CORPORATE GOVERNANCE REPORT (CONTINUED)
ACCOUNTABILITY AND AUDIT (Continued)
Risk Management and Internal Controls (Continued)
The diagram below summarizes the complementary top-down and bottom-up aspects of the integrated approach of the Group to risk management.
"Top-down"
Approach
Oversight, identification, assessment and mitigation of risk at corporate level
Has overall
responsibility for the Group's risk
management and internal control systems
The Board
•
Sets strategic objectives
•
Monitors the nature
• Reviews the effectiveness of the Group's risk
and extent of risk exposure for the Group's significant
Provides direction on the importance of risk management and risk management culture
risks
management and
internal control systems
"Bottom-up" Approach
Identification, assessment and mitigation of risk at business unit level and across functional areas
Internal Risk Management Team
• Supports the Audit Committee
in designing, implementing, and monitoring the Group's risk management and internal control systems
Supports the Audit Committee in assessing the Group's risks and mitigating measures Company-wide
Audit Committee
Supports the Board in monitoring risk exposure, design and operating effectiveness of the underlying risk management and internal control systems
•
Internal Audit
Supports the Audit Committee
in reviewing the effectiveness of the Group's risk management and internal control systems
• Considers risk assessment results, especially for all significant risks in annual audit planning
•
Designs audit program with
reference to the risk
assessment results
• Reports key audit findings and
recommendations to the Audit Committee and Internal Risk Management Team
• Sets business objectives
Operational Level
Risk management process and internal controls measures practised across business operations and functional areas.
• Risk identification, assessment and mitigation performed across the business
Certain significant risks such as business risk, financial risk, regulatory and compliance risk and operational risk have been identified during the year through the process of risk identification and assessment. Relevant control strategies and mitigation on significant risks have been reported to the
Audit Committee. The Audit Committee and the Board were
not aware of any areas of concern that would have a material impact on the financial position or results of operations of the Group and considered the risk management and internal control systems to be generally effective and adequate.
•
The Audit Committee has established and overseen a whistleblowing policy and set comprehensive procedures whereby employees can report any actual or suspected occurrence of improper conduct involving the Company, and for matters to be investigated and dealt with efficiently in an appropriate and transparent manner. The Audit Committee has designated the Internal Audit Manager to receive on his behalf any such reports, to oversee the conduct of subsequent investigations, and to provide information, including recommendations arising from any investigations to them for consideration by the Audit Committee.
Hong Kong Ferry (Holdings) Company Limited
37
Annual Report 2018
No comments yet.
Private notes are available after approval.