INSTRUCTIONS:- The purpose of the UIC- ELC Questionnaire is to document our understanding of the entity level controls for the purpose of identifying potential RMMs / AOCs. When recording your responses in the tables and Comments boxes below, also document when and who you discussed the information with. In your description, consider how these matters affect the financial statements and whether a potential RMM / AOC (due to fraud or error) arises as a result. 说明:- UIC-ELC 问卷的目的是记录我们对实体级控制的理解,以便识别潜在的 RMM/AOC。在下面的表格和评论框中记录您的回答时,还要记录您讨论信息的时间和对象。在您的描述中,考虑这些问题如何影响财务报表,以及是否因此而产生潜在的 RMM / AOC(由于欺诈或错误)。
(!) REMINDER:- Please complete the Scoping Questionnaire first to ensure that this questionnaire populates properly. (!)提醒:- 请先完成范围界定调查问卷,以确保此调查问卷正确填写。
2 DETAILED UNDERSTANDING OF ENTITY LEVEL CONTROLS 2 详细了解实体级控制
INSTRUCTIONS - Based on risk assessment procedures performed, document your answers to the questions below as follows: 说明 - 根据执行的风险评估程序,记录您对以下问题的回答,如下所示:
Document your understanding of the processes and ELCs established by the client in the 1st column of the table in each question. 在每个问题的表格的第一列中记录您对客户建立的流程和 ELC 的理解。
Ensure that ELCs are recorded on separate rows in the table so that you can indicate which rows contain relevant ELCs by selecting Yes from the dropdown list in the 2nd column. 确保 ELC 记录在表中的单独行中,以便您可以通过从第 2 列的下拉列表中选择 Yes 来指示哪些行包含相关 ELC。
For relevant ELCs only, complete the 3rd column to document firstly how you determined that the relevant ELCs have been properly designed, and secondly the evidence that you examined to determine that the relevant ELCs had been implemented. 仅对于相关的 ELC,请填写第 3 列,首先记录您如何确定相关 ELC 已正确设计,其次记录您为确定相关 ELC 已实施而检查的证据。
In the 4th column, evaluate the relevant ELCs as Appropriate or Inappropriate. 在第 4 列中,将相关 ELC 评估为 Appropriate (适当) 或 Inappropriate (不适当)。
If necessary, add potential RMMs (typically Engagement Level Risks) at the end of the section when ELCs are inappropriately designed and/or implemented. 如有必要,当 ELC 的设计和/或实施不当时,请在本节末尾添加潜在的 RMM(通常是参与级别风险)。
For any RMMs identified, determine if a significant deficiency exists that is to be communicated to management and Those Charged With Governance. 对于确定的任何 RMM,确定是否存在需要传达给管理层和负责治理的人员的重大缺陷。
2.1 RISK ASSESSMENT PROCEDURES ON ENTITY LEVEL CONTROLS 2.1 实体层面控制的风险评估程序
Perform risk assessment procedures to obtain audit evidence supporting your assessment of entity level controls. This involves inquiries and corroborating evidence 执行风险评估程序,以获取支持您对实体级别控制措施评估的审计证据。这涉及调查和确凿证据
from observation and inspection of documentation, which may be recorded in the Evidence to Validate D&I column in the tables below. 来自文件的观察和检查,这些文件可能记录在下表的验证 D&I 证据列中。
Document the names of the individual(s) you addressed inquiries to, their role(s) in the entity and the date of the inquiries: 记录您向其发送查询的个人的姓名、他们在实体中的角色以及查询日期:
Name 名字
Position / Role 职位 / 角色
Date 日期
1 韩栓玉
Name
Position / Role Date
1 韩栓玉 | Name | |
| :--- | :--- |
| Position / Role | Date |
| 1 韩栓玉 | |
韩栓玉
Financial controller 财务总监
Date 日期
INSTRUCTION - Document your knowledge obtained from inquiries along with corroborating observations / inspections in each question below. 说明 - 记录您从查询中获得的知识,以及在下面每个问题中证实的观察/检查。
Comment 评论
The management has the responsibility for maintaining the risk management and internal control systems. It performs a review on the effectiveness of the risk management and internal control systems at least once a year. The Group has established an internal control department, which plays an important role in monitoring the risk management and internal control systems of the Group. The management continuously reviews the effectiveness of the risk management and internal control systems, including monitoring procedures for finance, operations, compliance, risk identification and assessment, and implementation of risk response measures. 管理层负责维护风险管理及内部监控系统。该委员会每年至少对风险管理及内部监控系统的有效性进行一次审查。本集团已设立内部监控部门,在监控本集团的风险管理及内部监控系统方面发挥着重要作用。管理层持续检讨风险管理及内部监控系统的有效性,包括财务、营运、合规、风险识别及评估的监察程序,以及风险应对措施的实施。
