Risk management
Audit , risk and control diagnostics
3
One important audit activity is the country diagnostics . The diagnostics comprise a work program covering IFRS compliance , as well as key controls within financial reporting processes , contract management and IT security . These reviews are usually conducted within the first year after an acquisition has been made and a follow-up is performed during the second year , provided that significant areas for improvement have been identified . The Group also performs risk and control diagnostics in functional areas which , by nature , have a high degree of inherent risk . These diagnostics aim to ensure compliance with key policies such as the Contract Management policy and Securitas ’ Values and Ethics . Securitas develops this audit and review process on a continuous basis using both internal and external resources .
Financial control
4
Control activities specifically aimed at managing risks related to financial reporting include methods and activities for securing assets , controlling the accuracy and reliability of internal and external financial reports , and ensuring compliance with defined guidelines .
Regular analyses of the financial results at the various levels of the organization using the financial model ensure that financial information maintains a high level of quality . Securitas ’ financial reporting is based on the following foundations :
• Securitas Group Policies for financial planning and reporting , long-term financing and treasury , risks and insurance , communications , branding , legal issues and IT
• Guidelines in Securitas ’ financial model , which create the framework for a simple and clear internal reporting method , including timely and accurate follow-up of financial key figures ( Securitas Six Fingers )
• Securitas ’ Reporting Manual , which provides all managers and financial staff with detailed instructions and definitions for financial reporting
• The controller , who is responsible for continuously ensuring that the financial information provided is accurate , transparent , relevant and up to date
Controllers at all levels hold a key role in terms of integrity , professionalism and the ability to work in teams in order to create the environment that is needed to achieve transparent , relevant and timely financial information . Local controllers are responsible for ensuring compliance with the approved set of policies and frameworks , and for ensuring that internal controls pertaining to financial reporting processes are implemented .
The controller is also responsible for reporting financial information to Group that is correct , complete and timely . The controller receives continuous feedback from the Group regarding reporting quality , which is an effective tool for enhanced reporting . In addition , each division has a divisional controller with corresponding responsibilities at the divisional level .
Letter of representation
5
The Group has a representation process in which operating unit presidents and controllers sign a letter of representation in connection with the year-end report , stating their opinion on whether or not the internal control over financial reporting and the reporting packages give a true and fair view of the financial position .
The letter also covers the broader perspective of internal control , including compliance with Securitas Group Policies related to financial reporting .
Information and communication Securitas ’ channels for information and communication are constantly developed to ensure that all employees are given clear objectives and are made aware of the parameters that constitute acceptable business practices , as well as the expectations of the Board in managing risks , in order to achieve set goals and objectives . This provides a clear definition of the Group ’ s purpose and goals , accountabilities and the scope of permitted activities of employees . Securitas Group Policies are available in a Group-wide IT system .
Systems and procedures have been implemented that support complete , accurate and timely financial reporting and provide management with the necessary reports on business performance relative to the established objectives . The Group reporting department regularly issues guidance on reporting matters and the reporting manual is available in a Group-wide database . Reporting units regularly prepare financial and management reports that are discussed at review meetings at different levels . These include an analysis of financial performance and risks in order for the organization to understand its responsibility with regard to internal control and its impact in relation to risks , goals and objectives .
Monitoring Monitoring is performed at different levels and by different functions within the organization depending on whether it is related to operational or financial reporting matters . Key functions include the Board of Directors , the Audit Committee , Group Management , functional committees , Management Assurance , the Group risk organization , and local and divisional management . Refer to page 21 for more information .
18 Securitas Sustainability Report 2016