Audit scope
The internal audit unit reviews the adequacy of the internal control system and the implementation of general operations according to the “Internal Audit Implementation Rules”, and conducts continuous audits. The scope of the audit covers all operations of the Company and its subsidiaries.
Audit execution and operation
Every year, the internal audit unit conducts an overall risk assessment based on the changes in the business environment and the previous audit results. The internal audit unit prepares an annual audit plan, which is submitted to the Audit Committee for review subject to approval by the Board of Directors.
Based on the monthly audit results, the Audit Officer submits an audit report and quarterly follow-up report to the independent directors by the end of the following month. The Audit Officer also makes a business report to the independent directors while attending the Audit Committee meeting as a nonvoting participant. At the same time, the implementation results of the audit report and the tracking of internal audit deficiencies are communicated.
Self-assessment of internal control
An internal control self-assessment is conducted once a year. The internal audit unit reviews the self-assessment report of each unit. The improvement of internal control deficiencies and anomalies identified by the audit unit in the past period are used as the main basis for the Chairman and the General Manager to assess the overall internal control system, with a statement of the internal control system issued.
Appointment, dismissal, and evaluation of internal auditors
The internal audit unit is subordinate to the Board of Directors, and the auditors meet the qualification requirements set by the Financial Supervisory Commission. Appointment or dismissal of the Audit Officer is subject to resolution of the Board of Directors. The appointment and dismissal, evaluation, and remuneration of internal auditors are handled in accordance with the “Personnel Management Rules” and reported to the chairman for approval according to the process.
Information including the name, age, education background, experience, length of service, and continuing training of auditors shall be submitted to the competent authority for reference before the end of January of each year.