Self evaluation report on internal control in 2021
In accordance with the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control regulatory requirements (hereinafter referred to as the enterprise internal control standard system), combined with Zhang Xiaoquan Inc(301055) (hereinafter referred to as the "company") internal control system and evaluation methods, on the basis of daily and special supervision of internal control, We evaluated the effectiveness of the company's internal control on December 31, 2021 (the benchmark date of the internal control evaluation report).
1、 Important statement
It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness and truthfully disclose the internal control evaluation report in accordance with the provisions of the enterprise's internal control standard system. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The management is responsible for organizing and leading the daily operation of the enterprise's internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.
The objective of the company's internal control is to reasonably ensure the legal compliance of operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in circumstances may lead to inappropriate internal control or reduced compliance with control policies and procedures, there is a certain risk to speculate the effectiveness of internal control in the future according to the internal control evaluation results.
2、 Internal control evaluation conclusion
The audit committee of the board of directors of the company authorizes the audit department to be responsible for the specific organization and implementation of internal control evaluation. The audit department conducted a comprehensive self inspection and internal control inspection around the relevant business operation specification requirements and risk management requirements involved in the internal control system.
According to the identification of major defects in the company's internal control over financial reporting, there are no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report. The board of Directors believes that the company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise's internal control standard system and relevant regulations.
According to the identification of major defects in the company's internal control over non-financial reports, the company found no major defects in the company's internal control over non-financial reports on the benchmark date of the internal control evaluation report.
From the base date of the internal control evaluation report to the issuance date of the internal control evaluation report, there has been no significant change in internal control that has a substantive impact on the internal control evaluation conclusion.
3、 Internal control evaluation basis
The internal control evaluation of the company is carried out in accordance with the relevant national laws and regulations, the basic norms of enterprise internal control, the guidelines for enterprise internal control evaluation jointly issued by the Ministry of Finance and other five ministries and commissions, as well as the company's system documents and internal control management requirements. On the basis of daily and special supervision of internal control, Evaluate the effectiveness of the company's internal control system as of December 31, 2021.
4、 Procedures and methods of internal control evaluation
The internal control evaluation of the company shall be carried out in strict accordance with the procedures specified in the basic norms and evaluation guidelines. The internal control evaluation procedures of the company are as follows: formulate the internal control evaluation work plan, and clarify the personnel organization, evaluation scope, schedule and other relevant contents; Implement on-site test of internal control design and operation; Identify control defects and summarize evaluation results; Prepare internal control evaluation report.
The evaluation mainly adopts the combination of on-site test and systematic sampling, and comprehensively uses the methods of individual interview, questionnaire, special discussion, walk through test, on-site inspection, sampling, analysis and comparison to widely collect the evidence of whether the company's internal control design and operation are effective, and truthfully fill in the evaluation working paper according to the specific contents of the evaluation, Study and analyze the internal control defects, objectively evaluate the efficiency and effect of the design and operation of the company's internal control, and prepare the internal control defect identification form after making a preliminary identification of the found internal control defects and submit it to the board of directors of the company for deliberation.
5、 Scope of internal control evaluation
According to the risk oriented principle, the company determines the main units, businesses and matters included in the evaluation scope and high-risk areas. The evaluation scope of the company at all levels and its subordinate units includes the main evaluation scope of the company at all levels.
The content of the company's internal control self-evaluation focuses on five basic internal control factors, such as internal environment, risk assessment, control activities, information transmission and communication, and continuous supervision, covering the main businesses and matters of the company's operation and management, without major omissions.
According to the characteristics and control requirements of various businesses and matters of the company, the evaluation focuses on the key business control links with the following characteristics: high-risk areas affecting the compliance of laws and regulations, the authenticity of financial information, business efficiency and efficiency, and the safety of capital and assets.
Important operations and matters included in the scope of evaluation include:
(I) internal environment, including: development strategy, organizational structure, corporate culture, human resources, etc;
(II) risk assessment, mainly including identifying the internal and external risks faced by the company, assessing the probability of risk occurrence, possible negative impact, the company's ability to bear risks, risk reduction and priority of control measures, etc. External risks mainly identify policy risks, market risks, price fluctuation risks, interest rate risks, etc; Internal risk mainly identifies contract risk, quality risk, capital risk, information risk, fire risk, talent risk, etc;
(III) control activities, mainly including: sales business, procurement business, foreign investment, contract management, financial reporting, control of subsidiaries, etc;
(IV) information and communication;
(V) internal supervision.
