Shanghai Sk Automation Technology Co.Ltd(688155)
Internal audit system
Chapter I General Provisions
Article 1 in order to strengthen the company’s internal supervision, prevent and control risks, enhance the reliability of information disclosure, reasonably ensure that the company’s business related to financial reports and information disclosure meets the requirements of relevant national laws and regulations, and protect the legitimate rights and interests of investors, according to the Audit Law of the people’s Republic of China and other relevant national laws and regulations and the basic norms of enterprise internal control, and in combination with the actual situation of the company, Formulate this system.
Article 2 this system is applicable to the internal audit of all business links related to the financial report and information disclosure of the company’s internal institutions, holding subsidiaries and joint-stock companies that have a significant impact on the company.
Article 3 the term “internal audit” as mentioned in this system refers to an evaluation activity carried out by the company’s internal institutions or personnel on the effectiveness of its internal control and risk management, the authenticity, accuracy and integrity of financial information, and the efficiency and effectiveness of business activities in accordance with relevant national laws and regulations and the provisions of this system.
Article 4 the term “internal control” as mentioned in this system refers to the process implemented by the company’s board of directors, board of supervisors, senior managers and all employees to achieve control objectives.
The objective of internal control is to reasonably ensure the legal compliance of enterprise operation and management, asset safety, authenticity and integrity of financial reports and relevant information, improve operation efficiency and effect, and promote the realization of enterprise development strategy.
Article 5 the board of directors of the company shall be responsible for the establishment, improvement and effective implementation of the internal control system, and important internal control systems shall be reviewed and approved by the board of directors.
The board of directors and all its members shall ensure the authenticity, accuracy and completeness of information disclosure related to internal control.
Chapter II internal audit organization and responsibilities
Article 6 the company has an internal audit department, which is responsible for the internal audit of the company. The internal audit department is responsible to the audit committee and reports to the audit committee.
Article 7 the internal audit department shall inspect and supervise the authenticity and integrity of the company’s financial information and the establishment and implementation of internal control system.
Article 8 the company shall allocate full-time personnel to engage in internal audit according to the scale and production and operation characteristics of the enterprise.
Article 9 the company implements the audit avoidance system, and the personnel involved or related to the audit matters shall not participate in the internal audit.
The head of the internal audit department must be full-time, nominated by the audit committee of the board of directors and appointed and removed by the board of directors. The company shall disclose the educational background, professional title, work experience of the person in charge of the internal audit department, and whether there is any relationship with the controlling shareholder and actual controller of the company.
Article 10 the internal audit department shall perform the following main duties:
(I) inspect and evaluate the integrity, rationality and effectiveness of the internal control system of the company’s internal institutions, holding subsidiaries and joint-stock companies that have a significant impact on the company;
(II) audit the accounting data and other relevant economic data of the company’s internal institutions, holding subsidiaries and joint-stock companies that have a significant impact on the company, as well as the legality, compliance, authenticity and integrity of the reflected financial revenue and expenditure and relevant economic activities, including but not limited to financial reports, performance forecasts, performance express, voluntary disclosure of predictive financial information, etc;
(III) assist in establishing and improving the anti fraud mechanism, determine the key areas, key links and main contents of anti fraud, and pay attention to and inspect possible fraud in the process of internal audit;
(IV) report to the audit committee at least once a quarter, including but not limited to the implementation of the internal audit plan and the problems found in the internal audit.
Article 11 the internal audit department shall maintain its independence and shall not be placed under the leadership of the financial department or work together with the financial department. The audit committee is responsible for supervising and evaluating the internal audit work.
Article 12 the company shall strengthen internal audit and ensure the establishment, staffing and independence of internal audit institutions.
Article 13 the internal audit department shall inspect the internal control system of monetary funds at least once a quarter. When checking the internal control system of monetary funds, we should focus on whether the authorization and approval of large non operating monetary fund expenditure is sound, whether there is ultra vires approval, and whether there are weak links in the internal control of monetary funds. If any abnormality is found, it shall be reported to the audit committee in time.
