img
Statement on Internal Control
Key Processes of Internal Control
Introduction
The key processes of Internal Control are summarised as follows:
This Statement on Internal Control by the Board of
Directors is made pursuant to Bursa Malaysia Listing
An organisational structure that lays down clear lines of
u
responsibility and reporting.
Requirement with regard to the Group's compliance with
Real-time budgetary control, where actual performance is regularly
u
the principles and best practices for internal control as
monitored against budgets and variances are investigated.
The Group Procedures and Authorities Manual, which sets out the
u
provided in the Malaysian Code of Corporate Governance
operating control procedures pertaining to finance, accounting,
("the Code").
credit control, human resources, procurements and inventory. The
control procedures, inter alia, include setting limits for approving
expenditure and procurements.
The Board of Naim believes in good corporate governance and
The Staff Handbook, which sets out general employment terms and
managing the affairs of the Group in accordance with the Code. In
u
the Group's corporate code of ethics.
addition, the Board believes that it is very much the voluntary good
A quality management system requiring the management and staff
behaviour and credibility of the Board which will create a good
u
of the Group's principal operating subsidiary, Naim Land Sdn. Bhd.
governance culture for the entire organization and its business partners.
(formerly known as Naim Cendera Sdn. Bhd.) (accredited with ISO
Responsibility
9002 Certification since 2000), to adhere to a set of well-established
standard operating procedures covering all major critical processes.
The Board acknowledges its responsibilities for maintaining a sound
Surveillance audits are conducted yearly to ensure compliance with
system of internal control to safeguard shareholders' investment and
the system.
the Group's assets as well as reviewing the adequacy and integrity of
the system. The internal control system is a process that is put in place
Internal Audit
at all levels of the organization to provide reasonable assurance that
The Group has established a formal structure for its internal audit
the Group's business objectives will be achieved. The system covers
function that clearly defines the roles and responsibilities of the persons
financial controls, operational controls and compliance controls, as
involved in the internal audit. As an integral part of the audit process,
well as risk management. Because of the limitations that are inherent
key areas of importance pertaining to internal control, risk assessment,
in any system of internal control, it is designed to manage, rather
risk mitigation and proper governance processes are identified. Focusing
than eliminate, the risk of failure to achieve corporate objectives.
its review and audit on these key areas, the internal audit provides
Accordingly, it can only provide reasonable but not absolute assurance
independent assurance on the efficiency and effectiveness of the internal
against material misstatement or loss.
control system implemented by management. The internal audit reports
Risk Management Framework
to the audit committee on at least a quarterly basis, and more frequently
where appropriate. The chairman of the audit committee in turn presents
Risk management practices and internal control are embedded in
summaries of the internal audit reports (including management's
the daily operations of the Group, which has established a strategic
responses to audit findings and recommendations) at Board meetings.
enterprise-wide risk management framework. This framework involves
identifying the risk exposure of the Group and developing key risk
This statement is made in accordance with a resolution of the Board of
profiles/corporate risk scorecards, as well as implementing a continuous
Directors dated 28 April 2011.
risk monitoring system. The Risk Management Committee (comprising
representatives from the Board, the management and the internal audit
department) is continuously reviewing, upgrading and improving the
Group's risk management practices.
58
ANN UA L REP O RT 2 0 1 0