RISK MANAGEMENT AND INTERNAL CONTROLS
Principle 11: The Board is responsible for the governance of risk. The Board should
ensure that management maintains a sound system of risk management
and internal controls to safeguard shareholders’ interests and the
company’s assets, and should determine the nature and extent of the
significant risks which the Board is willing to take in achieving its strategic
objectives.
The Group has a system of internal control designed to provide reasonable assurance with
respect to the safeguarding of assets and maintaining proper accounting records to ensure
that financial information used for financial reporting are reliable. The system of internal
control is based within a wider framework that attempts to optimise the balance between
growth or return and related risks. More specifically, the Board attempts to:
(a)
Align risk with its medium and longer term business strategy. The Board thus sets the
overall risk appetite which the internal auditors and internal controls monitor;
(b) Preselect risk response. For each major risk or risk category, the Board decides whether
to avoid, reduce, share or accept the risk. The internal auditors and internal controls
are there to ensure that the system does not deliberately or inadvertently circumvent or
override this decision;
(c)
Reducing operational surprises and losses;
(d) Identifying cross border and cross business risk and such are risks which are not
normally within the scope or control of day-to-day management; and
(e)
Improving the use of capital and resources.
However, the Board recognises that no internal control system could provide absolute
assurance against the occurrence of material errors, poor judgment in decision-making,
human errors, losses, fraud or other irregularities. The internal control system is designed to
manage rather than eliminate the risk of failure to achieve the business objectives.
The internal and external auditors conducted annual review of the effectiveness of the Group’s
key internal controls, including financial, operational, policy, compliance and information
technology controls and risk management. Any material non-compliance or internal control
weaknesses and recommendations for improvements are reported to the AC. A copy of the
internal audit report has been issued to the relevant departments for their follow-up actions
and the improvement measures are closely monitored and reviewed by the AC.
For the purpose of the Board expressing its opinion and in line with the Committee of
Sponsoring Organizations of the Treadway Commission (“COSO”) Internal Controls Integrated
Framework, “internal controls” is broadly defined as “a process effected by an entity’s board
of directors and other personnel, designed to provide reasonable assurance regarding the
achievement of objectives in the following categories:
(a) effectiveness and efficiency of operations;
(b) reliability of financial reporting; and
(c) compliance with applicable laws and regulations.
CORPORATE GOVERNANCE
REPORT
ASL Marine Holdings Ltd. /Annual Report 2015
40
