1 400 Table of Contents 402 417

BIMB Integrated Annual Report 2017

62 Intended Outcome Companies have an effective governance, risk management and internal control framework and stakeholders are able to assess the effectiveness of such a framework. Practice 10.1 The Audit Committee should ensure that the internal audit function is effective and able to function independently. Application : Applied. Explanation on application of the practice : The Internal Audit functions report directly to the AEC and is independent of the activities of its auditees. The primary responsibilities of the Internal Audit Division (“ IAD ”) are to undertake regular and systemic reviews of the risk management process, internal control and governance practices of BHB and its wholly-owned subsidiaries. The reviews are done in compliance with the International Professional Practices Framework and the Internal Audit Charter to provide a reasonable assurance that the risk management process, internal controls and governance practices are operating satisfactorily and effectively, in line with the Group’s goals and objectives. The scope of the Internal audit reports covers improvement opportunities, audit findings, management responses and corrective actions in areas with significant risks and internal control deficiencies. All Internal Audit Reports on the Company and its wholly-owned subsidiaries were tabled to the AEC for deliberation. Management were present at the AEC meetings to respond and provide feedback on the progress of business process improvement opportunities identified by IAD. Minutes of the AEC meetings are subsequently tabled to the Board for notation. The AEC reviewed the adequacy and relevance of the scope, functions, resources, procedures, risk based internal audit plans and results of the internal audit processes, with the IAD. The Internal Audit would submit the Internal Audit Plan to be reviewed by the AEC. The audit plan which covers the audit scope, methodology and practices, timing and resources, assessment of risk, comparison of actual versus budgeted time spent on assignments and audit fee. The summary of the activities of the Internal Audit for the financial year ended 31 December 2017 were as follows:- a. Prepared the Audit Plan for approval of the AEC. The Audit Plan was developed based on assessment of the significant potential risk exposure of the auditable areas; b. Issued Audit Reports to the AEC and Management, identifying weaknesses and issues as well as highlighting recommendations

RkJQdWJsaXNoZXIy NDgzMzc=