Annual Report 2017
STATEMENT ON RISK MANAGEMENT
AND INTERNAL CONTROL
In the case where reporting to management is a concern, then the report should be made to the Chairman of Audit Committee.
Channel of reporting to the Chairman of Audit Committee is as follows:
Encik Azizan Bin Mohd Noor
Mark: Strictly Confidential
Kumpulan Fima Berhad
Suite 4.1, Level 4, Block C
No. 45, Jalan Medan Setia 1
Bukit Damansara, 50490 Kuala Lumpur
Attention: Chairman of Audit Committee
The above mechanism protects employees and stakeholders who contemplate to “blow the whistle” against victimisation or
harassment. The confidentiality of all matters raised and the identity of the whistleblower are protected under the policy.
The key processes that the Board has established in reviewing the adequacy and integrity of the system of internal control and
risk management systems include the following:
4.1 Operational and follow-up audits are conducted throughout the financial year based on approved annual audit plan to
provide reasonable assurance that the systems of internal controls and its framework, and governance processes put
in place by Management continue to operate satisfactorily, effectively, to add value and improve the Group’s business
4.2 The Heads of Divisions meet on a monthly basis to consider Group’s financial performance, internal audit reports,
business development, legal/litigation, operational, and corporate issues.
4.3 There is a budgeting and forecasting system. Each line of business submits a business plan annually for approval by the
Board. The results of the lines of businesses are reported monthly and variances are analysed against budget and acted
in timely manner. The Group’s strategic directions are also reviewed annually taking into account changes in market
conditions and significant business risks.
4.4 The periodic and streamlining review of limits of authority and other standard operating procedures within the Group
provides a sound framework of authority and accountability within the organisation and to facilitate quality, well informed
and timely corporate decision making at the appropriate level in the organisation’s hierarchy.
4.5 The compliance function, which includes the Audit Committee and internal audit function, assists the Board to oversee
the management of risks and review the effectiveness of internal controls. The Committee reviews reports of the Group
Internal Audit Department (“GIA”) and also conducts annual assessment on the adequacy of the GIA’s scope of work.
4.6 The Audit Committee, on behalf of the Board, regularly reviews and holds discussions with the Management on the
actions taken on internal control issues identified in the reports prepared by the GIA, external auditors and Management.
Minutes of the Audit Committee meetings are tabled to the Board.