D.2.3

The board’s annual review should, in particular, consider:
 
(a)    the changes, since the last annual review, in the nature and extent of significant risks (including ESG risks), and the issuer’s ability to respond to changes in its business and the external environment;
 
(b)    the scope and quality of management’s ongoing monitoring of risks (including ESG risks) and of the internal control systems, and where applicable, the work of its internal audit function and other assurance providers;
 
(c)    the extent and frequency of communication of monitoring results to the board (or board committee(s)) which enables it to assess control of the issuer and the effectiveness of risk management;
 
(d)    significant control failings or weaknesses that have been identified during the period. Also, the extent to which they have resulted in unforeseen outcomes or contingencies that have had, could have had, or may in the future have, a material impact on the issuer’s financial performance or condition; and
 
(e)    the effectiveness of the issuer’s processes for financial reporting and GEM Listing Rule compliance.