Assignment of Authority The DAM provides a framework of authority and accountability and outlines approval authority for strategic, capital, and operational expenditure. The DAM is reviewed and approved by the Board in line with changes in business needs. Code of Conduct (the Code) & Agreement of Responsible Business Conduct (ABC) The Code and ABC are a vital and integral part of Digi’s governance regime that defines the core principles and ethical standards in conducting business and engaging with stakeholders and ensuring compliance with relevant laws and regulations.The Code applies to members of the Board and employees whilst the ABC and the Code apply to those acting on behalf of Digi. The relevant parties are required to confirm that they have read, understood and will adhere to the Code and ABC, respectively. The Group has communication channels that allow concerns of non-adherence to the Code and ABC to be anonymously reported. Compliance The Compliance Officer supports the CEO and the Board in ensuring that: • The Code and ABC lay out good business practices, the relevant laws, regulations and widely recognised treaties • The Code and ABC are implemented consistently and effectively through sharing of knowledge and measures for quality assurance • Compliance incidents are consistently and effectively managed • Reports on material breaches of the Code and ABC are made to the Compliance Committee (comprising members of the Management), members of the Board and ARC on a quarterly basis • Capacity building for Employees, Business Partners, Management and Members of the Board and ARC on the Compliance requirements of the Group is conducted on a regular basis • The effectiveness of the Compliance programme is periodically reviewed and improved • Compliance risk assessment is conducted annually to prevent incidents from occurring through effective remediation and mitigation steps • Commenced implementation of ISO 37001: Anti-Bribery Management System certification standards with the objective to improve the organisation’s culture of integrity, governance and anti-corruption, reputation and the commitment of its top management and governing body • Conduct Integrity Due Diligence background check on all high-risk Business Partners Management and Board Meetings Management meetings are held weekly to identify, discuss, approve and resolve strategic, operational, financial and key management issues pertaining to Digi’s day-to-day business. Significant changes in the business and the external environment are reported by the Management to the Board on an on-going basis and/or during Board meetings. Internal Audit The Internal Audit function is established to undertake independent reviews and assessments on the adequacy, efficiency and effectiveness of risk management, internal controls and governance processes implemented by Management. To maintain impartiality, proficiency and due professional care, the Internal Audit function reports functionally to the ARC and administratively to the CEO. The annual audit plan, established using a risk-based approach, is reviewed and approved by the Board annually. Audit reports, including audit recommendations, Management responses and remedial action plans for improvement and/or rectification are presented and tabled to the ARC on a quarterly basis. The status of the implementation is monitored by theARC to ensure that they are addressed timely. If deemed necessary, management representative will be required to attend ARC meeting(s) to provide explanation and propose action plans on the significant audit findings. Further information on the Internal Audit department’s activities is detailed in the Audit and Risk Committee Report of this Integrated Annual Report. Statement on Risk Management and Internal Control 124 Digi.Com Berhad At A Glance Message To Shareholders How We Create Value Strategies To Create Value
RkJQdWJsaXNoZXIy ODU0MjU5