Securitas Annual Report 2007

5. Function for Monitoring the Internal Control
The group has established an objective coordinating function in relation to certain internal control activities at Group level reporting directly to the Senior Vice President Finance with an open line of communication to the Audit Committee. In line with one of the Group’s fundamental principles, it is developing this function step-by-step and foresees further evolution over the next few years. The current responsibilities include:
  • Assistance in the control self-assessment process specifically ensuring follow-up where required
  • Monitoring the results of the risk and control diagnostics undertaken during the year and ensuring appropriate follow-up of agreed actions
  • Determine and plan for areas of specific focus and/or control diagnostics based on risk assessments made, discussions with divisional management and audit findings
  • Monitoring communication from the external auditors and ensuring prompt follow-up and implementation of any recommendations impacting the internal controls of the company
  • Support group management in reviewing and discussing audit plans with external auditors in order to internally coordinate and communicate matters such as; scoping, timing, documentation requirements, etc
  • Coordinating the process of updating and renewing the Financial Policies and Guidelines, contributing with feedback on the Reporting Manual and the IT Security Manual
6. Group Legal Function
This function has responsibility for maintaining an adequate infrastructure to ensure that legal matters are appropriately brought to the attention of Group Management on a timely basis through the Senior Vice President Chief Legal Counsel who is also part of Group Management. In addition, this function follows up on any legal risk exposures identified by each operating unit and a large claims report is presented to the Audit Committee on a quarterly basis. In addition a full consolidated legal report is compiled twice a year and is available to the Group Management and the Audit Committee.
7. Group Risk Organization
The Group Risk Organization is responsible for providing Securitas with opportunities to take and manage the risks that are necessary in order to ultimately achieve Securitas strategies and goals. Risk management is an integral part of the Securitas culture which continuously evolves as a process. The risk management of the Group is further described on page 22.
Internal Audit Function Assessment
Basis for Assessment
In compliance with the requirements of section 3.7.3 of the Swedish Code of Corporate Governance, the Board has developed a process for evaluating the need for the Group to develop an internal audit function. The foundation of the Board’s assessment is to consider how the existence of an internal audit function would help it achieve its objectives and create shareholder value by adding an objective analysis of how the Board and Group Management manage risks and monitor operations.
The assessment process highlighted certain inherent risks in the Group’s business model and organizational structure such as the decentralized structure and a results-driven culture. The assessment process also involved analyzing the major control mechanisms in place to address these inherent risks.
A summary of these control mechanisms is listed above and they had a significant influence on the Board’s analysis. The Board’s intention is to further develop the created function for monitoring the internal control.
Assessment
In the light of the assessment made, it has not been deemed necessary to create a special Internal Audit Function. The assessment performed by the Board of Directors will henceforth be carried out on yearly basis as a part of the corporate governance process within the Group.
5. Function for Monitoring the Internal Control
The group has established an objective coordinating function in relation to certain internal control activities at Group level reporting directly to the Senior Vice President Finance with an open line of communication to the Audit Committee. In line with one of the Group’s fundamental principles, it is developing this function step-by-step and foresees further evolution over the next few years. The current responsibilities include:
 
  • Assistance in the control self-assessment process specifically ensuring follow-up where required
  • Monitoring the results of the risk and control diagnostics undertaken during the year and ensuring appropriate follow-up of agreed actions
  • Determine and plan for areas of specific focus and/or control diagnostics based on risk assessments made, discussions with divisional management and audit findings
  • Monitoring communication from the external auditors and ensuring prompt follow-up and implementation of any recommendations impacting the internal controls of the company
  • Support group management in reviewing and discussing audit plans with external auditors in order to internally coordinate and communicate matters such as; scoping, timing, documentation requirements, etc
  • Coordinating the process of updating and renewing the Financial Policies and Guidelines, contributing with feedback on the Reporting Manual and the IT Security Manual
 
6. Group Legal Function
This function has responsibility for maintaining an adequate infrastructure to ensure that legal matters are appropriately brought to the attention of Group Management on a timely basis through the Senior Vice President Chief Legal Counsel who is also part of Group Management. In addition, this function follows up on any legal risk exposures identified by each operating unit and a large claims report is presented to the Audit Committee on a quarterly basis. In addition a full consolidated legal report is compiled twice a year and is available to the Group Management and the Audit Committee.
 
7. Group Risk Organization
The Group Risk Organization is responsible for providing Securitas with opportunities to take and manage the risks that are necessary in order to ultimately achieve Securitas strategies and goals. Risk management is an integral part of the Securitas culture which continuously evolves as a process. The risk management of the Group is further described on page 22.
 
Internal Audit Function Assessment
Basis for Assessment
In compliance with the requirements of section 3.7.3 of the Swedish Code of Corporate Governance, the Board has developed a process for evaluating the need for the Group to develop an internal audit function. The foundation of the Board’s assessment is to consider how the existence of an internal audit function would help it achieve its objectives and create shareholder value by adding an objective analysis of how the Board and Group Management manage risks and monitor operations.
 
The assessment process highlighted certain inherent risks in the Group’s business model and organizational structure such as the decentralized structure and a results-driven culture. The assessment process also involved analyzing the major control mechanisms in place to address these inherent risks.
 
A summary of these control mechanisms is listed above and they had a significant influence on the Board’s analysis. The Board’s intention is to further develop the created function for monitoring the internal control.
 
Assessment
In the light of the assessment made, it has not been deemed necessary to create a special Internal Audit Function. The assessment performed by the Board of Directors will henceforth be carried out on yearly basis as a part of the corporate governance process within the Group.

Page 101