Inner Mongolia Tianshou Technology&Development Co.Ltd(000611)
Internal control management system
(approved by the board of directors on March 22, 2022)
Chapter I General Provisions
Article 1 in order to strengthen the internal management of Inner Mongolia Tianshou Technology&Development Co.Ltd(000611) (hereinafter referred to as "the company"), reasonably ensure the legal compliance of enterprise operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of enterprise development strategy, This system is formulated in accordance with the company law of the people's Republic of China, the securities law of the people's Republic of China, the basic norms of enterprise internal control, the stock listing rules of Shenzhen Stock Exchange, the self regulatory guidelines for listed companies of Shenzhen Stock Exchange No. 1 - standardized operation of listed companies on the main board and other laws, regulations and normative documents, as well as the Inner Mongolia Tianshou Technology&Development Co.Ltd(000611) articles of Association (hereinafter referred to as the "articles of association").
Article 2 the term "internal control" as mentioned in this system refers to the mechanism and process by which the institutions and personnel at all levels of the company take appropriate measures to reasonably prevent and effectively control various risks in operation and management and promote the realization of control objectives according to their respective responsibilities.
Article 3 the company shall establish a compliant and effective internal control system according to the characteristics of its own operation and management. The board of directors shall coordinate and supervise the implementation of the internal audit system, and the supervisors shall be directly responsible for the implementation of the internal audit system. The general manager of each subsidiary is responsible for implementing relevant functions to specific departments and posts, arranging special personnel to connect business with the Audit Department of the company, so as to ensure smooth transmission of internal control information and orderly development of internal control work.
Article 4 relevant principles followed by the company's internal control system:
(1) The principle of comprehensiveness. Internal control shall run through the whole process of decision-making, implementation and supervision, and cover various businesses and matters of the enterprise and its subordinate units.
(2) Principle of importance. Internal control should pay attention to important business matters and high-risk areas on the basis of comprehensive control.
(3) Principle of checks and balances. Internal control shall form mutual restriction and supervision in the aspects of governance structure, institutional setting, distribution of rights and responsibilities, business process, etc., and take into account the operation efficiency.
(4) Principle of adaptability. Internal control shall be adapted to the business scale, business scope, competition and risk level of the enterprise, and shall be adjusted in time with the changes of the situation.
(5) Cost benefit principle. Internal control should weigh the implementation cost and expected benefits to achieve effective control at an appropriate cost.
Article 5 the scope of application covers all departments of the company's headquarters and holding subsidiaries.
Chapter II Contents of internal control
Article 6 the company's internal control mainly includes five elements: internal environment, risk assessment, control activities, information and communication and internal supervision, covering all business links related to financial reports and information disclosure in the company's business activities, including: Sales and collection, procurement and payment, inventory management, fixed assets management, fund management, investment and financing management, human resources management Information system management and information disclosure management. Article 7 the internal environment includes governance structure, organizational structure and distribution of rights and responsibilities, internal audit, human resources policy, corporate culture, etc.
1. The company and its subsidiaries shall set up the corporate governance structure, establish a reasonable organizational structure, improve the authorization system and ensure the implementation of the company's rules and regulations in accordance with the articles of association. The authorization at all levels shall be appropriate. An effective evaluation and feedback mechanism shall be established for the authorized departments and personnel, and the authorization that is no longer applicable shall be modified or cancelled in time.
2. The company sets up an internal audit department to inspect and supervise the establishment and implementation of the company's internal control system and the authenticity and integrity of the company's financial information. All internal organs or functional departments of the company, holding subsidiaries and joint-stock companies that have a significant impact on listed companies shall cooperate with the internal audit department in performing its duties according to law and shall not hinder the work of the internal audit department.
The internal audit department shall maintain its independence and shall not be placed under the leadership of the financial department or work together with the financial department. The internal audit department is responsible to the audit committee and reports to the audit committee.
The management shall effectively design and implement the company's anti fraud procedures and controls, and take appropriate measures for different behaviors.
3. The company shall establish scientific labor and personnel systems such as employment, vacation, overtime, dismissal, training, retirement, promotion, salary calculation and payment, social insurance payment, etc.
4. The company should actively cultivate the corporate culture with its own characteristics, guide and standardize the behavior of employees, create an effective corporate brand, form the centripetal force of the overall team, and promote the long-term development of the company.
Article 8 the company shall establish corresponding risk assessment system, identify and scientifically analyze various uncertain factors affecting the realization of enterprise strategy and operation and management objectives in a timely manner and take countermeasures.
Article 9 control activities means that the management and authorized departments of the company need to formulate various business management rules, operation procedures and post manuals according to the company's own industry characteristics and business management activities, and formulate necessary control procedures for each risk point.
Article 10 based on the results of risk assessment, through the combination of manual control and automatic control, preventive control and discovery control, the company uses incompatible job separation control, authorization approval control, accounting system control, property protection control, budget control, operation analysis control and performance evaluation control to control the risk within the tolerable degree.
Article 11 for the internal computer management information system of the company, in addition to the clear division of responsibilities and authorities between the computer maintenance department and the electronic information use department, the internal control shall at least include the control of the following activities: the control of developing computer system and modifying program; Access control of computer programs and data; Input and output control of basic data; Data backup, file and equipment safety control; Control of purchase, use and maintenance of hardware and software systems; Control of system recovery and test procedures.
Article 12 information and communication control is divided into internal information communication control and public information disclosure control, mainly including: establishing internal information transmission system and formulating corresponding control procedures for the mode, content and time limit of information communication between departments and companies; Establish an information disclosure responsibility system, clarify the responsibility of information disclosure to each person, and ensure that the Secretary of the board of directors can timely know all kinds of information of the company and disclose it to the public in a timely, accurate and complete manner. Article 13 internal supervision requires enterprises to supervise and inspect the establishment and implementation of internal control, evaluate the effectiveness of internal control, and make timely improvement if internal control defects are found. Internal supervision is mainly carried out through self-evaluation of internal control.
