Wah Seong Corporation Berhad Annual Report 2017

GOVERNANCE WAH SEONG CORPORATION BERHAD ANNUAL REPORT 2017 60 KEY ELEMENTS AND PROCESSES ON RISK MANAGEMENT AND INTERNAL CONTROLS The key elements and processes that have been established in reviewing the adequacy and effectiveness of the risk management and internal control system include the following:- RISK MANAGEMENT The risk management framework, which is embedded in the management system of the Group, clearly defines the authority and accountability in implementing the risk management process and internal control system. The Management assists the Board in implementing the process of identifying, evaluating and managing significant risks applicable to their respective areas of business and in formulating suitable internal controls to mitigate and control these risks. The business development team is responsible for assessing and evaluating the feasibility and risk impact the prospective investments would have on the Group. For ongoing business operation, the Management is required to identify and document all possible risks that can affect their achievement, taking into consider the effectiveness of controls that are capable of mitigating such risk. During the quarterly meeting, the significant risk of business units were presented to the RMC for their deliberation. INTERNAL AUDIT FUNCTION The Internal Audit Function reports directly to the Audit Committee (“AC”). The responsibility of the Internal Audit Function is to evaluate the adequacy and effectiveness of risk management, control, governance processes, report on inadequacies and make recommendations for improvements. Follow-up reviews are undertaken on audit observations to ensure that management actions have been effectively implemented or that senior management has accepted the risk of not taking action. The results and conclusions noted from these engagements are tabled at the Audit Committee Meetings for deliberation. The annual internal audit plan is reviewed and approved by the AC. The Internal Audit Function is in conformance with the Definition of Internal Auditing, the Code of Ethics and the International Standards for the Professional Practice of Internal Auditing, which are issued by The Institute of Internal Auditors. OTHER KEY ELEMENT ON INTERNAL CONTROL SYSTEM Internal control processes which are embedded for effective Group’s operations includes: • Clear organisational structure and financial authorisation limits are clearly defined; • Group policies, including Principles of Business Conduct and Whistle Blowing Policy and Standard Operating Procedures to ensure compliance with internal controls, relevant laws and regulations; • Annual business plans of all Business Units are reviewed and approved by the respective Divisional Executive Committee; • Group budgets are reviewed and approved by the Board; • Regular Executive Committee meetings at Business Units are held to review the operational and key performance indicators against the approved budget; • Utilisation of contract tendering and evaluation process for large projects; and • Weekly report on Group’s cash position is monitored by Group Treasury. Periodic site visits to operating units are undertaken by the members of the Executive Committee and/or the members of the Board whenever deemed appropriate. The Group’s system of risk management and internal control applies principally to Wah Seong Corporation Berhad and its subsidiaries. Associate companies and joint ventures have been excluded because the Group does not have full management control and/or majority Board representation. STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL