Inner Mongolia Tianshou Technology&Development Co.Ltd(000611)
Internal control evaluation system
(approved by the board of directors on March 22, 2022)
Chapter I General Provisions
Article 1 in order to Inner Mongolia Tianshou Technology&Development Co.Ltd(000611) (hereinafter referred to as “the company”) improve its internal control system, enhance its market image and public recognition, realize coordination and interaction with market supervision, and express opinions on the effectiveness of internal control. This system is formulated in accordance with relevant laws and regulations, such as the basic norms of enterprise internal control, the guidelines for the evaluation of enterprise internal control, the explanation of enterprise internal control norms, and the rules for the preparation and reporting of information disclosure of companies offering securities to the public No. 21 – General Provisions for the annual internal control evaluation report. Article 2 internal control evaluation refers to the process in which the board of directors of the company comprehensively evaluates the effectiveness of internal control, forms evaluation conclusions and issues evaluation reports.
Article 3 principles of internal control evaluation:
(I) principle of comprehensiveness. The principle of comprehensiveness emphasizes that the coverage of internal control evaluation needs to be comprehensive. Specifically, it means that the internal control evaluation needs to include the design and operation of internal control, covering all kinds of businesses and matters of the company and its affiliated companies;
(II) principle of importance. The importance principle emphasizes that the evaluation of internal control needs to focus on risks and highlight key points on the basis of comprehensiveness. Specifically, it is mainly reflected in the process of formulating and implementing the evaluation work plan and allocating evaluation resources. Its core requirements mainly include two aspects: first, we should adhere to the idea of risk orientation and focus on those high-risk areas and risk points that affect the realization of internal control objectives; Second, we should adhere to the idea of highlighting key points, and focus on those important business matters, key control links and important business units;
(III) the principle of objectivity. The principle of objectivity emphasizes that the evaluation of internal control needs to accurately reveal the risk status of operation and management and truthfully reflect the effectiveness of the design and operation of internal control. Only by adhering to objectivity in the whole process of the formulation and implementation of the internal control evaluation work plan can we ensure the objectivity of the evaluation results. Article 4 internal control evaluation is to express opinions on the effectiveness of internal control. The effectiveness of internal control refers to the degree to which the establishment and implementation of internal control provide reasonable assurance for the realization of control objectives, including the effectiveness of internal control design and internal control operation.
Article 5 the evaluation of internal control shall focus on the five elements of internal environment, risk assessment, control activities, information and communication and internal supervision.
(I) internal environmental assessment includes organizational structure, development strategy, human resources, corporate culture, social responsibility, etc. The evaluation of organizational structure can focus on the overall control of institutional setting, division of rights and responsibilities, mutual restraint, information flow path and so on; The development strategy can focus on three aspects: the formulation rationality, effective implementation and appropriate adjustment of the development strategy; Human resource evaluation should focus on the rationality of enterprise human resource introduction structure, development mechanism, incentive and restraint mechanism and so on; The evaluation of corporate culture should be carried out from two aspects: Construction and evaluation, so as to promote the promotion of integrity and moral values and consolidate the humanistic foundation for the improvement of internal control; Social responsibility can be carried out from the aspects of safe production, product quality, environmental protection and resource conservation, employment promotion, employee rights and interests protection, etc;
(II) risk assessment is to identify and evaluate the goal setting and implementation, risk identification and assessment, risk analysis and report, risk monitoring and response strategies in the process of daily operation and management;
(III) control activity evaluation is to identify and evaluate the design effectiveness and operation effectiveness of control measures and processes of various businesses of the company;
(IV) information and communication evaluation is to identify and evaluate the timeliness of information collection, processing and transmission, the soundness of anti fraud mechanism, the authenticity of financial reports, the security of information system, and the effectiveness of using information system to implement internal control;
(V) internal supervision and evaluation refers to the scientific, objective and reasonable identification and evaluation of the tone of internal supervision, the effectiveness of supervision and the defects of internal control by the management.
Article 6 the headquarters of the company and its holding subsidiaries shall accept the evaluation and supervision of internal control in accordance with these provisions.
Chapter II post responsibilities and authorities
Article 7 the Audit Department of the company has the power to independently supervise the establishment and operation process and results of the internal control system.
Article 8 Internal Auditors shall have professional competence and professional ethics commensurate with the supervision and evaluation of the internal control system.
