Atul Ltd 2020-21

46 Atul Ltd | Annual Report 2020-21 The Company has comprehensive internal control systems commensurate with the nature of its business and size and complexity of its operations. They provide reasonable assurance on effectiveness and efficiency of its operations, reliability of financial reporting and compliance with the applicable laws and regulations. The internal control systems that deploy an amalgam of modern and traditional processes are routinely tested and upgraded for both design and operational effectiveness by the Management and the same is audited by the Statutory Auditors. Significant audit observations and follow-up actions and recommendations thereon are also reported to the Senior Management and the Audit Committee for their review. Internal Audit The Company has an in-house Internal Audit department which includes professionals from finance, data analytics and engineering disciplines and is also working with reputed audit firms specialising in internal audits and assurance domain. Together, they have the responsibility to bring in excellence in the function, continuously identify areas of operations requiring strengthening and introduce best processes and practices to manage a growing business which comprises subsidiary, associate and joint venture entities (including Atul Foundation and entities overseen by it ). The annual internal audit plan is reviewed and approved by the Audit Committee in beginning of the INTERNAL CONTROL SYSTEMS financial year to ensure adequate coverage. Progress of internal audit plan, significant observations noted during internal audits and status of identified actions are reviewed by the Management periodically and by the Audit Committee on quarterly basis. The Company is planning to further strengthen its Internal Audit department for improved focus on retail processes, data analytics and technical audit. Enterprise Risk Management The Company has separated enterprise risk management (ERM) function which was so far a part of Internal Audit department and staffed it with one senior team member with the responsibility to work with the businesses so as to enhance risk management processes. The Company believes that risks are inevitable in any business and its approach is to identify, track and mitigate instead of avoiding them. ERM is an integral part of a business and its framework includes identification, classification, assessment, prioritisation, mitigation, monitoring and reporting of key risks. The Company has adopted a bottom-up and top-down approach to drive ERM. The bottom-up approach includes identification and regular assessment of risks by respective businesses and cross-functional teams and plan for mitigating such risks in a structured manner. This is complemented by a top-down approach where the senior management identifies and assesses long-term and macro risks. Risks are consolidated under major risk themes to create focus areas and prioritise mitigation plans. ERM is driven by the Board of Directors through the Risk Management Committee of the Board.