Annual Report 2017
STATEMENT ON RISK MANAGEMENT
AND INTERNAL CONTROL
Reported on a quarterly basis to the Audit Committee the achievement of the audit plan and status of resources of the
Group internal audit function.
Conducted regular follow-up and monitoring on the implementation of recommendations made by the Group internal
audit function to ensure that appropriate corrective actions are taken on a timely basis or within agreed timelines.
Liaised with the external auditors to maximise the use of resources and for effective coverage of the audit risks.
Reviewed the procedures relating to related party transactions entered into by the Group to ensure that the related party
transactions have been conducted on the Group’s normal commercial terms and are not to the detriment of the Group’s
Preparation of Audit Committee Report and Statement on Risk Management and Internal Control for the Company’s 2016
During the financial year, a total of 14 reports comprising planned assignments and investigation report were issued. The areas
reviewed included the control environment, risk management, revenue assurance, procurement, finance, human resource,
occupational safety and health and regulatory compliance and operations.
The total cost incurred by GIA in discharging its internal audit function in respect of the financial year ended 31 March 2017 was
ENTERPRISE RISK MANAGEMENT (“ERM”)
Risk management is regarded by the Board as an important aspect of the Group’s diverse and growing operations with
the objective of maintaining a sound internal control system. To this end, the Group has established the appropriate risk
management infrastructure to ensure that the Group’s assets are well-protected and shareholders’ value enhanced.
The Audit Committee and the Board is supported by a Risk Management Committee (“RMC”). The RMC identifies and
communicates to the Audit Committee and the Board the present and potential critical risks the Group faces, their changes
and the Management action plans to manage these risks. The RMC convenes meeting on a yearly basis to review the key risk
profiles and submit a summary reporting to the Audit Committee. The RMC is entrusted with the responsibility of implementing
and maintaining the ERM framework to achieve the following objectives:
communicate the vision, role, direction and priorities to all employees and key stakeholders;
identify, assess, treat, report and monitor significant risks in an effective manner;
enable systematic risk review and reporting on key risks, existing control measures and any proposed action plans; and
create a risk-aware culture and building the necessary knowledge for risk management at every level of Management.
Board of Directors
Risk Management Committee
Risk Management Unit
Group Support Function
Group Internal Audit