CORPORATE GOVERNANCE REPORT (CONTINUED)
ACCOUNTABILITY AND AUDIT (Continued)
Risk Management and Internal Controls (Continued)
The diagram below summarizes the complementary top-down and bottom-up aspects of the integrated approach of the Group to
risk management.
"Top-down" approach
Oversight, identification, assessment and mitigation of risk at corporate level
"Bottom-up" approach
Identification, assessment and mitigation of risk at business unit level and across functional areas
•
Has overall responsibility for
the Group's risk management and internal control systems
Internal Risk Management Team
Sets strategic objectives
Reviews the effectiveness of the Group's risk management and internal control
systems
Supports the Audit Committee in designing, implementing, and monitoring the Group's risk management and internal control systems
Supports the Audit Committee in assessing the Group's risks and mitigating measures Company-wide
The Board
·
Monitors the nature and extent of risk exposure for the Group's significant risks
Audit Committee
Supports the Board in monitoring risk exposure, design and operating effectiveness of the underlying risk management and internal control systems
•
•
•
Sets business objectives
Operational Level
Risk identification, assessment and mitigation performed across the business
Certain significant risks such as business risk, financial risk, regulatory and compliance risk and operational risk have. been identified during the year through the process of risk identification and assessment. Relevant control strategies and mitigation on significant risks have been reported to the Audit
Committee. The Audit Committee and the Board were not aware
of any areas of concern that would have a material impact on the financial position or results of operations of the Group and considered the risk management and internal control systems to be generally effective and adequate.
Provides direction on the importance of risk management and risk management culture
Internal Audit
Supports the Audit Committee in reviewing the effectiveness of the Group's risk management and internal control systems
Considers risk assessment
results, especially for all
significant risks in annual audit planning
• Designs audit program with reference to the risk assessment results
Report key audit findings and recommendations to the Audit Committee and Internal Risk Management Team
Risk management process and internal controls measures practised across business operations and functional areas.
The Audit Committee has established and oversees a whistleblowing policy and set comprehensive procedures whereby employees can report any actual or suspected occurrence of improper conduct involving the Company, and for matters to be investigated and dealt with efficiently in an appropriate and transparent manner. The Audit Committee has designated the Internal Audit Manager to receive on his behalf any such reports, to oversee the conduct of subsequent investigations, and to provide information, including recommendations arising from any investigations to them for consideration by the Audit Committee.
34
Hong Kong Ferry (Holdings) Company Limited Annual Report 2016
No comments yet.
Private notes are available after approval.