Basic HTML Version
093
Corporate
Governance
Gamuda Berhad (29579-T)
Annual Report 2013
Board’s Responsibility
The Board affirms the overall responsibility for maintaining
a sound system of risk management and internal control
so as to safeguard shareholders’ interests and the
Group’s assets. However, the system of risk management
and internal control is designed to manage rather than
to eliminate the risk of failure to achieve business
objectives. Accordingly, such systems can only provide
reasonable and not absolute assurance against material
error, misstatement or losses. The Board confirms that
there is an ongoing process of identifying, evaluating and
managing all significant risks faced by the Group that has
been in place for the year and up to the date of approval of
the Annual Report and Financial Statements. The process
is regularly reviewed by the Board and is in accordance
with the Statement on Risk Management and Internal
Control: Guidance for Directors of Listed Issuers.
Risk Management
The risk management framework, which is embedded
in the Company’s management systems, clearly defines
the authority and accountability in implementing the
risk management process and internal control system.
The Management assists the Board in implementing the
process of identifying, evaluating and managing significant
risks applicable to their respective areas of business and
in formulating suitable internal controls to mitigate and
control these risks.
The project task force is responsible for assessing and
evaluating the feasibility and risk impact that prospective
investments would have on the Group. For ongoing
business operations, risk assessment and evaluation
is an integral part of the annual business planning and
budgeting process.
The Management of each business unit, in establishing its
business objectives, is required to identify and document
all possible risks that can affect their achievement taking
into consideration the effectiveness of controls that are
capable of mitigating such risks. By this process, each
business unit’s identified risks, the controls and processes
for managing them are tabulated in a risk assessment
report. Significant risks of business units have been
presented to the Risk Management Committee for their
deliberation.
Key Internal Control Features
The Group’s internal control system encompasses the
following key control processes:
• Clearly defined operating structure, lines of
responsibilities and delegated authority. Various Board
and Management Committees have been established
to assist the Board in discharging its duties. Among the
committees are:
- Audit Committee
- Risk Management Committee
- Nomination Committee
- Remuneration Committee
- Budget Committee
- ESOS Committee
• Feasibility study and risk impact and assessment on
new investments / projects is evaluated by Project Task
Force for Board’s deliberation.
• Internal control activities have been established
in all business units with clearly defined lines of
responsibilities, authority limits for major capital
expenditure, contract awards and other significant
transactions, segregation of duties, performance
monitoring and safeguarding of assets.
• Systematically documented Policies, Procedures and
Standard Operating Procedures are in place to guide
staff in their day-to-day work. These policies and
procedures are reviewed regularly and updated when
necessary.
• An annual budgetary process that requires business
units to prepare budgets, business plans and control
measures to mitigate identified risks for the forthcoming
year. These budgets are deliberated by the Budget
Committee before being presented to the Directors for
approval.
Statement on Risk Management
and Internal Control