Annual Report 2021

26 HOP FUNG GROUP HOLDINGS LIMITED • Annual Report 2021 CORPORATE GOVERNANCE REPORT (CONTINUED) 企業管治報告（續） 風險管理及內部監控 （續） 審核委員會協助董事會領導風險管理及內部 監控制度的管理及監督其構成、執行及監管 情況。 本公司已制定並採用多項風險管理程序及指 引，通過關鍵業務流程及辦公職能（包括項 目管理、銷售及租賃、財務申報、人力資源 及信息技術）明確授權實施。 所有分部╱部門定期進行內部監控評估，以 識別可能影響本集團業務以及主要營運及 財務流程、監管合規及信息安全等方面的風 險。各分部╱部門於每年進行自我評估，以 確認其妥善遵守監控政策。 管理層在分部╱部門主管協調下，評估風險 發生概率、提供應對計劃及監察風險管理進 程，並向審核委員會及董事會報告所有結果 及系統成效。 管理層已向董事會及審核委員會匯報截至二 零二一年十二月三十一日止年度風險管理及 內部監控制度的成效。 內部審計部負責獨立檢討風險管理及內部監 控系統的充足性及成效。內部審計部已檢查 與會計實務及所有重大監控相關的主要問 題，並已向審核委員會提交其發現及作出改 善的推薦意見。 董事會在審核委員會的支持下，並經參考 管理層報告，檢討截至二零二一年十二月 三十一日止年度之風險管理及內部監控制度 （包括財務、營運及合規監控），且認為該制 度有效及足夠。年度檢討亦涵蓋財務申報及 內部審計職能，以及員工資格、經驗及相關 資源。 本公司已制定其披露政策，為本公司董事、 高級管理層及相關僱員處理機密資料、監管 信息披露及回覆查詢提供一般指引。本公司 已實施監控程序，以確保嚴格禁止未經授權 的獲取及使用內幕資料。 RISK MANAGEMENT AND INTERNAL CONTROLS (Continued) The Audit Committee assists the Board in leading the management and overseeing their design, implementation and monitoring of the risk management and internal control systems. The Company has developed and adopted various risk management procedures and guidelines with defined authority for implementation by key business processes and office functions including project management, sales and leasing, financial reporting, human resources and information technology. All divisions/departments conduct internal control assessment regularly to identify risks that potentially impact the business of the Group and various aspects including key operational and financial processes, regulatory compliance and information security. Self-evaluation has been conducted annually to confirm that control policies are properly complied with by each division/department. The management, in coordination with division/department heads, assesses the likelihood of risk occurrence, provides treatment plans, and monitors the risk management progress, and has reported to the Audit Committee and the Board on all findings and the effectiveness of the systems. The managemen t ha s r epo r t ed t o t he Boa r d and t he Aud i t Committee on the effectiveness of the risk management and internal control systems for the year ended 31st December, 2021. The Internal Audit Department is responsible for performing independent review of the adequacy and effectiveness of the risk management and internal control systems. The Internal Audit Department examined key issues in relation to the accounting practices and all material controls and provided its findings and recommendations for improvement to the Audit Committee. The Board, as supported by the Audit Committee as well as the management report, reviewed the risk management and internal control systems, including the financial, operational and compliance controls, for the year ended 31st December, 2021, and considered that such systems are effective and adequate. The annual review also covered the financial reporting and internal audit function and staff qualifications, experiences and relevant resources. The Company has developed its disclosure policy which provides a general guide to the Company’s Directors, senior management and relevant employees in handling confidential information, monitoring information disclosure and responding to enquiries. Control procedures have been implemented to ensure that unauthorized access and use of inside information are strictly prohibited.