Annual Report 2020

ANNUAL REPORT 2020 年度報告 25 CORPORATE GOVERNANCE REPORT 企業管治報告 風險管理及內部監控 （續） 審核委員會協助董事會領導風險管理及內部監控制度的管 理及監督其構成、執行及監管情況。 本公司已制定並採用多項風險管理程序及指引，通過關鍵 業務流程及辦公職能（包括項目管理、銷售及租賃、財務 申報、人力資源及信息技術）明確授權實施。 所有分部╱部門定期進行內部監控評估，以識別可能影響 本集團業務以及主要營運及財務流程、監管合規及信息安 全等方面的風險。各分部╱部門於每年進行自我評估，以 確認其妥善遵守監控政策。 管理層在分部╱部門主管協調下，評估風險發生概率、提 供應對計劃及監察風險管理進程，並向審核委員會及董事 會報告所有結果及系統成效。 管理層已向董事會及審核委員會匯報截至二零二零年十二 月三十一日止年度風險管理及內部監控制度的成效。 內部審計部負責獨立檢討風險管理及內部監控系統的充足 性及成效。內部審計部已檢查與會計實務及所有重大監控 相關的主要問題，並已向審核委員會提交其發現及作出改 善的推薦意見。 董事會在審核委員會的支持下，並經參考管理層報告，檢 討截至二零二零年十二月三十一日止年度之風險管理及內 部監控制度（包括財務、營運及合規監控），且認為該制度 有效及足夠。年度檢討亦涵蓋財務申報及內部審計職能， 以及員工資格、經驗及相關資源。 本公司已制定其披露政策，為本公司董事、高級管理層及 相關僱員處理機密資料、監管信息披露及回覆查詢提供一 般指引。本公司已實施監控程序，以確保嚴格禁止未經授 權的獲取及使用內幕資料。 RISK MANAGEMENT AND INTERNAL CONTROLS (Continued) The Audit Committee assists the Board in leading the management and overseeing their design, implementation and monitoring of the risk management and internal control systems. The Company has developed and adopted various risk management procedures and guidelines with defined authority for implementation by key business processes and office functions including project management, sales and leasing, financial reporting, human resources and information technology. All divisions/departments conduct internal control assessment regularly to identify risks that potentially impact the business of the Group and various aspects including key operational and financial processes, regulatory compliance and information security. Self- evaluation has been conducted annually to confirm that control policies are properly complied with by each division/department. The management, in coordination with division/department heads, assesses the likelihood of risk occurrence, provides treatment plans, and monitors the risk management progress, and has reported to the Audit Committee and the Board on all findings and the effectiveness of the systems. The management has reported to the Board and the Audit Committee on the effectiveness of the risk management and internal control systems for the year ended 31st December, 2020. The Internal Audit Department is responsible for performing independent review of the adequacy and effectiveness of the risk management and internal control systems. The Internal Audit Department examined key issues in relation to the accounting practices and all material controls and provided its findings and recommendations for improvement to the Audit Committee. The Board, as supported by the Audit Committee as well as the management report, reviewed the risk management and internal control systems, including the financial, operational and compliance controls, for the year ended 31st December, 2020, and considered that such systems are effective and adequate. The annual review also covered the financial reporting and internal audit function and staff qualifications, experiences and relevant resources. The Company has developed its disclosure policy which provides a general guide to the Company’s Directors, senior management and relevant employees in handling confidential information, monitoring information disclosure and responding to enquiries. Control procedures have been implemented to ensure that unauthorized access and use of inside information are strictly prohibited.