3.4 There is a budgeting and forecasting system. Each line of business submits a business plan annually for

approval by the Board. The results of the lines of businesses are reported monthly and variances are

analysed against budget and acted on in timely manner. The Group’s strategic directions are also reviewed

annually taking into account changes in market conditions and significant business risks.

3.5 The periodic and streamlining review of limits of authority and other standard operating procedures

within the Group provides a sound framework of authority and accountability within the organisation and

to facilitate quality, well informed and timely corporate decision making at the appropriate level in the

organisation’s hierarchy.

3.6 The compliance function, which includes the Audit and Risk Committee and internal audit function, assists

the Board to oversee the management of risks and review the effectiveness of internal controls. The

Committee reviews reports of the Group Internal Audit Department (“GIA”) and also conducts annual

assessment on the adequacy of the GIA’s scope of work;

3.7 The Audit and Risk Committee convenes regular meetings to deliberate on findings and recommendations

for improvement by both the internal and external auditors on the state of the system of internal control.

Minutes of the Audit and Risk Committee meetings are tabled to the Board.

3.8 Review and award of major contracts by the project committees and teams, subject always to the

delegated authority limits set by the Board. A minimum of three quotations is called for and tenders are

awarded based on criteria such as quality, track record and speed of delivery.

3.9 The Risk Management Committee (“RMC”) convenes meeting annually to review and recommend the risk

management policies, strategies, key risk profiles and risk mitigation actions for the Group and reports to

the Audit and Risk Committee.

3.10 Clearly documented standard operating procedure manuals set out the policies and procedures for day

to day operations to be carried out. Regular reviews are performed to ensure that documentation remains

current, relevant and aligned with evolving business and operational needs.

3.11 The competency of staff is enhanced through rigorous recruitment process and development programmes.

A performance appraisal system of staff is in place, with established targets and accountability and is

reviewed annually.

4.

INTERNAL AUDIT FUNCTIONS

The Group’s internal audit function is undertaken by GIA which reports directly to the Audit and Risk Committee

and administratively to the Group MD. The GIA assists the Audit and Risk Committee in the discharge of its

duties and responsibilities. Its key role is to provide independent and objective assurance designed to add value

and assist the Group in accomplishing its objectives by bringing a systematic, disciplined approach to evaluate

and improve the effectiveness of risk management, internal control system and governance processes.

The business processes and conduct of the operating units within the Group are continuously assessed by

GIA in the context of adequacy and effectiveness of the financial, operational controls and risk management.

GIA reports to the Audit and Risk Committee and communicates to Management on audit observations noted

in the course of their review and performs monitoring on the status of actions taken by the operating units.

It conducts independent reviews of the key activities within the Group’s operating units based on a detailed

annual audit plan developed using a risk-based methodology including input from Senior Management and the

Audit and Risk Committee, which was approved by the Audit and Risk Committee. The terms of reference of

the GIA are clearly spelt out in its Internal Audit Charter.

corporate

governance

85