6 Risks and control Internal control www.saint-gobain.com SAINT-GOBAIN UNIVERSAL REGISTRATION DOCUMENT 2021 240 Parties involved in internal control and risk management 2.2 Everyone within the organization has some responsibility for internal control and risk management, from General Management down to the employees of the individual entities. The Board of Directors of 2.2.1 Compagnie de Saint-Gobain and the Audit and Risk Committee The Audit and Risk Committee periodically reviews the organization of the Group’s internal control and risk management (see Chapter 5 - Section 1.2.3). The Audit and Risk Committee is specifically tasked with monitoring the process of preparing financial information and the effectiveness of the internal control and risk management system. It also reviews the risks map prepared by the Audit and Internal Control Department. It analyzes significant internal control incidents, results of audits and oversees the corrective actions necessary to address failures. Finally, it reports regularly to the Board of Directors on its work and notifies the Board promptly of any issues encountered (see Chapter 5 - Section 1.2.3). Group Management 2.2.2 Saint-Gobain’s Management oversees implementation of the Group’s internal control and risk management process and the existence and effectiveness of appropriate internal control monitoring systems within the Group’s subsidiaries. In this context, the Chairman of the Board of Directors signed a charter on April 16, 2021 with the Audit and Internal Control Department to reiterate the principles of audit, internal control and risk management which support the Group’s teams. Audit and Internal Control 2.2.3 Department The general remit of the Audit and Internal Control Department is to provide systematic, methodical assurance that the internal control systems are relevant and effective, and to make recommendations for reinforcing them. It also promotes the pursuit of added value and enhanced performance, in line with the Group’s focus areas and programs (notably in anticipation of the digitalization of company processes). Therefore, the Audit and Internal Control Department is involved in the Group’s compliance program and is primarily responsible for the following: designing the Group’s internal control and risk ■ management system; coordinating the implementation of this system, in ■ liaison with the company’s corporate departments and operational management structures. To do this, the Audit and Internal Control Department particularly relies on internal control/risk reference frameworks and the issuing and checking of the compliance statements signed by the general managers for the applicable management levels; carrying out audits in line with the audit plan approved ■ by the Audit and Risk Committee. The Saint-Gobain Group Internal Audit Department applies the international standards of the profession as described in the Professional Internal Auditing Standards (RPAI), 2020 version, and thus complies with the Core Principles for the Professional Practice of Internal Auditing (CRIPP) of the Institute of Internal Auditors (IIA). The Group’s Audit Department was certified in 2020 by the IFACI, the French branch of the IIA. At the end of 2021, the Audit and Internal Control Department had 78 staff, split between audit, internal control and risk management.
RkJQdWJsaXNoZXIy NzMxNTcx