Corporate Governance

Independence and Reporting Line The Internal Audit department is an independent unit. In addition to presenting regular reports during Board of Directors meetings, the department reports directly to the Chairman on a monthly basis or as necessary.

Scope and Charter The Internal Audit Charter explicitly mandates that Internal Audit shall review the internal controls of the Company’s operating procedures. It is responsible for reporting on the adequacy, effectiveness, and efficiency of the design and routine implementation of these controls. The scope of these audits encompasses all operations of the Company and its subsidiaries.

Audit Execution Audit activities are primarily executed in accordance with an annual audit plan approved by the Board of Directors, which is formulated based on identified risk assessments. Special audits or reviews are conducted as circumstances require. By executing both general and special audits, the department provides management with an objective overview of the internal control functions and serves as a critical channel for identifying existing or potential deficiencies in a timely manner.

Self-Assessment Oversight Internal Audit reviews the self-assessments performed by individual units. This includes verifying the execution of tasks and reviewing supporting documentation to ensure the quality of implementation. The findings of these self-assessments are consolidated and reported to the Board of Directors.

Personnel Governance Pursuant to Article 9 of the Company's "Employee Performance Appraisal Management Regulations," the appointment, dismissal, performance evaluation, and compensation of internal auditors must be submitted to the Chairman for final approval.

Information Security Management Detailed disclosures regarding the Information Security Risk Management Framework, Information Security Policies, and Specific Management Initiatives are maintained as part of the Company's broader risk management and governance protocols.