Risk Management And Internal Control

Risk Management

Risk management is an integral part of proper management practice and it forms part of the Company's internal controls and corporate governance. It explains the Company's underlying approach to risk management and documents the roles and responsibilities of the Senior Management and other key parties. The main objective of this policy is to identify and reduce or eliminate risks and losses to its investments, security, interests and employees while striving to achieve its corporate and strategic objectives.

The Board of Directors oversees the establishment and implementation of the risk management system and annually reviews the effectiveness of the system. The Board supports the risk management practice within the company, but risk management remains the responsibility of the company’s management team.

Senior Management is responsible for the implementation of the risk management process and ultimately responsible for the management of risks in business. All personnel are responsible for managing risks within their areas of responsibilities per the general risk management guidelines set by the Company.

Internal Audit

Internal Audit Function is an independent function, mainly responsible for evaluating the adequacy and effectiveness of internal controls, ensuring compliance with policies, procedures and regulatory requirements. Internal Auditor is not assigned to any executive responsibilities in order to maintain his/her autonomy and impartiality in fulfilling his/her duties and responsibilities. The Internal Audit function reports directly to the Board Audit Committee which is accountable for monitoring the overall performance of the function.

The mission of the Internal Auditor is to provide independent and objective reviews and assessments of the business activities, operations, financial systems and internal accounting controls of the company. The Internal Auditor accomplishes its mission through the conduct of operational, financial and performance audits, selected as the result of a risk identification and assessment process.