Basic HTML Version
Annual Report 2013
• 38 •
The Internal Auditors’ role is separate (although may overlap) from that of the RMC as it regularly evaluates on an independent basis
the effectiveness and appropriateness of the entire risk management and control structure as directed by the Audit Committee. In
addition, the Internal Auditors may also provide such assurance and advice covering specialized areas. With the report presented
to the Audit Committee, the Audit Committee in turn reports back to the Board for review on the adequacy and effectiveness of the
risk management and internal control system.
As an on-going process, the Internal Auditors carried out detailed risk audits on each identified area as per approval by the Audit
Committee.
During the financial year under review, the Audit Committee sat with the Internal Auditors to discuss the following audit areas
which were carried out as follows:
(i)
Segregation of Duties Review of KKB Engineering Berhad (with a focus on the direct operation of Steel Fabrication and LPG
Cylinders Manufacturing Divisions)
(ii)
Segregation of Duties Review of KKB Industries (Sabah) Sdn Bhd
(iii)
Insurances Review Audit
(iv)
Stocking & Stocktaking Procedure and Valuation of Inventories of KKB Engineering Berhad
At the conclusion of each audit, the Internal Auditors submitted their findings and recommendations to the Audit Committee during
the scheduled Audit Committee meetings. The findings from each audit were subsequently tabled to the Board at scheduled Board
meetings by the Chairman of the Audit Committee accordingly.
The total cost incurred for the Internal Audit Function in respect of the financial year ended 31 December 2013 was RM38,000.00
(FYE 2012: RM28,000.00).
Key Processes of Risk Management & Internal Control
Other key areas of the Group’s risk management & internal control system include the followings:
•
Existence of Board Committees such as Audit Committee, Nomination Committee, Remuneration Committee and MANCO,
each with clearly defined terms of reference, authority and responsibility.
•
The existence of ISO 9001:2008 Quality Management System certifications for operational control procedures with
stringent documentation requirements provide assurance that a trail of accountability exists and also continuous quality
improvement. The company has been audited and re-certified to ISO 9001:2008 by Lloyd’s Register Quality Assurance in
2012.
•
Scheduled management meetings for each division and department to review operational matters, contingency plans, new
requirements and updates.
•
Establishment of Employee’s Handbook, Health & Safety Manual and other publication provide for continuous assurance
and trail of accountability.
•
Establishment of a system of compliance through code of conduct, whistle blowing policy and formalizing the board
charter.
•
The existence of OHSAS 18001:2007 Occupational, Health & Safety management system and documented system
procedures provide for continual improvements and management commitment in legal and statutory compliance in which
the company has been re-certified by Bureau Veritas Quality International (BVQI) in 2012 and its valid for three (3) years.
•
A well structured organizational hierarchy with formally defined lines of responsibility and duties.
•
Implementation of Enterprise Resource Planning (ERP) using Oracle JD Edwards Application Software System (E9 Upgrade)
to integrate and improve the overall efficiency of the Group’s financial and operational control, and to optimize capacity
utilization.
•
Where areas of improvement in the systems are identified, the Board is always ready to receive and consider the
recommendations made by the Audit Committee.
STATEMENT ON RISK MANAGEMENT & INTERNAL CONTROL (CONT’D)