CORPORATE GOVERNANCE OVERVIEW STATEMENT Cont’d PRINCIPLE B: EFFECTIVE AUDIT AND RISK MANAGEMENT cont’d I. Audit Committee cont’d Internal Audit Function cont’d The AC is responsible to assist the Board in ensuring the adequacy and effectiveness of internal controls. The system of internal control and risk management in place during 2022, is sound and sufficient to safeguard the Group’s assets, as well as shareholders’ investments and the interests of all stakeholders. The activities of the AC are further detailed in the AC Report on pages 66 to 71 of this Annual Report. II. Risk Management and Internal Control Framework The Board has ultimate responsibility for reviewing the Company’s risks, approving the risk management framework and policies and overseeing the Company’s strategic risk management and internal control framework to achieve its objective within an acceptable risk profile as well as safeguarding the interest of stakeholders including shareholders and the Group’s assets, balancing growth with sustainability. The Group has put in place an Enterprise Management Framework which comprises the following elements: - Provide guiding principles and approach towards strategic and operational risk management; - Process of identification, assessment, evaluation and management of the various principal risks which affect the Group’s business; - Creation of a risk-awareness culture and risk ownership for more effective management of risks; - Regular review, track and report on key risks identified and corresponding mitigation procedures; and - Regular review of the effectiveness of the system of internal control. The framework is applied to determine, evaluate and manage principal risks of the Group. This is complemented by the system of internal control that is integrated into the Group’s operations and processes. The Board through the RMC, which comprises a majority of Independent Non-Executive Directors, reviews the key risks identified via quarterly reports by the RMC, to monitor the management and mitigation of risks. The RMC reviews the Group’s risk management framework and risk tolerance for the enterprise risks. Using qualitative and quantitative measures, risks are calibrated so that balanced control processes are matched against the strategic objectives of each business unit. The Board, with the assistance of the RMC and AC, undertakes periodic reviews and a formal annual assessment on the adequacy and effectiveness of the Group’s risk management and internal control systems. A risk-based audit approach is implemented to ensure that higher risk activities in each auditable area are audited more frequently. This is designed to evaluate and enhance risk management, control and governance processes to assist the Management in achieving its corporate goals. The audits further help to ensure that appropriate instituted controls are in place and effectively applied, and risk exposures are mitigated to an acceptable level in accordance with the Group’s risk management policy. The details of the Group’s Risk Management and Internal Control Framework are set out in the Statement on Risk Management and Internal Control on pages 72 to 75 of this Annual Report. PRESS METAL ALUMINIUM HOLDINGS BERHAD 61
RkJQdWJsaXNoZXIy NDgzMzc=