The Group also has adopted policies and procedures for assessing the effectiveness of the risk management and internal control systems, and requiring the management to provide confirmation to the Board periodically on the effectiveness of the systems. 本集团亦已采纳政策及程序,以评估风险管理及内部监控系统的有效性,并要求管理层定期向董事会确认该等系统的有效性。
The Group strictly prohibits any form of corruption and bribery, and through a sound monitoring, whistle-blowing, auditing and anti-corruption training system, it continues to standardize various business management decision-making behaviors, to form a mechanism of mutual restraint and mutual supervision, thereby ensuring the clean operation of the Group. We have formulated the “Integrity Agreement” (《廉政公約》) and the “Probity Agreement” ( 《廉政協議書》), requiring the employees and third party companies to sign and abide to relevant rules and regulations. To guard against the risk of corruption, we strictly prohibit all acts that violate business ethics, such as accepting gifts, bribes or various forms of payments or gifts. During the procurement and tendering process, we also prohibit the introduction of relatives and friends to engage in economic activities related to the Group’s business, such as equipment supply, subcontracting of works, etc. During the year, we have comprehensively carried out anti-corruption work and strengthened internal control, and conducted anti-corruption supervision and anti-corruption training for directors and employees. 集团严禁任何形式的贪污贿赂行为,并通过完善的监控、举报、审计和反腐败培训制度,持续规范各项经营管理决策行为,形成相互制约、相互监督的机制,从而确保集团的廉洁经营。我们制定了《廉政协议》及《廉政协议》,要求员工及第三方公司签署并遵守相关规则及规定。为防范腐败风险,我们严禁一切违反商业道德的行为,例如接受礼品、贿赂或各种形式的付款或礼品。在采购和招标过程中,我们也禁止介绍亲友从事与集团业务相关的经济活动,如设备供应、工程分包等。年内,我们全面开展反腐败工作和加强内部控制,对董事和员工进行了反腐败监督和反腐败培训。
2.2 CONTROL ENVIRONMENT 2.2 控制环境
INSTRUCTIONS - Based on risk assessment procedures performed, describe your understanding of the controls, processes and structure of the control environment relevant to the preparation of the financial statements and identify any ELCs and/or potential RMMs / AOCs by considering the following: 说明 - 根据执行的风险评估程序,描述您对与财务报表编制相关的控制环境的控制、流程和结构的理解,并通过考虑以下内容确定任何 ELC 和/或潜在的 RMM/AOC:
2.2.1 MANAGEMENT'S OVERSIGHT INCLUDING COMMITMENT TO INTEGRITY AND ETHICAL VALUES* 2.2.1 管理层的监督,包括对诚信和道德价值观的承诺*
Document how management carries out its oversight responsibilities regarding culture and commitment to integrity and ethical values; 记录管理层如何履行其在文化和对诚信和道德价值观的承诺方面的监督责任;
Description of Understanding of Processes and/or ELCs (Record ELCs in separate rows) 了解过程和/或 ELC 的描述(在单独的行中记录 ELC)
Relevant ELC? 相关的 ELC?
Evidence to validate D&I of Relevant ELC 验证相关 ELC 的 D&I 的证据
ELC Evaluation ELC 评估
✓\checkmark
Select Answer 选择答案
Select Answer 选择答案
✓\checkmark
Select Answer 选择答案
Description of Understanding of Processes and/or ELCs (Record ELCs in separate rows) Relevant ELC?
Evidence to validate D&I of Relevant ELC ELC Evaluation
✓ Select Answer
Select Answer
✓ Select Answer| Description of Understanding of Processes and/or ELCs (Record ELCs in separate rows) | | | Relevant ELC? |
| :---: | :---: | :---: | :---: |
| Evidence to validate D&I of Relevant ELC | | ELC Evaluation | |
| | $\checkmark$ | | Select Answer |
| | | Select Answer | |
| | $\checkmark$ | | Select Answer |
Select Answer 选择答案 ++
Comment 评论
Document processes / ELCs regarding communication and enforcement of integrity and ethical values are regarded as satisfactory. 关于沟通和执行诚信和道德价值观的文件流程/ELC 被认为是令人满意的。
2.2.2 OVERSIGHT BY THOSE CHARGED WITH GOVERNANCE * 2.2.2 负责治理的人员的监督 *
When those charged with governance are separate from management, document how TCWG remain independent of, and provide oversight over, the entity’s system of internal control and financial reporting. 当负责治理的人员与管理层分开时,记录 TCWG 如何独立于实体的内部控制和财务报告系统并对其进行监督。
In addition, consider and document the nature and extent of oversight and governance over management’s financial reporting process relevant to accounting estimates. 此外,考虑并记录对与会计估计相关的管理层财务报告流程的监督和治理的性质和程度。
Also evaluate whether the two-way communication with those charged with governance has been adequate for the purpose of the audit. 还要评估与负责治理的人员的双向沟通是否足以达到审计目的。