G

Corporate governance and capital

G.3

Report of Chairman of the Board of Directors on corporate governance and internal control

Atos

|

Registration Document 2016

263

G

Internal control systemplayers

G.3.2.2

The main bodies involved in the implementation of internal control procedures at Atos are as follows:

Board of Directors supported by Audit Committee

The Board of Directors prepares governance rules detailing the

used to ensure the reliability and accuracy of financial

enlighten the Board as to the quality of the internal control

Board’s role supported by its Committees. Those Committees

content and the implementation of internal control procedures

system. The Audit Committee, in particular, is informed of the

of the Internal Control System.

information and stays informed about the proper implementation

General management and Executive Committee

General management is responsible for the management of the

Group. As part of its role, general management defines the

Group’s business and focuses on strategic aspects to develop the

framework of the internal control system.

The Executive Committee leads the operational performance of

implementing and monitoring the internal control system within

the Group. Management at different levels is responsible for

their respective areas of responsibility.

Audit, Risk and Compliance (ARC) Committees

local supervision of Internal Control topics. Their purpose is to

supervision of Group Internal Audit, in order to strengthen the

review action plans related to identified weaknesses or potential

share the main audit conclusions with local management, and to

At Global Division level, ARC has been setup under the

risks.

Internal control & ERM (Enterprise RiskManagement)

Internal control & ERM function is to ensure the coordination of

of Internal Control and its continuous improvement within the

the internal control system, like the implementation of the Book

assessment.

Group. Internal control also runs the Enterprise Risk

assist in the deployment of the various initiatives.

Internal control relays in each Global Function/Division/GBU

Internal Audit

external control.

objectives of assignments, and associated results and findings.

received regular reports on the Internal Audit work plan,

to ensure an appropriate co-ordination between internal and

The Internal Audit department liaises with the statutory auditors

validated by general management. The Audit Committee also

are defined in the Group Internal Audit Charter, which was

consistent audit methodology. Internal Audit operating principles

global working practice following one Group audit plan and a

The Internal Audit organization is centralized which enables a

In 2016, Group Internal Audit department obtained the renewal

This accreditation attests to the quality of the Internal Audit (IA)

of the French Institute for Internal Audit’s IFACI certification.

function in organizations, the level of compliance with

challenges.

international standards and IA’s degree of control over key

Components of the internal control system

G.3.2.3

A

– Organization/control environment

procedures and practices) represent the ground layer of the

The organization, competencies, systems and policies (methods,

main components are presented in this section.

internal control system and the fundamentals of the Group. The

therefore enhances the control environment.

matrix structure allows a dual view on all operations and

structure that combines operational management (Global

Matrix organization:

The Company runs a matrix organization

Management (Sales & Markets and Support Functions). This

Business Units (Geographies)/Divisions) and Functional

ensure that the organizations, processes and activities effectively

committee chaired by the Group General Counsel, in order to

support the compliance policy of Atos.

Compliance coordination:

Compliance is managed by a

frame the assignment of responsibilities:

Responsibilities and powers:

The following initiatives aim to

authorization of officers of subsidiaries to incur legal

delegation of Authority:

In order to ensure efficient and

•

general management level, a formal policy sets out the

effective management control from the country level to

and other third parties. The delegation of authority policy has

commitments on behalf of the Group with clients, suppliers

Directors and rolled-out under the supervision of the Group

been updated in January 2014, approved by the Board of

Legal & Compliance department;

monitoring organizational and technical measures

policy is defining accountability for implementing and

used to perform automatic assessments of those rules in the

proportionate to the risks of errors or fraud. A tool has been

segregation of Duties:

The segregation of duties (SOD)

•

main systems.