Annual Report - QuamIR
Annual Report - QuamIR
Annual Report - QuamIR
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Corporate Governance <strong>Report</strong> (Continued)<br />
<br />
Control processes<br />
The Board establishes and maintains a sound internal control system through<br />
the following major processes:<br />
<br />
<br />
<br />
(i) Systems and procedures are in place to identify and measure risks on<br />
an ongoing basis. Senior management reviews and defines the risk<br />
assessment process and monitor the progress of risk mitigation plans.<br />
(i) <br />
<br />
<br />
(ii) An organization structure with defined lines of responsibility and<br />
delegation of authority is devised.<br />
(ii) <br />
(iii) The Board reviews its strategic plans and objectives on an annual basis.<br />
(iii) <br />
(iv) Financial performance is analysed against budget with variances being<br />
accounted for and appropriate actions are taken to rectify deficiencies.<br />
(iv) <br />
<br />
(v) Policies and procedures on key control activities are established to ensure<br />
management directives are carried out.<br />
(v) <br />
<br />
(vi) Ranges of activities including approvals, authorization, verifications,<br />
recommendations, performance reviews, asset security and segregation<br />
of duties are identified and implemented.<br />
(vi) <br />
<br />
<br />
(vii) The ICRM Department conducts independent reviews on the effectiveness<br />
of the Group’s internal control system and tests key business processes<br />
and controls in accordance with its audit plan, including following up the<br />
implementation of management actions. The ICRM Department reports<br />
directly to the Audit Committee and the CEO and has direct access to the<br />
Board through the Audit Committee.<br />
Review of internal control effectiveness<br />
The Board is responsible for maintaining sound and effective internal<br />
control system for the Group and for reviewing its effectiveness. The ICRM<br />
Department reports on reviews of the business processes and control<br />
activities, including action plans to address any identified control weaknesses.<br />
The management evaluates and conducts assessments of the overall internal<br />
control and risk management systems, with action plans to make further<br />
improvement. External auditors also report on any control issues identified in<br />
the course of their work. Taking these into consideration, the Audit Committee<br />
reviews the effectiveness of the Group’s internal control system at least once<br />
each year and reports to the Board on such reviews.<br />
(vii) <br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
•<br />
23