To ensure the implementation of integrity management, the internal audit unit directly reports to the Group’s Board of Directors and is responsible for auditing compliance with relevant laws and regulations, ISO systems, and internal control procedures. Before conducting an audit, auditors first define the audit objectives and scope, perform a preliminary investigation to assess risks, and collect all documents relevant to the audit in order to develop an audit plan. According to the audit plan, audits are conducted on applicable laws and regulations, ISO systems, and internal control procedures. Auditors explain the audit objectives, scope, and procedures to the heads of the audited departments, confirm the department’s operational procedures and the personnel responsible for relevant documents, conduct interviews with related staff, review documents, observe actual operations, and, if necessary, request on-site demonstrations by relevant personnel. If any deficiencies are identified, auditors communicate and discuss them thoroughly with the audited department and provide recommendations for improvement. The relevant discussion materials are compiled into an “Audit Report” and submitted to the director designated by the Group’s Board of Directors. Completed audit items are delivered to independent directors for review by the end of the month following the completion of the audit and serve as a basis for subsequent follow-up and improvement. Auditors distribute the previous quarter’s issues to the audited departments in the first month of each quarter. Audited departments must respond in the second month of the quarter with the status of improvements or the planned corrective actions. Departments are expected to complete improvements within three months, except in special cases where a reasonable justification is provided.
The Audit Office is established directly under the Group’s Board of Directors, headed by a Chief Auditor and staffed with a suitable number of qualified full-time internal auditors. In addition to regularly reporting audit activities to the Group’s Audit Committee, the Chief Auditor also attends Board meetings to provide reports. The purpose of internal audits is to assist the Group’s Board of Directors and management departments in examining and reviewing deficiencies in the internal control system, assessing operational effectiveness and efficiency, and providing timely recommendations for improvement. This ensures the continued effective implementation of the internal control system and serves as a basis for reviewing and revising internal controls. The appointment and dismissal of the Chief Internal Auditor must be approved by the Group’s Board of Directors. Performance evaluations are conducted twice a year, and evaluation results as well as remuneration are submitted through the approval process to the Chairman for final authorization.