Article 14 internal audit shall generally cover all business links related to financial reports and information disclosure in the company’s business activities, including but not limited to: Sales and collection, procurement and payment, inventory management, fixed assets management, fund management, investment and financing management, human resources management, information system management and information disclosure management. The internal audit department can adjust the above business links according to the industry and production and operation characteristics of the company.
Article 15 the audit evidence obtained by internal auditors shall be sufficient, relevant and reliable. The internal auditors shall clearly and completely record the name, source, content, time and other information of the audit evidence in the working paper.
Article 16 during the audit work, the internal auditors shall prepare and review the audit working papers in accordance with the relevant provisions, and timely sort out and file the audit working papers after the completion of the audit project. The internal audit department shall establish a confidentiality system for working papers, establish a corresponding file management system in accordance with the provisions of relevant laws and regulations, and specify that the storage time of internal audit work reports, working papers and relevant materials shall not be less than 10 years. Chapter III specific implementation
Article 17 the internal audit department of the company shall submit the internal audit work report to the audit committee after the end of the year and half year. The internal auditors shall reflect the internal control defects found in the inspection and the problems existing in the implementation in the internal audit work report, and track them after reporting to the audit committee to ensure that the relevant departments have taken appropriate improvement measures in time.
Article 18 the audit committee of the company may formulate the content and format requirements of the internal audit report according to the business characteristics of the company. The audit committee guides the internal audit work and reviews the internal audit work report submitted by the internal audit department.
Article 19 the internal audit department of the company shall establish a working paper system, establish a corresponding file management system in accordance with the provisions of laws and regulations, and clarify the working materials of the internal audit department, including the storage time of internal audit work report, working paper and relevant materials.
Article 20 Where the board of directors or the audit committee considers that there are major defects or risks in the company’s internal control, or the recommendation institution or accounting firm points out that there are major defects in the effectiveness of the company’s internal control, the board of directors shall timely report to the stock exchange and disclose them.
The company shall disclose in the announcement the major defects or risks in internal control, the consequences that have been or may be caused, and the measures that have been taken or are to be taken. The audit committee shall urge relevant responsible departments to formulate rectification measures and rectification time, conduct follow-up review of internal control, supervise the implementation of rectification measures, and disclose the completion of rectification in a timely manner.
Article 21 according to the identification requirements of the enterprise’s internal control standard system for major defects, important defects and general defects, and in combination with the company’s scale, industry characteristics, risk preference, risk tolerance and other factors, the specific identification standards of the company’s internal control defects are as follows:
1. Identification standard of internal control defects in financial reporting
The quantitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:
Category major defect quantitative standard important defect quantitative standard general defect quantitative standard
Total asset misstatement ≥ 0.5% of total assets ≤ misstatement asset misstatement 1% of total assets misstatement 1% of total assets misstatement 0.5%
defect
Misstatement of business income ≥ 0.5% of total business income ≤ misstatement < 1% of total business income < 0.5% of 1% of total business income
defect
Total misstatement of profits ≥ 3% of total profits ≤ misstatement < misstatement of profits < 5% of total profits 5% 3% of total profits
defect
The qualitative criteria for the evaluation of internal control defects in financial reporting determined by the company are as follows:
Qualitative standard of defect nature
Defects in internal control, alone or in combination with other defects, have a reasonable possibility to prevent, detect and correct major misstatements in financial reports in a timely manner. The following signs usually indicate that there may be major defects in the internal control of financial reporting, including but not limited to: the defect may lead to the correction of the issued financial report and the tracing of major defects, the material misstatement of the current financial statements, and the failure of the internal control to detect the misstatement in the operation process, the ineffective supervision of the internal control by the audit committee or the internal audit function, directors The fraud of supervisors and senior management, ineffective risk management function, ineffective control environment and major defects have not been rectified in a reasonable period.
