Bursa Malaysia • Annual Report 2013
72
Audit Committee Report
d. On 16 April 2013, GIA presented the post-mortem report for the Annual
IA Plan of 2012 which provided an overall indication of the adequacy and
effectiveness of controls implemented within the Group to mitigate its
key risks.
e.
At the meeting on 19 November 2013, the AC considered the adequacy
of scope and comprehensive coverage of the Group’s activities and
approved the IA’s Annual Audit Plan for 2014.
f.
On 19 November 2013 and 27 January 2014, theAC reviewed the annual
Statement on Internal Control and Risk Management for publication in
the 2013 Annual Report.
g. On 19 November 2013, the AC reviewed the verification of share grants
under the Share Grant Plan (SGP) of Bursa Malaysia which comprised
two components, namely the Restricted Share Plan (RSP) for employees
at Grade E7 and above and the Performance Share Plan (PSP) for key
management personnel in addition to their RSP. The AC concurred that
the award of shares under the SGP complied with the criteria approved
by the Nomination and Remuneration Committee pursuant to Paragraph
8.17(2) of the MMLR, which included the following:
i.
The award of shares in Bursa Malaysia (Plan Shares) to eligible
employees of the Group on 1 July 2013 for the 2013 RSP Grant
based on their job grades and performance ratings for 2012;
ii.
The vesting of Plan Shares for the 2011 and 2012 RSP Grants on
15 July 2013; and
iii. The award of Plan Shares to selected executives of the Group on
1 July 2013 for the 2013 PSP Grant based on performance targets
for the period 2013 to 2015.
INTERNAL AUDIT FUNCTION
The purpose of the IA function is to provide the Board, through the AC, with
reasonable assurance of the effectiveness of the risk management, control and
governance processes in the Group. GIA was led by the Head of GIA, which reported
functionally to the AC and administratively to the CEO during the financial year
2013.
The GIA comprises four departments i.e. Strategic and Operations Audit,
Compliance and Project Audit, IT Audit and Audit Strategic Planning. To ensure that
the responsibilities of GIA are fully discharged, the AC reviews the adequacy of the
scope, functions and resources of the IA function as well as the competency of the
Internal Auditors.
The Internal Auditors also highlighted to the Management Risk and Audit
Committee (MRAC) the audit findings which required follow-up action by
Management as well as outstanding audit issues which required corrective action
to ensure an adequate and effective internal control system within the Group.
The MRAC, which is a management committee under the Group’s Management
Governance Framework, reviews reports from the Internal Auditors, External
Auditors and the Securities Commission for the purpose of assessing the adequacy
and integrity of the system of internal control of the Group. The MRAC held four
meetings in 2013.
The IA activities were carried out based on a risk-based audit plan presented to
the AC for approval. The establishment of the audit plan took into consideration the
Corporate Risk Profile and input from Senior Management and the AC members.
The results of the audits provided in the IA reports were reviewed by the AC. The
relevant Management of the specific audit subject were made responsible for
ensuring that corrective actions on reported weaknesses were taken within the
required timeframe. GIA conducted follow-up audits to ensure that Management’s
corrective actions were implemented appropriately. In this respect, the IA has
added value by improving the control processes within the Group.
All IA activities in 2013 were conducted by the in-house audit team. No area of
the IA function was outsourced. The total costs incurred by GIA in discharging its
functions and responsibilities in 2013 amounted to RM2,780,624 as compared to
RM2,753,614 in 2012.
Governance
