Cathay Pacific 2015 Annual Report Download - page 46

Download and view the complete annual report

Please find page 46 of the 2015 Cathay Pacific annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 116

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116

Cathay Pacific Airways Limited
44
Through the Company’s Code of Conduct, employees are
encouraged (and instructed as to how) to report control
deficiencies or suspicions of impropriety to those who are
in a position to take necessary action.
Risk assessment: The Board of Directors and the
management each have a responsibility to identify and
analyse the risks underlying the achievement of business
objectives, and to determine how such risks should be
managed and mitigated.
Management structure: The Group has a clear
organisational structure that, to the extent required,
delegates the day-to-day responsibility for the design,
documentation and implementation of procedures and
monitoring of risk. Individuals appreciate where they will be
held accountable in this process.
A control self-assessment process requires management
to assess, through the use of detailed questionnaires, the
adequacy and effectiveness of risk management and
internal controls over the reliability of financial reporting,
the effectiveness and efficiency of operations and
compliance with applicable laws and regulations. This
process and its results are reviewed by internal auditors and
form part of the Audit Committee’s annual assessment of
control effectiveness.
Controls and review: The control environment comprises
policies and procedures intended to ensure that relevant
management directives are carried out and actions that
may be needed to address risks are taken. These may
include approvals and verifications, reviews, safeguarding
of assets and segregation of duties. Control activities can
be divided into operations, financial reporting and
compliance, although there may, on occasion, be some
overlap between them. The typical control activities include:
• analytical reviews: for example, conducting reviews of
actual performance versus budgets, forecasts, prior
periods and competitors
• direct functional or activity management: reviews of
performance reports, conducted by managers in charge
of functions or activities
• information-processing: performing controls intended to
check the authorisation of transactions and the
accuracy and completeness of their reporting, for
example, exception reports
• physical controls: ensuring equipment, inventories,
securities and other assets are safeguarded and
subjected to periodic checks
• performance indicators: carrying out analyses of
different sets of data, operational and financial,
examining the relationships between them, and taking
corrective action where necessary
• segregation of duties: dividing and segregating duties
among different people, with a view to strengthening
checks and minimising the risk of errors and abuse.
The Company has in place effective processes and
systems for the identification, capture and reporting of
operational, financial and compliance-related information in
a form and time-frame intended to ensure that staff carry
out their designated responsibilities.
Internal audit: The Internal Audit Department performs
regular reviews of key risk areas and monitors compliance
with Group accounting, financial and operational
procedures. The role of Internal Audit is discussed further
on page 46.
Audit Committee
The Audit Committee, consisting of four Non-Executive
Directors (Irene Lee, Fan Cheng, John Harrison and Peter
Wong), assists the Board in discharging its responsibilities
for corporate governance and financial reporting. Three of
the Committee members are Independent Non-Executive
Directors, one of whom, Irene Lee, is Chairman. Irene Lee
succeeded Jack So as Chairman of the Audit Committee
and John Harrison was appointed as a member of the Audit
Committee with effect from the conclusion of the
Company’s 2015 Annual General Meeting held on 20th May
2015. All the other members served for the whole of 2015.
The terms of reference of the Audit Committee follow the
guidelines set out by the Hong Kong Institute of Certified
Public Accountants and comply with the CG Code. They are
available on the Company’s website.
The Audit Committee met three times in 2015. Regular
attendees at the meetings are the Finance Director, the
Group Internal Audit Manager and the external auditors.
The Audit Committee meets at least twice a year with the
external auditors without the presence of management.
Each meeting receives written reports from the external
auditors and Internal Audit.
Corporate Governance Report