Our performance in 2009 - Sappi
Our performance in 2009 - Sappi
Our performance in 2009 - Sappi
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
80 Corporate governance cont<strong>in</strong>ued<br />
Disclosure controls<br />
Disclosure controls and procedures <strong>in</strong>clude controls and procedures designed to ensure that<br />
<strong>in</strong>formation required to be disclosed by the group <strong>in</strong> the reports that it files or submits is<br />
accumulated and communicated to the group’s management, <strong>in</strong>clud<strong>in</strong>g the chief executive officer<br />
and chief f<strong>in</strong>ancial officer, as appropriate to allow timely decisions regard<strong>in</strong>g required disclosure.<br />
The group has implemented disclosure controls and procedures as deemed appropriate by<br />
management. The disclosure committee reviews all <strong>Sappi</strong> Limited external f<strong>in</strong>ancial reports prior<br />
to their release. On occasion these meet<strong>in</strong>gs are held jo<strong>in</strong>tly with the audit committee.<br />
Internal audit<br />
The group’s <strong>in</strong>ternal audit department has a current complement of 18 persons, of which 14 are<br />
experienced with relevant qualifications and four are <strong>in</strong> tra<strong>in</strong><strong>in</strong>g. It has a specific mandate from<br />
the audit committee and <strong>in</strong>dependently appraises the adequacy and effectiveness of the group’s<br />
systems, f<strong>in</strong>ancial <strong>in</strong>ternal controls and account<strong>in</strong>g records, report<strong>in</strong>g its f<strong>in</strong>d<strong>in</strong>gs to local and<br />
divisional management, the external auditors as well as the respective audit committees. The<br />
head of <strong>in</strong>ternal audit reports to the audit committee on a functional basis and meets privately<br />
with the audit committee and <strong>in</strong>dividual board members on a regular basis. The head of <strong>in</strong>ternal<br />
audit has direct access to the chief executive officer and chief f<strong>in</strong>ancial officer as well as other<br />
senior management, as required, and has an open <strong>in</strong>vitation to attend executive and management<br />
committee meet<strong>in</strong>gs such as the audit committee, disclosure committee, audit review meet<strong>in</strong>gs,<br />
chief f<strong>in</strong>ancial officer meet<strong>in</strong>gs, group risk meet<strong>in</strong>gs and regional f<strong>in</strong>ancial committee meet<strong>in</strong>gs.<br />
Internal audit is also <strong>in</strong>vited to attend and participate <strong>in</strong> strategic workshops at group and regional<br />
levels. This is <strong>in</strong> l<strong>in</strong>e with the strategic position<strong>in</strong>g of <strong>in</strong>ternal audit as recommended by the K<strong>in</strong>g III<br />
Report whereby <strong>in</strong>ternal audit’s role should not be restricted to a compliance activity but should<br />
be risk-based, aligned with the company’s strategy and risk management process. The <strong>in</strong>ternal<br />
audit coverage plan is based on a risk assessment performed for each operat<strong>in</strong>g unit. This<br />
<strong>in</strong>corporates risks identified by management dur<strong>in</strong>g the group risk assessment process as well<br />
as the results of audit work performed. This process ensures that the audit coverage is focused<br />
on identified high risk areas. Dur<strong>in</strong>g <strong>2009</strong>, <strong>in</strong>ternal audit focused additional resources on IT<br />
security, forensic <strong>in</strong>vestigations and the <strong>in</strong>tegration and control read<strong>in</strong>ess projects relat<strong>in</strong>g to the<br />
four new mills <strong>in</strong> the Europe region. The report submitted by <strong>in</strong>ternal audit to the audit committee<br />
<strong>in</strong>cludes amongst other th<strong>in</strong>gs an overview of Hotl<strong>in</strong>e allegations and forensic activities, a<br />
summary of potentially significant control issues identified, audit risk assessments, audit coverage<br />
plans, actual <strong>performance</strong> aga<strong>in</strong>st planned activities, the periodic evaluation of the system of<br />
<strong>in</strong>ternal controls and details of any scope restrictions as well as audit resource developments.<br />
<strong>Our</strong> resources are allocated to audit projects based on a top down risk assessment approach<br />
employ<strong>in</strong>g the GAIT methodology, which is a guide to assess<strong>in</strong>g the scope of IT general controls<br />
based on risk. The different types of audit assignments conducted <strong>in</strong> <strong>2009</strong> are represented <strong>in</strong><br />
the chart alongside.<br />
Company secretary<br />
All directors have access to the advice and services of the company secretary and are entitled<br />
and authorised to seek <strong>in</strong>dependent and professional advice about affairs of the group at the<br />
group’s expense. The company secretary is responsible for the duties set out <strong>in</strong> Section 268G<br />
of the South African Companies Act of 1973. Specific responsibilities <strong>in</strong>clude the provision of<br />
guidance to directors as to how to discharge their duties <strong>in</strong> the best <strong>in</strong>terests of the company as<br />
well as arrang<strong>in</strong>g for the <strong>in</strong>duction of new directors.<br />
Code of ethics<br />
<strong>Sappi</strong> requires its directors and employees to act with the utmost good faith and <strong>in</strong>tegrity <strong>in</strong> all<br />
transactions and with all stakeholders with whom they <strong>in</strong>teract. This commitment is reflected <strong>in</strong><br />
the group’s Code of Ethics that commits the company and employees to sound bus<strong>in</strong>ess<br />
practices and compliance with legislation.