D.2.4

Issuers should disclose, in the Corporate Governance Report, a narrative statement on how they have complied with the risk management and internal control code provisions during the reporting period. In particular, they should disclose:
 
(a)    the process used to identify, evaluate and manage significant risks;
 
(b)    the main features of the risk management and internal control systems;
 
(c)    an acknowledgement by the board that it is responsible for the risk management and internal control systems and reviewing their effectiveness. It should also explain that such systems are designed to manage rather than eliminate the risk of failure to achieve business objectives, and can only provide reasonable and not absolute assurance against material misstatement or loss;
 
(d)    the process used to review the effectiveness of the risk management and internal control systems and to resolve material internal control defects; and
 
(e)    the procedures and internal controls for the handling and dissemination of inside information.