Shenzhen Sinovatio Technology Co.Ltd(002912)
Self evaluation report on internal control in 2021
In accordance with the provisions of the basic norms of enterprise internal control and its supporting guidelines and other internal control regulatory requirements (hereinafter referred to as the “enterprise internal control normative system”), combined with Shenzhen Sinovatio Technology Co.Ltd(002912) (hereinafter referred to as the “company”) internal control system and evaluation methods, on the basis of daily and special supervision of internal control, We conducted a self-evaluation on the effectiveness of the company’s internal control on December 31, 2021 (the benchmark date of the internal control evaluation report).
1、 Important statement
It is the responsibility of the board of directors of the company to establish, improve and effectively implement internal control, evaluate its effectiveness and truthfully disclose the internal control evaluation report in accordance with the provisions of the enterprise’s internal control standard system. The board of supervisors shall supervise the establishment and implementation of internal control by the board of directors. The management is responsible for organizing and leading the daily operation of the enterprise’s internal control. The board of directors, the board of supervisors and the directors, supervisors and senior managers of the company guarantee that there are no false records, misleading statements or major omissions in the contents of this report, and bear individual and joint legal liabilities for the authenticity, accuracy and completeness of the contents of the report.
The objective of the company’s internal control is to reasonably ensure the legal compliance of enterprise operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of development strategy. Due to the inherent limitations of internal control, it can only provide reasonable assurance for the realization of the above objectives. In addition, as changes in circumstances may lead to inappropriate internal control or reduced compliance with control policies and procedures, there is a certain risk to speculate the effectiveness of internal control in the future according to the internal control evaluation results.
2、 Internal control evaluation conclusion
According to the identification of major defects in the company’s internal control over financial reporting, there are no major defects in the internal control over financial reporting on the benchmark date of the internal control evaluation report. The board of Directors believes that the company has maintained effective internal control over financial reporting in all major aspects in accordance with the requirements of the enterprise’s internal control standard system and relevant regulations. According to the identification of major defects in the company’s internal control over non-financial reports, the company has no major defects in the company’s internal control over non-financial reports on the benchmark date of the internal control evaluation report.
There are no factors affecting the evaluation conclusion of the effectiveness of internal control from the base date of the internal control evaluation report to the date of issuance of the internal control evaluation report.
3、 Internal control evaluation
(I) internal control principle
1. Principle of legality. Internal control shall comply with the relevant provisions of national laws and regulations;
2. The principle of comprehensiveness. Internal control should cover the board of directors, the board of supervisors, senior management and all employees of the company; The target should cover all economic businesses and related business departments and management departments; In the process, it should penetrate into the links of decision-making, implementation, supervision and feedback, so as to achieve the unity of control in advance, during and after the event;
3. Principle of importance. Highlight key points and take more strict control measures for important businesses and high-risk projects;
4. Principle of adaptability. Internal control shall adapt to the actual situation of the company, establish a relatively standardized internal control system covering all business links of the company according to the characteristics of the company’s industry, business mode and asset structure, combined with the specific situation of the company’s business, ensure the reasonable setting of internal working institutions and positions and the reasonable division of responsibilities and authorities, and adhere to the separation of incompatible positions, Ensure that different institutions and posts have clear rights and responsibilities, mutual restriction and mutual supervision;
5. Benefit principle. Achieve the best control effect with reasonable cost control.
(II) evaluation scope of internal control
According to the risk oriented principle, the company determines the main units, businesses and matters included in the evaluation scope and high-risk areas. The main units included in the evaluation scope include: Shenzhen Sinovatio Technology Co.Ltd(002912) (the company), Nanjing Shenzhen Sinovatio Technology Co.Ltd(002912) Technology Co., Ltd. (the wholly-owned subsidiary of the company), Nanjing Shenzhen Sinovatio Technology Co.Ltd(002912) Software Co., Ltd. (the wholly-owned subsidiary of the company), Hangzhou Saike Network Technology Co., Ltd. (the wholly-owned subsidiary of the company) Nanjing Jintian Business Management Co., Ltd. (a wholly-owned subsidiary of the company), Nanjing Feitong Network Technology Co., Ltd. (a wholly-owned subsidiary of the company), Shenzhen Sinovatio Technology Co.Ltd(002912) (Hong Kong) Co., Ltd. (a wholly-owned subsidiary of the company), Kenya Shenzhen Sinovatio Technology Co.Ltd(002912) Company Limited (a wholly-owned subsidiary of the company) Jiangsu Shenzhen Sinovatio Technology Co.Ltd(002912) industrial Internet Security Technology Innovation Center Co., Ltd. (a wholly-owned subsidiary of the company) and Suzhou Shenzhen Sinovatio Technology Co.Ltd(002912) Technology Co., Ltd. (a wholly-owned subsidiary of the company), the total assets of units included in the evaluation scope account for 99.80% of the total assets in the company’s consolidated financial statements, The total operating revenue accounts for 100% of the total operating revenue in the company’s consolidated financial statements.
