09.01.2015 Views

Download Complete PDF - Informe Anual 2012

Download Complete PDF - Informe Anual 2012

Download Complete PDF - Informe Anual 2012

SHOW MORE
SHOW LESS

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

1.2.4 Training and periodic skills-updating programmes on, at least, accounting standards, audit, internal control and risk management for staff<br />

involved in preparing and reviewing financial information and carrying out FICS evaluations.<br />

The Company has put in place two action channels relating to the Internal Financial Information Control System:<br />

- Initial training programmes on the objectives and characteristics of the financial information control system: these programmes are aimed<br />

at the individuals that make up the financial information control structure, process managers and business unit directors.<br />

The aim is to provide information about the most relevant matters related to the process of generating financial information, in particular<br />

on the operational processes of the company that make up the control system, the individuals responsible for maintaining the controls<br />

defined within each process, notifications regarding improvements or modifications, understanding the monitoring system in place, etc.<br />

These training programmes were carried out at the start of the assessment project and will be held once a year.<br />

- Continuity programmes: the aim of these programmes is to maintain the efficiency and efficacy of the control system through the periodic<br />

training of the whole control system implemented. They are programmes that will be defined on an ad hoc basis according to the needs<br />

of the areas involved.<br />

In parallel, the Finance Department, the personnel of which has the greatest involvement in preparing financial information, has a specific<br />

annual training plan delivered by external consultants that includes the chief areas of its activity: accounting rules, consolidation rules, specific<br />

financial information applicable to the sector and areas considered particularly important to its functions.<br />

2. Main characteristics of the risk identification process<br />

Risks relating to the Financial Information System are determined and evaluated within the general risk map produced by the Company, which is<br />

periodically reviewed and updated.<br />

The risks defined within the Company’s risk map are classified according to COSO criteria, including the following categories:<br />

- Strategic risks: those caused by the uncertainty associated with changes in the competitive, company or industry environment.<br />

- Financial risks: all risks caused by the uncertainty associated with fluctuations in interest rates, foreign exchange rates or difficulties and variations<br />

in the conditions for accessing financing.<br />

- Unforeseen risks: in general, these relate to damage to the company’s own assets and liabilities arising from damages caused to third parties and<br />

damages caused by natural hazards.<br />

- Operational risks: these include risks associated with uncertainty in processes, operations and staff or due to inadequate internal systems.<br />

The Company currently has a risk management process in place, which is properly documented and contained on a company IT application.<br />

In designing the risk management process associated with generating Financial Information the Company has focused on the following objectives:<br />

- Definition of the Financial Information Control System processes and subprocesses.<br />

- Determination of the relevant risk categories and types for each of the different Internal Financial Information Control System processes defined<br />

in the point above.<br />

Corresponding subcategories have been defined for each of these risk categories.<br />

The Accounting, Reporting and Internal Control subcategories are differentiated and defined within the section on the Group operational risks.<br />

- Definition and analysis of controls for each specific risk and establishment of their degree of effectiveness.<br />

A risk matrix has been established for each of the subprocesses detailed above, in which the most relevant risks for each process are defined, along<br />

with the operational controls and their effectiveness in mitigating the risks that affect them.<br />

- Determining and monitoring the scope of the internal financial information control system. Defining the scope involves establishing which business<br />

units within the Group are relevant and, therefore, if they should be covered by the financial information control system, along with identifying the<br />

operational and support processes that have to be analysed within each business unit. To determine the scope, quantitative and qualitative criteria<br />

for relevance have been taken into account.<br />

The determination and review of this scope, as previously described, are fully documented within the Financial Information Control System, and<br />

must be overseen by the Group Financial Department. It is approved annually by the Audit and Control Committee.<br />

The process thereby defined meets all the basic objectives of financial information: existence and occurrence; integrity; assessment; presentation,<br />

itemisation and comparability; rights and obligations.<br />

Aside from the previously-described process, the Financial Department carries out a monthly accounting consolidation process.<br />

This process starts with the consolidated accounts being received from the various Business Units each month. These are checked and approved to<br />

ensure they comply with the established principles of control, co-management and significant influence.<br />

The last phase of this process includes verification of the standardisation adjustments affecting the income statement (monthly) and the balance sheet<br />

(quarterly)<br />

This means all the Business Units share a documentation and consolidation system that is approved by the Financial Department, which reviews it<br />

once a year.<br />

It is important to stress that the Company has a single Accounts Plan for the entire Group, as well as shared management IT tools in all the Business<br />

Units.<br />

3. Main features of the Control Activities<br />

The internal financial information control system defined within the control structure of the group includes a detailed definition not only of the<br />

companies in the group to which it must be applied, but also of the map of the most significant processes within each of them. Among the most<br />

important processes are those relating to reporting, closing accounts, consolidation and judgements and estimates.<br />

60 ANNUAL CORPORATE GOVERNANCE REPORT

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!