Table of Contents Table of Contents
Previous Page  62 / 129 Next Page
Information
Show Menu
Previous Page 62 / 129 Next Page
Page Background

ANNUAL REPORT

2016

Laying Down Proper Systems for Risk Management and Internal Control

• Risk Management Unit

The Company contracted with RSMAlbazie Consulting, which is an independent external office for risk man-

agement in order to identify and measure the risks to which the Company is exposed. The Company organi-

zational structure (approved by the board of directors) comprises the independent unit for risk management,

which operates basically for measuring, following up and controlling all types of risks facing the Company

and is accountable to the board of directors directly. The external office laid down the effective systems and

procedures for risk management by preparing the working methodology of the Risks Department and the

job description of the risk officers in order for the Company to be capable of performing its main tasks repre-

sented in measuring and following all types of risks to which the Company is exposed. Further, the external

office worked to develop the periodical reports system, as it is considered as one of the significant tools in the

process of following up risks and controlling their occurrence. The personnel in charge of the external office

enjoy independence as they are accountable directly to the board of directors. Furthermore, they enjoy a

great extent of authorities in order to carry out their tasks in a perfect manner, and have no financial powers

or authorities. The external office has available the qualified staff possessing the professional competencies

and technical capacities. In the event of the existence of transactions or dealings carried out by the Company

with related parties, the external office reviews the transactions and dealings and presents the suitable rec-

ommendations in this respect to the board of directors.

• Risk Management Committee

The Risk Management Committee consisting of three non executive members of the board of directors, in-

cluding the independent member, have been re-composed. The board has outlined the membership tenure

of the Committee membership and its working method. Further, it has stipulated the powers and duties of

the Risk Management Committee within its charter, approved by the board. The Committee met four times

in 2016 and discussed several topics related to its powers and duties, including the review and study of risks

related to a number of the Company projects and submission of reports in this respect.

• Control systems and internal control:

-The Company has control systems and internal control covering all the Company’s activities, which operate

to preserve the financial integrity of the Company, accuracy of its data and efficiency of its operations from the

various aspects. Further, the Company organizational structure considered the internal control principles for

the double control process (Four Eyes Principles), represented in the sound identification of responsibilities

and powers, complete segregation in duties and non conflict of interests, inspection and double control, and

dual signature, by providing the financial and administrative authorities structure, policies and procedures

for the Company’s operations, in addition to the information technology systems prepared and designed

pursuant to the principle of segregation in duties across the various departments and concerned functions.

- The Company contracted with an independent office (Russell Bedford) to evaluate and review the internal

control systems and prepare a report in this respect (Internal Control Report), whereby the office will prepare

the annual report on the operations of year 2016, which will be submitted to the Capital Markets Authority

within 90 days after the end of the fiscal year.

- Further, the board of directors has decided to contract with another auditing office to review and evaluate

the performance of the Internal Audit Unit on periodical basis every three years.This report shall be submitted

to the Audit Committee and the board of directors.

• Internal Audit Unit:

- The Company contracted with an independent external office for the management of internal audit oper-

ations (PwC Al Shatti & Co.), which is an office enjoying full independence with extensive technical experi-

ence in the internal auditing field. The Company organizational structure (approved by the board of directors)

comprises an internal audit unit of the Audit Committee, and therefore the board of directors. The Audit

Office mandated with preparing the internal audit reports on all the operations of the Company’s sectors

and departments, including the remarks, resulting effects, recommendations, in addition to the replies of the

departments and specified action plans in order to take the required measures according to the submitted

recommendations and submit these reports to the Audit Committee.

F

ifth Rule

59