Atos - Registration Document 2016

G Corporate governance and capital

G.3 Report of Chairman of the Board of Directors on corporate governance and internal control

Internal control systemplayers G.3.2.2

The main bodies involved in the implementation of internal control procedures at Atos are as follows: Board of Directors supported by Audit Committee The Board of Directors prepares governance rules detailing the

Internal control & ERM (Enterprise RiskManagement) Internal control & ERM function is to ensure the coordination of of Internal Control and its continuous improvement within the the internal control system, like the implementation of the Book assessment. Group. Internal control also runs the Enterprise Risk assist in the deployment of the various initiatives. Internal control relays in each Global Function/Division/GBU Internal Audit validated by general management. The Audit Committee also are defined in the Group Internal Audit Charter, which was consistent audit methodology. Internal Audit operating principles global working practice following one Group audit plan and a The Internal Audit organization is centralized which enables a objectives of assignments, and associated results and findings. received regular reports on the Internal Audit work plan, to ensure an appropriate co-ordination between internal and The Internal Audit department liaises with the statutory auditors In 2016, Group Internal Audit department obtained the renewal This accreditation attests to the quality of the Internal Audit (IA) of the French Institute for Internal Audit’s IFACI certification. function in organizations, the level of compliance with challenges. international standards and IA’s degree of control over key external control. frame the assignment of responsibilities: Responsibilities and powers: The following initiatives aim to delegation of Authority: In order to ensure efficient and • general management level, a formal policy sets out the effective management control from the country level to authorization of officers of subsidiaries to incur legal and other third parties. The delegation of authority policy has commitments on behalf of the Group with clients, suppliers Directors and rolled-out under the supervision of the Group been updated in January 2014, approved by the Board of Legal & Compliance department; segregation of Duties: The segregation of duties (SOD) • monitoring organizational and technical measures policy is defining accountability for implementing and used to perform automatic assessments of those rules in the proportionate to the risks of errors or fraud. A tool has been

used to ensure the reliability and accuracy of financial content and the implementation of internal control procedures system. The Audit Committee, in particular, is informed of the of the Internal Control System. information and stays informed about the proper implementation General management and Executive Committee General management is responsible for the management of the Group. As part of its role, general management defines the Group’s business and focuses on strategic aspects to develop the framework of the internal control system. The Executive Committee leads the operational performance of implementing and monitoring the internal control system within the Group. Management at different levels is responsible for their respective areas of responsibility. Audit, Risk and Compliance (ARC) Committees enlighten the Board as to the quality of the internal control Board’s role supported by its Committees. Those Committees local supervision of Internal Control topics. Their purpose is to supervision of Group Internal Audit, in order to strengthen the review action plans related to identified weaknesses or potential share the main audit conclusions with local management, and to At Global Division level, ARC has been setup under the A – Organization/control environment procedures and practices) represent the ground layer of the The organization, competencies, systems and policies (methods, main components are presented in this section. internal control system and the fundamentals of the Group. The structure that combines operational management (Global Matrix organization: The Company runs a matrix organization Management (Sales & Markets and Support Functions). This Business Units (Geographies)/Divisions) and Functional therefore enhances the control environment. matrix structure allows a dual view on all operations and ensure that the organizations, processes and activities effectively committee chaired by the Group General Counsel, in order to support the compliance policy of Atos. Compliance coordination: Compliance is managed by a risks. Components of the internal control system G.3.2.3

G

main systems.

Atos | Registration Document 2016

263