When determining the evaluation scope of internal control, all businesses and matters of the company, all departments and subordinate units are fully considered. The main businesses and matters included in the evaluation scope include: organizational structure, human resources, social responsibility, financial management, supply chain and procurement business, sales business, research and development, control over subsidiaries and branches, related party transactions, engineering projects Foreign investment, foreign guarantee, information system and information disclosure.
The high-risk areas that the company focuses on mainly include financial management, supply chain and procurement management, sales management, research and development, engineering projects, etc.
The above units, businesses and matters included in the evaluation scope and high-risk areas cover the main aspects of the company’s operation and management, and there are no major omissions.
The details are as follows:
1. Internal control environment
(1) Organizational structure
The organizational structure of the company is composed of the general meeting of shareholders, the board of directors (including the special committee of the board of directors), the board of supervisors, the internal audit department, senior managers and various business departments, with clear rights and responsibilities and good operation.
① The general meeting of shareholders is the authority of the company. It exercises the functions and powers specified in the articles of association, such as deciding the company’s business policies and investment plans, reviewing the reports of the board of directors and the board of supervisors, and reviewing the company’s annual report. ② The board of directors is responsible for implementing the resolutions of the general meeting of shareholders, exercising the functions and powers of deciding the company’s business plan and investment plan, formulating the company’s annual financial budget plan, reviewing the company’s annual financial settlement plan, and deciding on the establishment of the company’s internal management organization.
③ Supervise the duties of the board of directors and the executive of the company’s financial management personnel.
④ There are four special committees under the board of directors: strategy, nomination, audit, remuneration and assessment, which exercise various special functions within the board of directors according to their responsibilities. The composition of members of each committee complies with relevant laws and regulations, and all members are in place and carry out their work.
⑤ The internal audit department is responsible for the internal audit work, inspecting and supervising the authenticity and integrity of the company’s financial information, the establishment and implementation of internal control system, etc.
The internal audit department is responsible to the audit committee and reports to the audit committee.
⑥ The senior management shall preside over the company’s daily production and operation activities and production and operation management, organize the implementation of the company’s business plan and investment plan, and be responsible for and report to the board of directors.
(2) Development strategy
The board of directors of the company attaches importance to studying and planning the long-term development strategy of the company, and the strategy committee of the board of directors studies and puts forward suggestions on the long-term development strategy and major investment and financing schemes of the company.
(3) Human resource management
The company adheres to the implementation of human resources policies conducive to the sustainable development and core competitiveness of the company, and establishes and improves the personnel management system.
The company abides by the labor law and relevant laws and regulations, protects the legitimate rights and interests of employees according to law, and provides employees with a safe and healthy working environment. The management of the company attaches great importance to the setting of the ability level required for specific jobs and the requirements for the knowledge and ability necessary to achieve this level. The company also carries out various forms of post training and education for different posts according to the needs of actual work, so that employees can be competent for their current jobs.
(4) Social responsibility
The company has always attached importance to and earnestly fulfilled its social responsibility, and gradually established and improved the social responsibility management system. It includes the following:
The company has established a strict safety production management system, conducted regular safety production training and examination for employees, and implemented the safety production responsibility to each person.
The company regards customers as the greatest value of the enterprise, takes customer satisfaction as the yardstick to measure all work, strictly controls product quality, and attaches importance to the win-win relationship with customers.
The company has established and improved the quality management system according to the requirements of ISO9001, national laws and regulations and the actual situation of the company
The company regards environmental protection as an important part of the enterprise’s sustainable development strategy, and pays attention to fulfilling the responsibility of enterprise environmental protection.
The company attaches great importance to employee training and career planning, and has established a scientific promotion mechanism. The company has purchased five insurances and one fund and supplementary commercial insurance for employees, which provides better protection for employees. In terms of employees’ life, it provides shuttle bus, transportation subsidy, car and meal subsidy, annual physical examination, employee canteen, charging pile and other benefits, which improves employees’ satisfaction and sense of belonging to the company.
