Shenzhen Netac Technology Co., Ltd. Internal Control Management System
Chapter 1 General Provisions
Article 1 To strengthen the internal control of Shenzhen Netac Technology Co., Ltd. (hereinafter referred to as the "Company"), promote the standardized operation and healthy development of the Company, and protect the legitimate rights and interests of shareholders, in accordance with the "Company Law of the People's Republic of China," "Securities Law of the People's Republic of China," "Shenzhen Stock Exchange GEM Stock Listing Rules," "Shenzhen Stock Exchange Listed Company Self-Regulatory Supervision Guide No. 2 - Standardized Operation of GEM Listed Companies," and the "Articles of Association of Shenzhen Netac Technology Co., Ltd." (hereinafter referred to as the "Articles of Association"), this system is formulated.
Article 2 Objectives of the Company's Internal Control: (1) Control company risks; (2) Improve the effectiveness and efficiency of the company's operations; (3) Enhance the reliability of the company's information disclosure; (4) Ensure the legality and compliance of the company's actions to achieve the company's strategic goals.
Article 3 The Company's Board of Directors is responsible for the formulation and effective implementation of the Company's internal control system.
Chapter 2 Framework and Implementation of Internal Control System
Article 4 The Company's internal control mainly includes: environmental control, business control, accounting system control, electronic information system control, information transmission control, internal audit control, and other aspects. The Company's internal control system covers the following levels: (1) Company level; (2) Level of the Company's subordinate departments or affiliated companies (including holding subsidiaries, branches, and equity-participating companies with significant influence); (3) Level of the Company's various business units or business process segments.
Article 5 The Company's internal control system includes the following basic elements: (1) Internal environment: Refers to the organizational culture and comprehensive factors affecting employees' risk awareness, including employees' views on risk, management's risk management philosophy and risk appetite, the environment for professional ethics and practice, and the attention and guidance of the Board of Directors and the Audit Committee. (2) Objective setting: Refers to management setting strategic objectives based on the company's risk appetite. (3) Factor identification: Refers to management identifying internal and external factors that affect the achievement of company objectives. (4) Risk assessment: Refers to management determining risk management methods based on the likelihood and impact of risk factors. (5) Risk response: Refers to management's choice of risk response based on the company's risk tolerance and risk appetite. (6) Control activities: Refers to the systems and procedures formulated to ensure effective risk response, including authorization, verification, adjustment, review, periodic inventory, reconciliation of records, division of labor, asset preservation, performance comparison, and subsidiary management. (7) Information communication: Refers to the generation of information required for planning, execution, and supervision, and the timely provision of information to information requesters. Relevant information should be identifiable, obtainable, and transferable according to the prescribed format and timeliness requirements, and effectively transmitted within the company. (8) Supervision: Refers to the process of the company's self-inspection of the operation of the internal control system. Supervision can be divided into continuous supervision and individual evaluation. The former is routine supervision during the operating process, and the latter is an evaluation conducted separately by internal auditors, the Audit Committee, or other personnel such as the Board of Directors.