The Directors of the Company (the "Directors") have the overall responsibility for internal control, including risk management, and set appropriate policies having regard to the objectives of the Group. The Board, through the Audit Committee, reviewed the overall effectiveness of the Group's system of internal control over financial, operational and compliance issues, risk management process, information systems security and effectiveness of financial reporting and compliance with the Listing Rules, and is satisfied that such systems are effective and adequate. The Board also considered that the resources, qualifications and experience of staff of the Company's accounting and financial reporting function, and their training programmes and budget were adequate.
The Group has put in place an organisational structure with formal and clearly defined lines of responsibility and delegation of authority. There are also established procedures for financial planning, capital expenditure, treasury transactions, information and reporting systems, and monitoring the Group's businesses and their performance.
The Internal Audit Department reviews the effectiveness of the internal control system. The Internal Audit Department carries out annual risk assessment on each identified audit area and devises an annual audit plan according to the nature of business and risk exposures, and the scope of work includes financial and operational reviews. The audit plan is reviewed and agreed by the Audit Committee. In addition to the agreed schedule of work, the Internal Audit Department conducts other review and investigative work as may be required. The Audit Committee receives summary reports from the Internal Audit Department periodically while the results of internal audit reviews and responses to the recommended corrective actions are also reported to the executive Directors. The Internal Audit Department is also responsible for following up on the corrective actions to ensure that satisfactory controls are maintained.