CORPORATE GOVERNANCE AND INTERNAL CONTROL
2.5 Internal control and risk management procedures
2
96
Registration Document 2016 — Capgemini
procedures
Internal control and risk management
2.5
This section is based on the contributions of several departments
as well as ethics, compliance and internal audit.
and, in particular, the Group departments responsible for sales,
production, IT, finance, insurance, legal affairs, human resources,
In accordance with the Law of July 3, 2008, it was reviewed and
following a review by the Audit & Risk Committee.
approved by the Board of Directors on February 15, 2017,
Definition of the internal control and risk management systems
2.5.1
Framework
July 22, 2010 by the AMF.
guidance published initially in January 2007 and updated on
The Group builds on the reference framework and the application
complementary manner to controlling the activities of the Group
and satisfy objectives that are also complementary.
The risk management and internal control systems contribute in a
Objectives of the internal control and risk
management systems
implement risk prevention and transfer measures.
The Group’s internal control and risk management systems seek
to create and protect the Group’s value, assets and reputation,
and identify and measure the major risks to which the Group is
exposed, anticipate and foresee changes in these risks and finally
In this context, Capgemini Group has defined and implemented a
control system that seeks to ensure:
compliance of all management acts with relevant laws and
◗
regulations;
Management;
compliance with the
Group’s seven core values
and
guidelines set by the Board of Directors and/or Group
application by the subsidiaries of instructions communicated;
◗
the smooth functioning of the Group’s internal control processes
safeguarding assets; and
the reliability of accounting and financial information.
◗
management systems
Scope of the internal control and risk
businesses.
and internal control systems within its subsidiaries. In 2016, such
systems covered all consolidated subsidiaries and Group
Capgemini Group ensures the implementation of risk management
Acquired companies are integrated progressively into the internal
presented in this report.
control and risk management system. All material Group
subsidiaries are currently integrated into the general system
presented in the notes to the consolidated financial statements.
A list of the main companies concerned by this system is
Limitations
irrespective of the skills of the employees performing the controls -
guarantee alone the attainment by the Group of all objectives set.
While contributing to the improved efficiency of its operational
support functions, the optimal use of resources and good risk
control, this system does not however offer an absolute guarantee
of the control of all possible risks imaginable, no more than it can -
of the internal control and risk management systems
2.5.2
Group values
Most Ethical companies” by the Ethisphere Institute.
its actions and, in particular, our business practices. These seven
core values, defined by the Group’s founder Serge Kampf, are
reputation as an ethical and responsible company. In this respect,
Capgemini has, for several years, been rated one of the “World’s
honesty, boldness, trust, freedom, team spirit, modesty and fun.
They represent the Group’s fundamental DNA and justify its
Since its creation, Capgemini has placed significant importance on
compliance with the values and principles which guide and inspire
of Business Ethics has been supplemented by several policies.
This system seeks to:
The ethics system founded on the Group’s values and the Code
of behavior;
develop within new recruits an ethical culture promoting integrity
◗
raise awareness of compliance with international and national
◗
laws and regulations;
and avoid infractions, non-compliance and negligence in these
areas.
highlight initiatives aimed at strengthening the system to prevent
principles
General internal control and risk management
main functions.
known as the Blue Book. Compliance with the Blue Book is
mandatory for all Group employees. The Blue Book sets out and
Group Management has distributed a set of rules and procedures
be conducted, and, finally, describes the desired behaviors and
specify the interdictions to be followed in each of the Group’s
comments Capgemini’s seven core values, sketches out the
overall security framework within which the Group’s activities must