Report on corporate governance and ownership 2011 - Indesit


<strong>Report</strong> on corporate governance and ownership at 21 March 2012 on 2011 – Annex
Annex
Annex 1 – Main characteristics of the existing risk management and internal control
systems 1 in relation to the financial reporting process pursuant to
art. 123-bis, clause 2, b), TUIF
1. Introduction
The risk management system cannot, indeed must not, be considered as separate from the ICS in
relation to the financial reporting process; both are parts of the same system, a system designed to
ensure the reliability 2 , accuracy 3 , trustworthiness 4 and timeliness 5 of financial reporting.
When the Investor Protection law came into force, the Group initiated a project to adjust to its
provisions by adopting specific guidelines on designing, implementing, monitoring and updating the
financial reporting risk control system.
In defining the rules and methods for developing and operating the system, reference was made
to national and international best practices (such as the CoSO Internal Control Integrated Framework,
proposed by the Committee of Sponsoring Organisations of the Treadway Commission 6 and the COBIT 7
Framework).
In this project, criteria were defined for identifying:
• the perimeter of Group companies involved, on the basis of their impact on the consolidated
financial statements;
• relevant processes in terms of potential impact on financial reporting;
• risks 8 attaching to failure to achieve control objectives 9 (eg. balance sheet assertions and other
objectives related to financial reporting).
1. For further details on the existing risk management and internal control system in relation to the financial reporting process
(including the consolidated accounts),see the following sections of the <strong>Report</strong>: 6 (Internal Control System), 7 (Internal
Control System), 9 (Treatment of Price Sensitive Information), 15 (Officer charged with drafting the Company’s accounting
and corporate documents).
2. Reliability (of reporting): having the characteristics of correctness and conformity to generally accepted accounting
standards and the requisites specified in laws and rules.
3. Accuracy (of reporting): having the characteristics of neutrality and precision. Information is deemed neutral if free from
attempts to influence users’ decisions to obtain a particular result..
4. Trustworthiness (of reporting): having the characteristics of clarity and completeness enabling investors to make informed
decisions. Information is deemed clear if it aids understanding the more complex aspects of the business without going to
excessive length..
5. Timeliness (of reporting): information disclosed within the legal term..
6. A private, voluntary organisation based in the United States providing guidelines for directors of public and private
companies on corporate governance, business ethics, internal control, fraud, risk management and financial reporting.
7. Control Objectives for IT and related technology is a set of rules drawn up by the IT Governance Institute, a US body whose
objective is to define and improve IT standards in businesses.
8. Risk: the possibility of an event whose occurrence may jeopardize achievement of the System’s objectives (ie. the accuracy,
reliability, trustworthiness and timeliness of financial reporting).
9. Control objectives: objectives that the internal control system for financial reporting sets itself in order to ensure truthful
and accurate representation, including “financial statement assertions” (existence and occurrence, completeness, rights
and obligations, assessment and registration, format and disclosures) and “other control objectives” (eg. observance of
authorized limits, segregation of incompatible tasks, checks on the physical security and existence of assets, documentation
and traceability of transactions, etc.).
37