Chapter III working methods of internal control
Article 14 internal control work includes internal control investigation, internal control system construction and maintenance, internal control information management, internal control self-evaluation, etc.
Article 15 internal control investigation. The Audit Department of the company conducts internal and external research on internal control from time to time, collects laws and regulations, regulatory documents, leading operation practices of industry and enterprise internal control, receives training and field investigation, arranges research materials, and improves the company's internal control management system and strategy.
External research includes laws and regulations related to internal control and risk management, regulatory policies and regulations related to various industries of the company, internal control management and operation practices of industry-leading enterprises, etc.
Internal investigation is mainly to investigate the internal control of each business department of each company, investigate and investigate the units with outstanding evaluation results in combination with the results of the annual internal control evaluation report, and share the research results with the relevant management and employees of the company in time.
Article 16 construction and maintenance of internal control system. The Audit Department of the company is responsible for organizing the construction of the company's internal control system and laying a standardized and unified management foundation for the overall planning and implementation of the company's internal control. The main contents of internal control system construction are as follows:
1. Organize the construction of internal control system. The organizational work includes setting work objectives, formulating work plans and schemes, dividing the work stages promoted layer by layer and the scope of the corresponding company, determining the work mode, organizational structure and main division of labor, putting forward the requirements of participants, formulating assessment processes, standards, rewards and punishment measures, finally forming feasible work management methods, and strictly implementing and implementing them in the process of centralized construction; The construction work includes dividing internal control levels around internal control elements, selecting standard processes and characteristic processes at the process level, setting importance standards according to industry characteristics, main financial indicators and other information, understanding the design effectiveness and implementation effectiveness of the internal control system of the company and its subordinate companies by means of interviews and tests, finding out the defects existing in the design and implementation and evaluating their severity, Put forward rectification suggestions and form a rectification plan with the management, and continue to pay attention to the defect rectification after the centralized work is completed until an internal control system meeting the objectives and requirements is formed. The internal control system is carried out according to the internal authorization and process of the company, and is officially released and implemented after approval. 2. Review various rules and regulations. All systems formulated by the company and its subordinate companies shall be submitted in writing to the Audit Department of the company for internal control compliance review. After passing the review, it shall be approved according to the internal authorization and process of the company. After approval, all companies shall file the approval documents and system documents in electronic or written form, and feed them back to the audit department for filing. All companies shall issue relevant systems according to their own regulations. Each business department of each company is responsible for the formulation and maintenance of specific internal control rules and regulations, and the process is implemented in accordance with relevant regulations.
3. Prepare and maintain internal control manual. Prepare and maintain the company's internal control manual. Each company shall prepare and maintain its own internal control manual and sign and approve it as authorized by the company. This manual makes specific provisions and detailed instructions on how to realize effective internal control of the company. Taking the business process of the company and each sector as the clue, this manual analyzes each specific business in the process, identifies and designs the control points to deal with the risks in combination with the risk points of the business and with reference to relevant rules and regulations, describes the control points in detail, and implements the responsible units and posts. Establish a comprehensive and unified internal control standard through the manual.
Article 17 internal control information management. The Audit Department of the company and the business departments of the company shall establish an information sharing mechanism to widely collect and sort out internal and external information related to internal control, widely share and fully communicate in time within the company, improve the transparency of operation and management, and lay the corresponding information foundation for internal control management.
The Audit Department of the company is responsible for summarizing, refining and analyzing the information related to internal control management, and gradually implementing the information submission responsibility of each company's business department in internal control management. All business departments shall actively cooperate and provide information required for internal control evaluation and report on time as required.
Article 18 self evaluation of internal control. The self-evaluation of internal control is risk oriented. It focuses on the internal environment, risk assessment, control activities, information and communication, internal supervision and other elements, determines the specific contents of internal control evaluation, and comprehensively evaluates the design and operation of internal control.
If an external consulting organization is entrusted to inspect and evaluate the self-evaluation of internal control, all business departments shall closely cooperate with their work. For the internal control management problems found in the inspection, they shall study and formulate practical rectification measures according to their suggestions and carry out rectification in time.
Article 19 the internal control work is carried out in the company and all subsidiaries included in the scope of the company's consolidated statements
Exhibition. The subsidiaries that have completed the establishment of the system carry out the maintenance of the internal control system according to their own actual situation, continuously improve the internal control management level, timely adjust the internal control system to cope with the changing internal and external environment, and strive to continuously improve the operation and management efficiency of the company; Subsidiaries newly included in the scope of consolidated statements shall clarify their internal control functions at the first time, implement them to specific departments and posts, timely organize internal control evaluation, timely rectify and find problems, and transfer to the maintenance stage after the formal establishment of the internal control system. Chapter IV assessment of internal control
Article 20 the internal control work shall be included in the company's performance appraisal, and the internal control work objectives, work plans and schemes shall be taken as the standard, and the scores shall be given according to the actual completion of the internal control work on time, quality and quantity; In case of major and important internal control defects, one vote veto will be given.
Chapter V supplementary provisions
Article 21 the company shall formulate a specific internal control system according to the guidance of relevant regulatory authorities and in combination with its actual situation, and constantly adjust and correct the internal control defects found by internal audit, accounting firms and other institutions according to the changes of environment, time, production and operation.
Article 22 the Audit Department of the company is responsible for updating and interpreting the system,
Article 23 the system shall come into force and be implemented after being deliberated and approved by the board of directors of the company.