(5) Corporate culture
The company pays attention to people-oriented, advocates the concept of independent innovation, and strives to build a dynamic, hardworking and innovative technology and management team in line with the corporate culture of “rules, team, perseverance and competition”. The company will continue to give full play to the advantages of technology and resources, shoulder the expectations of capital and customers, adhere to the policy of “data casting value, responsibility leading mission and rules defining the future”, and make unremitting efforts to become a world-class provider of network information security products and solutions and build a more digital, safer and healthier world. 2. Implementation of the company’s internal control
(1) Management control
The company has a relatively perfect internal control organizational structure and internal control system, formed a relatively perfect corporate governance framework document, and timely revised and improved it according to the changes of laws and regulations and the actual situation of the company. After the establishment of various internal control systems, they can be effectively implemented to ensure the standardized operation of the company and promote the healthy development of the company.
(2) Financial management control
The company has formulated a relatively perfect financial management system in accordance with the provisions of relevant national laws and regulations such as the company law, the accounting law, the accounting standards for business enterprises, the basic norms of enterprise internal control and so on. The financial management system covers all aspects of business activities such as basic accounting norms, budget, monetary capital, sales, procurement, inventory, fixed assets management and so on.
According to relevant financial systems, the company further made specific provisions on budget management relations, responsibilities and authorities, budget content and approval procedures, which played a positive role in effectively ensuring the allocation and use of various resources, reducing budget blindness and increasing budget rationality.
The company’s financial system is responsible for preparing annual financial reports, collecting and summarizing relevant accounting information, preparing annual, semi annual, quarterly and monthly financial reports, and supervising the financial affairs of subsidiaries and branches to ensure the authenticity and integrity of the submitted data.
In order to prevent and control capital risks, ensure capital safety and improve capital use efficiency, the company standardizes the responsibilities and authorities, post separation, authorization and approval procedures, cash revenue and expenditure and inventory supervision, bill management and inspection, payment and reimbursement of investment, financing and operation through relevant financial systems. Regularly check the capital activities, such as inventory and routine audit, to ensure the safe and effective operation of funds.
According to the asset management system, the company standardizes the asset management department, management measures, purchase registration, custody and inventory, maintenance and disposal, and asset management in market lending. At the same time, fixed assets are checked regularly to ensure that the assets are safe and complete and the accounts are consistent with the facts.
(3) Supply chain and procurement business management control
According to the production logistics system, the company standardizes the links of material purchase application, procurement plan, procurement implementation, material acceptance and warehousing, requisition, return processing, warehousing and so on.
(4) Sales control
According to the sales management system, the company standardizes the sales area, order approval, performance appraisal, bidding, product trial and lending, customer service, etc.
According to the sales management system, the company prevents and controls contract risks and maintains the legitimate rights and interests of the company. Set up full-time legal personnel to review and filter all contracts of the company.
The company standardizes the after-sales process of service engineering according to the relevant processes and systems of after-sales of Chinese service engineering and international service engineering.
(5) Research and development control
According to the R & D management system, the company standardizes the organization management and process management of product R & D.
(6) Control over subsidiaries and branches
According to relevant corporate governance and financial systems, the company appoints directors, supervisors and senior managers to control and manage its holding subsidiaries.
The company uniformly manages the finance, major investment, personnel and information disclosure of the holding subsidiaries, controls the legality, compliance and effectiveness of economic activities such as major contracts, major capital expenditures and major losses of the holding subsidiaries, and improves the overall operation efficiency and risk resistance ability of the company.
In terms of business, the company implements integrated management of controlled subsidiaries in accordance with the relevant provisions of relevant internal control systems. The functional departments directly face the business departments of each holding subsidiary, approve, review and monitor the workflow of the business departments of the holding subsidiary according to the level and authority settings, and the functional departments can guide, supervise and support the counterpart departments of the subsidiary.
At present, the control structure and shareholding ratio of the company’s holding subsidiaries:
Shareholding ratio of the name of the subsidiary in the investee (%)
Nanjing Shenzhen Sinovatio Technology Co.Ltd(002912) Technology Co., Ltd. 100%
Nanjing Shenzhen Sinovatio Technology Co.Ltd(002912) Software Co., Ltd. 100%
Hangzhou Saike Network Technology Co., Ltd. 100%
Nanjing Jintian Business Management Co., Ltd. 100%
Nanjing Feitong Network Technology Co., Ltd. 100%
Jiangsu Shenzhen Sinovatio Technology Co.Ltd(002912) industrial Internet Security Technology Innovation Center 100% (Nanjing Shenzhen Sinovatio Technology Co.Ltd(002912) Technology Co., Ltd