Article 9 the audit department is responsible for the organization and implementation of internal control evaluation:
(I) inspect and evaluate the integrity, rationality and effectiveness of the internal control system of the company’s internal institutions, holding subsidiaries and joint-stock companies that have a significant impact on the company;
(II) audit the accounting data and other relevant economic data of the company’s internal institutions, holding subsidiaries and joint-stock companies that have a significant impact on the company, as well as the legality, compliance, authenticity and integrity of the reflected financial revenue and expenditure and relevant economic activities, including but not limited to financial reports, performance letters, voluntary disclosure of predictive financial information, etc;
(III) assist in establishing and improving the anti fraud mechanism, determine the key areas, key links and main contents of anti fraud, and reasonably pay attention to and inspect possible fraud in the process of internal audit;
(IV) report to the board of directors or the audit committee at least once a quarter, including but not limited to the implementation of the internal audit plan and the problems found in the internal audit; And submit an internal audit report to it at least once a year;
(V) organize the preparation of internal control evaluation report;
(VI) communicate with external auditors and urge all departments and holding subsidiaries to rectify internal and external internal control evaluation;
For the internal control defects found in the review process, the audit department shall urge the relevant responsible departments to formulate rectification measures and rectification time, conduct follow-up review of internal control, and supervise the implementation of rectification measures.
If the audit department finds major defects or risks in internal control during the review process, it shall report to the board of directors or the audit committee in time.
The audit department and other functional departments and offices of the company shall maintain coordination and consistency in the supervision and evaluation of the internal control system, cooperate and restrict each other in their work, and meet the relevant requirements of the company for the supervision and evaluation of the internal control system in terms of efficiency and effect;
The responsibility of the board of directors and the management of the company is to support and grant sufficient authority to the audit department to ensure the smooth development of internal control evaluation.
Article 10 the leader in charge of the audit department shall be responsible for organizing the internal control evaluation, and the audit committee shall lead and supervise the internal control evaluation. The audit committee and the leader in charge are responsible for reviewing the internal control evaluation report, the board of directors examines and approves the opinions on the rectification of major and important internal control defects, and actively coordinates and removes obstacles to the difficulties encountered by the internal control department in supervising and urging the rectification.
Article 11 the management is responsible for putting forward the business or matters that should be focused on for the internal control evaluation plan in combination with the daily business situation, examining and approving the internal control evaluation plan and listening to the internal control evaluation report. For the problems found in the internal control evaluation or the deficiencies in the report, it shall actively take effective measures to rectify them in accordance with the rectification opinions of the board of supervisors or the audit committee.
Article 12 each department is responsible for organizing its own internal control self inspection, testing and evaluation, proposing rectification plans and specific rectification plans for the found design and operation defects, actively rectifying them, submitting them to the audit department for review, and cooperating with the audit department and external auditors to carry out internal control evaluation at the company level.
Article 13 the holding subsidiary of the company is responsible for implementing the responsibility of internal control evaluation level by level, establishing a daily monitoring mechanism, carrying out internal control self inspection, testing and regular inspection and evaluation, finding problems and identifying defects in internal control, formulating rectification plans and plans, urging rectification after being submitted to the management of the holding subsidiary for approval, preparing internal control evaluation reports, and summarizing the implementation and rectification of internal control.
Chapter III internal control evaluation management
Article 14 the company shall formulate an annual internal control inspection and supervision plan according to its own business characteristics, which shall be used as the basis for evaluating the operation of internal control.
Article 15 the evaluation of the company’s internal control needs to focus on the operation and management activities, mainly focusing on: whether there is a break in the capital chain in the process of fund raising, investment and operation; Whether there is fraud in the acquisition and sale of assets, whether there is low efficiency or loss of assets in the operation of assets; Whether there is fraud in procurement and sales; Whether the R & D project has been scientifically demonstrated; Whether there is commercial bribery in the project; Whether the Contractor’s selection of business outsourcing links is compliant and reasonable, and whether it can give full play to the professional advantages of business outsourcing.
Article 16 the control activities that the internal evaluation should focus on mainly include: the management control of holding subsidiaries, the internal control of related party transactions, the internal control of engaging in derivative transactions, the internal control of providing financial assistance, the internal control of external guarantee, the internal control of the use of raised funds, the internal control of entrusted financial management, the internal control of major investment and the internal control of information disclosure, And the internal control of business outsourcing.
Article 17 the internal control evaluation of the company shall take into account the control means, and at least pay attention to: whether the comprehensive budget is binding; Whether there are disputes in the performance of the contract; Whether the information system is organically combined with internal control; Whether the internal report is delivered in time and communicated effectively.
