TUNG LOK RESTAURANTS (2000) LTD / Annual Report
2016
24
Corporate Governance Report
11.2 and 11.4 Board should,
at least annually review the
adequacy and effectiveness
of the risk management
and internal control
systems, including financial,
operational, compliance
and information technology
controls; Board may
establish a separate board
risk committee to oversee
risk management framework
and policies
The Group has in place a system of internal control and risk management policies and
systems for ensuring proper keeping of accounting records and reliable financial information,
as well as managing business risks with a view to safeguard shareholders’ investments
and the Company’s assets. The risk management framework provides for systematic and
structured review as well as reporting on the assessment of the degree of risk, evaluation
and effectiveness of controls in place to mitigate the risk.
Following the nomination of the ARC to assist the Board in its risk management role, the
ARC reviews the adequacy of the Group’s risk management framework to ensure that a
robust risk management process, structure and framework is in place. The process of risk
management is undertaken by the Executive Chairman and senior management under the
purview of the ARC and the Board.
During the financial year 2013, the Company, with the support from consultants, Ernst &
Young Advisory Pte Ltd (“
Ernst & Young
”), has formalised a structured Enterprise Risk
Management (“
ERM
”) Framework to facilitate the Board in identifying and assessing key
operational, financial, compliance and information technology risks with reference to
the business goals, strategies and critical success factors of the Group. Under the ERM
Framework, which is developed with reference to the ISO 31000:2009 Risk Management
– Principles and Guidelines, Committee of Sponsoring Organisations of the Treadway
Commission (COSO) Model and Risk Governance Guidance for Listed Board 2012,
Management and executives of all levels are expected to constantly review the business
operations and the operating environment to identify risk areas and ensure mitigating
measures are promptly developed to minimise these risks. The ERM Framework outlines the
Group’s approach to managing enterprise-wide risks and sets out a systematic process for
identifying, evaluating, monitoring, managing and reporting risks faced by the Group. Thus,
it allows the Group to address the changes and the challenges in the business environment,
reduce uncertainties and facilitates the shareholder value creation process on an ongoing
basis.
Management regularly reviews the Group’s business and operational activities to identify
areas of significant business risks as well as appropriate measures to control and mitigate
these risks within the Group’s policies, strategy as well as risk appetite. Management is
accountable to the ARC for ensuring the effectiveness of risk management and adherence
to risk appetite limits. On a day-to-day basis, business units have primary responsibility
for risk management. The various business units provide senior management with a timely
assessment of key risk exposures and the associated management responses. These units
also recommend risk appetite and control limits.
