Directors' Report: Governance - British American Tobacco
Directors' Report: Governance - British American Tobacco
Directors' Report: Governance - British American Tobacco
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
www.bat.com/annualreport2009<br />
and/or individual market audit and CSR committees. A corporate<br />
audit committee sits at the same level as the regional committees and<br />
focuses on the risks and the control environment within the Group’s<br />
operations which do not fall within the regional committees’ remit,<br />
for example head office central functions, global programmes and<br />
above-region projects. It comprises members of the Management<br />
Board and is chaired by a Management Board member responsible<br />
for one of the Group’s Regions to maximise its independence from<br />
central executive management. It is in turn supported by separate<br />
audit committees covering the Group’s global IT and operations<br />
functions, which were introduced as separate committees in 2009.<br />
The relevant external and internal auditors regularly attend meetings<br />
of these committees and have private audiences with members of the<br />
committees at least once each year. In addition, central, regional and<br />
individual market management, along with internal audit, supports<br />
the Board in its role of ensuring a sound control environment.<br />
Risk management and internal control processes<br />
Risk registers, based on a standardised methodology, are used at<br />
Group, regional, area and individual market level to identify, assess<br />
and monitor the key risks (both financial and non-financial) faced<br />
by the business at each level. Mitigation plans are required to be<br />
in place to manage the risks identified and the risk registers and<br />
mitigation plans are reviewed and, where appropriate, updated on a<br />
regular basis. They are also reviewed regularly by the relevant regional<br />
audit and CSR committee, the corporate audit committee and, in the<br />
case of the Group risk register, by the Board’s Audit Committee.<br />
Group companies and other business units are required at least<br />
annually to complete a checklist of the key controls which they are<br />
expected to have in place, called Control Navigator. Its purpose is<br />
to enable them to self-assess their internal control environment, assist<br />
them in identifying any controls which may require strengthening and<br />
support them in implementing and monitoring action plans to address<br />
control weaknesses. The Control Navigator checklist is reviewed<br />
annually to ensure that it remains relevant to the business and covers<br />
all applicable key controls. In addition, at each year end, Group<br />
companies and other business units are required to:<br />
■ review their system of internal control, confirm whether it remains<br />
effective and report on any material weaknesses and the action<br />
being taken to address them; and<br />
■ review and confirm compliance with the Standards of Business<br />
Conduct and identify any material instances of non-compliance<br />
or conflicts of interest identified.<br />
The results of these reviews are reported to the relevant regional audit<br />
and CSR committee or to the corporate audit committee and, where<br />
appropriate, to the Board’s Audit Committee to ensure that appropriate<br />
remedial action has been, or will be, taken where necessary.<br />
Directors’ report: <strong>Governance</strong><br />
<strong>British</strong> <strong>American</strong> <strong>Tobacco</strong> Annual <strong>Report</strong> 2009<br />
The Group’s internal audit function provides advice and guidance<br />
to the Group’s businesses on best practice in risk management and<br />
control systems. It is also responsible for carrying out audit checks<br />
on Group companies and other business units, and does so against<br />
an audit plan presented annually to the Audit Committee, which<br />
focuses in particular on higher risk areas of the Group’s business.<br />
Review<br />
The Turnbull Guidance (the Guidance) sets out best practice on<br />
internal control for UK-listed companies to assist them in assessing the<br />
application of the Code’s principles and compliance with the Code’s<br />
provisions with regard to internal control. The current version of the<br />
Guidance applies to listed companies for financial years beginning on<br />
or after 1 January 2006.<br />
The processes described above, and the reports that they give rise<br />
to, enable the Board and the Audit Committee to monitor the internal<br />
control framework on a continuing basis throughout the year and to<br />
review its effectiveness at the year end. The Board, with advice from its<br />
Audit Committee, has completed its annual review of the effectiveness<br />
of the system of internal control for the period since 1 January 2009.<br />
No significant failings or weaknesses were identified and the Board<br />
is satisfied that, where specific areas for improvement have been<br />
identified, processes are in place to ensure that the necessary remedial<br />
action is taken and that progress is monitored. The Board is satisfied<br />
that the system of internal control is in accordance with the Guidance.<br />
73<br />
From the Chairman<br />
Performance<br />
and strategy Regional review Financial review <strong>Governance</strong><br />
Group financial<br />
statements<br />
Parent Company<br />
financial statements<br />
Shareholder<br />
information