6、 Specific situation of internal control evaluation
(I) internal environment
1. Development strategy
A strategic decision-making committee is established under the board of directors of the company, which is mainly responsible for studying and making suggestions on the medium and long-term development strategy and major decisions of the company. The company has formulated the working rules and decision-making procedures of the strategic decision-making committee. The strategic decision-making Committee formulates the development objectives on the basis of full investigation and research, soliciting opinions, analysis and prediction, and formulates the strategic plan according to the development objectives, so as to promote the process of strategy implementation and improve the collection, screening, analysis, processing and early warning mechanism of information related to strategy implementation, Enhance the sensitivity and judgment of the company to changes in internal and external environment. The core business departments at all levels formulate their own business strategies according to the company's strategy and update them regularly to support the realization of the company's strategic objectives.
2. Organizational structure
In strict accordance with the company law of the people's Republic of China (hereinafter referred to as the "company law"), the Zhang Xiaoquan Inc(301055) articles of Association (hereinafter referred to as the "articles of association") and other relevant laws and regulations of listed companies, the company has continuously improved the corporate governance structure and established the shareholders' meeting, the board of directors and the board of supervisors as the power organ of the company Executive and supervisory bodies. The company has established and improved the corporate governance structure of the company in accordance with the principles of mutual independence, mutual checks and balances and clear rights and responsibilities of power institutions, executive institutions and supervision institutions.
The company has formulated the rules of procedure of the general meeting of shareholders, the rules of procedure of the board of directors, the working rules of independent directors and the rules of procedure of the board of supervisors. The board of directors has a strategic decision-making committee, a nomination committee, a remuneration and assessment committee, an audit Committee and an information technology governance committee to clarify the responsibilities and authorities in decision-making, implementation and supervision, Form a scientific and effective division of responsibilities and check and balance mechanism, promote the governance structure and standardized operation of each department according to their respective duties, further standardize the operation of the company, improve the level of corporate governance, and actively and effectively safeguard the fundamental interests of shareholders, management, employees and stakeholders.
The company formulates the organizational structure according to the enterprise development objectives and strategies, and sets up the marketing center, quality center, R & D center, manufacturing center, new product business department, as well as the financial department, securities investment department, procurement department, warehousing and logistics department, brand department, personnel administration department, information technology department, operation Department, audit department and other functional departments.
3. Corporate culture
The company pays attention to the construction of corporate culture and takes the cultural construction as a key work of enterprise management innovation. After years of operation, the company has established a corporate culture concept system in line with its own development, taking "life hardware Creator as you need" as the corporate brand mission, adhering to the ingenuity spirit of "fine steel work and creative life", and deeply practicing Zhang Xiaoquan Inc(301055) 's concept of all-round quality development. Through corporate culture, all departments and organizations have exerted great strength, forming a complete and unique corporate culture concept system, laying the foundation for the sustainable development of the company and individuals.
4. Human resources
Adhering to the talent strategy, the company pays attention to the selection, training and incentive of talents, regulates employees' cognition, code of conduct and workplace discipline, clearly stipulates employees' recruitment, promotion, performance appraisal, salary, reward and punishment, training, attendance and resignation, and gradually improves the distribution mechanism and career development channel of talents, It ensures the stability of the company's human resources and the demand of various departments for human resources.
(II) risk assessment
The company has established a sound risk assessment system, regularly conduct comprehensive risk assessment for the company, dynamically carry out risk identification and risk analysis, analyze the identified risks from the two dimensions of the possibility of risk occurrence and its impact degree, determine the risk factors that should be focused and controlled first, and make rational use of risk avoidance, risk reduction Risk response strategies such as risk sharing and risk tolerance, improve and optimize the control system and business process related to the risk, realize the effective control of the risk, and put forward risk response measures and strategies.
