Change - S P Setia Berhad
Change - S P Setia Berhad
Change - S P Setia Berhad
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
60<br />
Annual report 2008<br />
Internal Control<br />
Statement<br />
Board Responsibility<br />
The Board acknowledges that it is responsible for the Group’s system of internal control and for reviewing its adequacy and integrity.<br />
The system is designed to provide reasonable assurance of effective operations and compliance with laws and regulations. The Board<br />
ensures the effectiveness of the system through regular reviews.<br />
The system of internal control is designed to manage rather than eliminate the risk of failure to achieve business objectives, and as<br />
such, can only provide reasonable but not absolute assurance against material misstatement or loss.<br />
Risk Management<br />
The Board is pleased to disclose that there is an ongoing process for identifying, evaluating and managing significant risks faced by<br />
the Group throughout the financial year.<br />
The said process is regularly reviewed by the Board and accords with the Statement of Internal Control – Guidance for Directors of<br />
Public Listed Companies.<br />
Internal Control<br />
The Board summarises below the process applied in reviewing the adequacy and integrity of the system of internal control:<br />
a) The Board has appointed the Audit Committee to examine the effectiveness of the Group’s system of internal control on<br />
behalf of the Board. This is accomplished through the review of the Group Internal Audit Department’s work, which focused<br />
on areas of priority as identified by risk analysis and in accordance with the annual audit plan approved by the Audit<br />
Committee.<br />
b) The Group’s Risk Management Framework is outlined in the Risk Management Policy. The Group has a Risk Management<br />
Committee who reports to the Board on quarterly basis on all major risk areas. The Risk Management Committee coordinates<br />
the overall risk management activities within the Group.<br />
c) The framework of the Group’s system of internal control and key procedure include:<br />
• There is in place an organisation structure, which formally defines lines of responsibility and delegation of authority.<br />
• Key functions such as finance, tax, treasury, corporate, legal matters and contract awarding are controlled centrally.<br />
• There is a strategic planning, annual budgeting and target-setting process, which includes forecasts for each area of<br />
business with detailed reviews at all levels of operations. The Board reviews and approves the annual budget.<br />
• Actual performance compared with budget is reviewed with detailed explanation of any major variances.<br />
• The Executive Directors meet on a monthly basis with all Divisional Heads and Business Unit Heads to consider the<br />
Group’s financial performance, business development, management and corporate issues.<br />
• Standard Operating Procedures which include policies and procedures within the Group are in place.<br />
• The Divisional Heads and Business Unit Heads determines the applicability of the risk monitoring and reporting<br />
procedures and is responsible for the identification and evaluation of significant risks applicable to their areas of<br />
business together with the design and operation of suitable internal controls.<br />
• Corporate values, which emphasise on ethical behaviour, quality products and services are set out in the Group’s<br />
Employee Handbook.<br />
The Group’s system of internal control does not apply to Associate Companies where the Group does not have full management and<br />
control over them.