Article 18 the Audit Department of the company shall specifically organize and implement the internal control evaluation, be directly responsible to the board of directors, the audit committee and the company’s leaders, regularly or irregularly inspect the company’s internal control system, evaluate the effect and efficiency of its design and implementation, and timely put forward improvement suggestions in combination with the requirements of the board of directors, the audit committee and the company’s leaders. The audit department shall formulate the evaluation scheme according to the system, form an evaluation working group, clarify the division of labor and schedule, and carry out comprehensive internal control evaluation by means of on-site inspection.
Article 19 according to the actual situation, the company may require all functional departments and holding subsidiaries to establish an internal control self inspection mechanism and actively cooperate with the audit department in the internal control evaluation. The audit department shall review and sample test according to the implementation rules of internal control self-assessment. If necessary, the company can carry out internal control evaluation with the help of intermediaries or external experts. Intermediaries participating in the company’s internal control evaluation shall not provide internal control audit services for the company at the same time.
Article 20 when conducting internal control evaluation, the audit department needs to prepare working papers. The working paper needs to be filled in and recorded by the evaluation personnel, and the internal control defects found shall be preliminarily identified. The evaluation working paper shall be cross checked and signed, and signed and confirmed by the person in charge of the evaluation working group.
Article 21 the evaluation working group shall conduct on-site test on the evaluated unit, comprehensively use the methods of individual interview, questionnaire, special discussion, walk through test, on-site inspection, sampling and comparative analysis, fully collect the evidence of whether the internal control design and operation of the evaluated unit are effective, truthfully fill in the evaluation working paper according to the specific contents of the evaluation, and study and analyze the defects of internal control.
Article 22 the internal control defects identified by the evaluation working group shall be determined after being submitted to and approved in accordance with the prescribed authority and procedures.
Article 23 the company makes a comprehensive judgment on internal control defects, which are divided into major defects, important defects and general defects according to their severity.
(I) major defect refers to the combination of one or more control defects that may cause the company to seriously deviate from the control objectives;
(II) major defect refers to the combination of one or more control defects, whose severity and economic consequences are lower than those of major defects, but it may still lead to the company’s deviation from the control objectives;
(III) general defects refer to other control defects except major defects and important defects.
Article 24 the company shall establish an internal control defect rectification mechanism, clarify the division of responsibilities of internal management levels and the company’s rectification, and ensure that the main problems and major risks in the design and operation of internal control are solved in time and effectively controlled.
Article 25 the evaluation working group shall put forward rectification suggestions on the internal control defects found, and report to the management, the board of directors (Audit Committee) and the board of supervisors for approval. After approval, a feasible rectification plan shall be formulated, including rectification objectives, contents, steps, measures, methods and time limit. If the rectification period exceeds one year, the rectification objectives shall specify the short-term and long-term objectives and the corresponding rectification work contents.
Article 26 the evaluation working group requires the responsible department or the holding subsidiary to rectify in time according to the rectification plan
Change and track the implementation of rectification and feedback; For those who have caused losses or negative effects, the company shall investigate the responsibilities of relevant personnel.
Article 27 the audit department shall submit the internal control evaluation report to the board of directors and the audit committee after the end of the year; The board of directors or its audit committee shall issue an annual internal control evaluation report on the establishment and implementation of the internal control system related to financial reports and information disclosure according to the evaluation report and relevant materials issued by the internal audit department.
Article 28 the internal control evaluation report shall be disclosed simultaneously with the company’s annual report, including at least the following contents: (I) the statement of the board of directors on the authenticity of the internal control report;
(II) overall situation of internal control evaluation;
(III) basis, scope, procedures and methods of internal control evaluation;
(IV) internal control defects and their identification;
(V) rectification of internal control defects of the previous year;
(VI) proposed rectification measures for internal control defects this year;
(VII) effectiveness of internal control.
Article 29 establish a file management system for internal control evaluation. The working materials of the inspection and supervision department, including the internal control inspection and supervision work report, working paper and relevant materials, shall be kept for at least ten years.
Article 30 for the problems found by each department during the implementation of the internal control system, each department shall put forward a improvement plan by asking for instructions and submit it to the person in charge of the Department for review. After further investigation and research, the audit department shall organize relevant departments to revise the internal control system.
Chapter IV supplementary provisions
Article 31 the Audit Department of the company shall be responsible for the interpretation of these provisions.
Article 32 these Provisions shall come into force and be implemented from the date of deliberation and adoption by the board of directors of the company.
