control system is adequate and effective. The Board has also received assurance from the Group Managing Director and the Group Chief Financial Officer that the Group’s risk management and internal control system is operating adequately and effectively, in all material aspects, based on the existing risk management and internal control system of the Group. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL (continued)