The Audit and Risk Management Department serves as the leading unit for the company's internal audit function, with its responsibilities covering all business operations of the company. Adhering to the risk based audit principle, the department develops an annual audit plan based on risk assessment results and actual business development needs. This plan is submitted to the Board of Directors for review and approval implementation. The execution of audit projects follows a standardized closed loop process, which includes audit preparation, data collection and analysis, on site implementation and inspection, issue identification and report preparation, as well as rectification tracking and verification.
In accordance with the annual plan, the Audit and Risk Management Department carries out audit projects, ensuring full coverage of all subsidiaries within a five year cycle. The audit work encompasses, but is not limited to, key issues in the field of business ethics, such as anti corruption and anti bribery, procurement and supply chain management, and travel expense management. This enables systematic identification of material risks across the company's strategic, operational (procurement, production, R&D, marketing), financial, compliance, and ESG dimensions. Furthermore, the department has established a mechanism for transferring findings identified during audits. Cases involving violations of duty or conflict of interest are promptly referred to the relevant company departments for investigation and handling.