Annual Report 2019

CORPORATE GOVERNANCE REPORT 企業管治報告 HOP FUNG GROUP HOLDINGS LIMITED 合豐集團控股有限公司 26 RISK MANAGEMENT AND INTERNAL CONTROLS The Board acknowledges its responsibility for the risk management and internal control systems and reviewing their effectiveness. Such systems are designed to manage rather than eliminate the risk of failure to achieve business objectives, and can only provide reasonable and not absolute assurance against material misstatement or loss. The Board has the overall responsibility for evaluating and determining the nature and extent of the risks it is willing to take in achieving the Company’s strategic objectives, and establishing and maintaining appropriate and effective risk management and internal control systems. The Audit Committee assists the Board in leading the management and overseeing their design, implementation and monitoring of the risk management and internal control systems. The Company has developed and adopted various risk management procedures and guidelines with defined authority for implementation by key business processes and office functions including project management, sales and leasing, financial reporting, human resources and information technology. All divisions/departments conduct internal control assessment regularly to identify risks that potentially impact the business of the Group and various aspects including key operational and financial processes, regulatory compliance and information security. Self-evaluation has been conducted annually to confirm that control policies are properly complied with by each division/ department. The management, in coordination with division/department heads, assesses the likelihood of risk occurrence, provides treatment plans, and monitors the risk management progress, and has reported to the Audit Committee and the Board on all findings and the effectiveness of the systems. The management has reported to the Board and the Audit Committee on the effectiveness of the risk management and internal control systems for the year ended 31st December, 2019. The Internal Audit Department is responsible for performing independent review of the adequacy and effectiveness of the risk management and internal control systems. The Internal Audit Department examined key issues in relation to the accounting practices and all material controls and provided its findings and recommendations for improvement to the Audit Committee. 風險管理及內部監控 董事會確認其有關風險管理及內部監控制度，以及 檢討其成效之責任。該等制度乃旨在管理而非消除 未能達成業務目標之風險，而且只能就不會有重大 失實陳述或損失作出合理而非絕對保證。 董事會全權負責評估及釐定本公司為達成策略目標 所願承擔的風險性質及程度，並建立及維持適當及 有效的風險管理及內部監控制度。 審核委員會協助董事會領導風險管理及內部監控制 度的管理及監督其構成、執行及監管情況。 本公司已制定並採用多項風險管理程序及指引，通 過關鍵業務流程及辦公職能（包括項目管理、銷售及 租賃、財務申報、人力資源及信息技術）明確授權實 施。 所有分部╱部門定期進行內部監控評估，以識別可 能影響本集團業務以及主要營運及財務流程、監管 合規及信息安全等方面的風險。各分部╱部門於每 年進行自我評估，以確認其妥善遵守監控政策。 管理層在分部╱部門主管協調下，評估風險發生概 率、提供應對計劃及監察風險管理進程，並向審核 委員會及董事會報告所有結果及系統成效。 管理層已向董事會及審核委員會匯報截至二零一九 年十二月三十一日止年度風險管理及內部監控制度 的成效。 內部審計部負責獨立檢討風險管理及內部監控系統 的充足性及成效。內部審計部已檢查與會計實務及 所有重大監控相關的主要問題，並已向審核委員會 提交其發現及作出改善的推薦意見。