(III) control activities
1. Sales business
The company has formulated the sales and collection management system related to a series of management activities such as sales management, sales contract management and after-sales service management. For all links involving sales and collection, such as sales forecast, determination of product sales price, order processing, review of customer credit, signing of sales contract, management of sales contract, delivery, payment settlement and return Return and replacement and agency fees, after-sales service, handling procedures of accounts receivable and bad debt handling have been clearly stipulated; The management regulations and process control for sales and collection established by the company ensure that the company can effectively explore the market, promote enterprise products and provide services at reasonable prices and expenses, and help the company's sales department effectively organize marketing, market research, credit investigation, packaging and transportation, after-sales service and other sales activities, And ensure the correctness, integrity and security of accounts receivable records while improving sales efficiency. During the reporting period, the departments and personnel involved in sales and collection can carry out business operations in strict accordance with the provisions of relevant management systems, and the control measures of each link can be effectively implemented.
2. Procurement business
The company has formulated the procurement management standard and supplier management procedure, signed the supplier instructions with most suppliers, and defined the specific division of different procurement functions such as data confidentiality, market fair price, quality and quantity, strategic procurement negotiation and later supplier procurement orders, Basically, the organization and post of procurement and payment business have been reasonably planned and established, and the purchase requisition, approval, procurement and acceptance procedures of inventory have been clarified. The payment of accounts payable and prepayments can only be handled after the relevant procedures are complete. During the reporting period, the company had no major defects in the control of procurement and payment.
3. Foreign investment
In accordance with the company's foreign investment law and relevant laws and regulations, the company's foreign investment behavior shall be strictly implemented in accordance with the company's foreign investment law and relevant laws and regulations.
4. Contract management
The company has set up special posts to carry out risk control and management of legal affairs related to contracts, defined the responsibilities and authorities of relevant posts, formulated control measures for business processes including contract review and signing, contract performance, contract change and dissolution, and contract dispute handling, and assisted the process of contract approval and seal use by information means, Regularly check and sort out the weak links of risk control in contract management, improve relevant control measures, promote the effective performance of contracts, achieve risk control closed loop, and effectively safeguard the legitimate rights and interests of the company.
5. Financial Report
The company strictly implements the accounting law, accounting standards for business enterprises and other accounting laws and regulations and relevant tax laws and regulations, and has established a relatively perfect financial accounting system. The company has set up an independent accounting organization, set up reasonable posts in accounting and financial management, and implement special posts. All posts are equipped with full-time personnel to ensure the smooth progress of financial work. The company implements the post responsibility system for the accounting organization, defines the division of responsibilities, and separates the approval, execution and recording functions. All posts strictly abide by relevant laws and regulations and the company's process operation, so as to ensure the accuracy, authenticity and integrity of financial accounting and financial report. At the same time, the company has established an information disclosure management system in accordance with the measures for the administration of information disclosure of listed companies to ensure the legal compliance, authenticity, integrity and effective utilization of the data disclosed in the listing announcement.
The company strictly implements the related party transaction management system, and ensures the legal compliance of related party transactions and timely and reliable disclosure through control activities such as the approval of related party transaction activities, the pricing of related party transactions, the update and maintenance of the list of related parties, and the regular monitoring of the amount and completion of related party transactions.
6. Control of subsidiaries
As a contributor, the company, in accordance with the requirements of laws and regulations and the articles of Association for the standardized operation of the company and the corporate governance structure, exercises the supervision and management of major matters of subsidiaries as a shareholder or controller, and enjoys the power of investment income and decision-making of major matters for the investment enterprise according to law. By establishing the corresponding subsidiary management process system, the company has strengthened the major events and risk management of the subsidiary, attached importance to the risk compliance of the subsidiary and the safe production and operation management of the enterprise, and further improved the management level. The subsidiary has established a relatively complete decision-making, implementation, supervision and feedback system, and set up corresponding departments according to the principle of mutual checks and balances. The company regularly or irregularly audits and supervises the operation of its subsidiaries. The inspection and supervision of the implementation of the internal control system of subsidiaries, the authenticity and legitimacy of financial information and the rational utilization of assets have achieved good results in improving the overall operation efficiency and anti risk ability of the company.
(IV) information disclosure and communication
1. External information disclosure
According to the requirements of relevant laws, regulations and norms such as the company law, the securities law and the Listing Rules of gem shares of Shenzhen Stock Exchange, and in accordance with the relevant provisions of the articles of association, and in combination with the actual situation of the company's information disclosure and investor relations management, the company has clarified the responsibilities of the company's shareholders, directors, supervisors and senior managers for information disclosure, It is clear that the chairman is the first person responsible for the company's information disclosure, and all members of the board of directors are responsible