The internal control defects alone or together with other defects have a reasonable possibility to prevent or discover important defects in time and correct the misstatement in the financial report that does not reach or exceed the importance level, but should still attract the attention of the board of directors and management of the company.
General defects are internal control defects that do not constitute major defects and important defects.
2. Identification standard of internal control defects in non-financial reporting
The quantitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:
Category: amount of direct property loss or amount of significant negative impact
The amount of direct property loss or significant negative impact of major defects ≥ 1% of the total assets in the latest audited financial statements
Major defects: 0.5% of the total assets in the latest audited financial statements ≤ the amount of direct property loss or significant negative impact < 1% of the total assets in the latest audited financial statements
The amount of direct property loss or significant negative impact of general defects is less than 0.5% of the total audited assets in the latest period
The qualitative criteria for the evaluation of internal control defects in non-financial reporting determined by the company are as follows:
Qualitative standard of defect nature
Major defects do not take any action for the existing problems, which may lead to serious deviation from the control objectives. Important defects have certain negative effects and objectives if no action is taken for the existing problems
Qualitative standard of defect nature
deviate.
General defects. Failure to take any action on the existing problems may lead to small-scale target deviation.
Article 22 when reviewing and evaluating the establishment and implementation of the information disclosure management system, the internal audit department shall focus on the following contents:
(I) whether the company has formulated information disclosure management system and relevant systems in accordance with relevant regulations, including information disclosure management and reporting system of internal institutions, holding subsidiaries and joint-stock companies with significant influence;
(II) whether the scope and content of major information, as well as the transmission, review and disclosure process of major information are clearly specified;
(III) whether to formulate confidentiality measures for undisclosed major information, and clarify the scope and confidentiality responsibilities of insiders of inside information;
(IV) whether the rights and obligations of the company and its directors, supervisors, senior managers, shareholders, actual controllers and other relevant information disclosure obligors in information disclosure matters are clearly stipulated;
(V) if the company, the controlling shareholder and the actual controller have public commitments, whether the company assigns special personnel to track the performance of commitments;
(VI) whether the information disclosure management system and relevant systems have been effectively implemented.
Chapter IV information disclosure
Article 23 the internal audit department shall implement appropriate review procedures in accordance with relevant regulations, evaluate the effectiveness of the company’s internal control, and submit an internal control evaluation report to the board of directors at least once a year.
The evaluation report shall state the purpose, scope, conclusions and suggestions for improving internal control of the review and evaluation. The internal audit institution shall supervise and inspect the effectiveness of internal control in combination with internal audit supervision. The internal audit institution shall report the internal control defects found in the supervision and inspection in accordance with the internal audit procedures of the enterprise; Have the right to report directly to the board of directors, its audit committee and the board of supervisors on the major defects of internal control found in the supervision and inspection.
Article 24 the board of directors or the audit committee shall evaluate the establishment and implementation of the company’s internal control according to the internal audit work report and relevant information issued by the internal audit department, and form a self-evaluation report on internal control. The board of directors shall form a resolution on the self-evaluation report of the company’s internal control while considering the annual financial report and other matters. While disclosing the annual report, disclose the annual internal control self-evaluation report, and disclose the verification and evaluation opinions of the accounting firm on the internal control self-evaluation report.
Article 25 the self-evaluation report of the company’s internal control shall at least include the following contents:
(I) statement of the board of directors on the authenticity of the internal control evaluation report;
(II) overall situation of internal control evaluation;
(III) basis, scope, procedures and methods of internal control evaluation;
(IV) defects in internal control and their identification;
(V) rectification of internal control defects of the previous year;
(VI) proposed rectification measures for internal control defects this year;
(VII) conclusion on the effectiveness of internal control.
The accounting firm shall verify and evaluate the self-evaluation report of the company’s internal control with reference to the relevant provisions of the competent department.
