7

7

RISKS AND CONTROL

2. Internal control

175

SAINT-GOBAIN

- REGISTRATION DOCUMENT 2016

Internal control

2.

operations, compliance with laws and regulations, and

application of its strategy, the effective conduct of

resilience to external events as quantified in a business

Every Group company assesses the key risks affecting the

continuity plan.

Corporate Departments help to define shared common

are managed by the General Delegations. The Group

between these organizations for successful skills optimization

or IT centers. It is essential that there is a segregation of tasks

are managed by the Sectors and Activities; elsewhere, they

and transaction security. In France, the shared service centers

The entities are responsible for their own internal control and

with teams under the umbrella of the shared service centers

for managing their process risks, and work collaboratively

guidelines with the Sectors and General Delegations.

addition of computer access management and risk

and excellence in managing travel expenses. The systematic

alignment of objectives.

management helps to ensure optimum performance and

connection with balance sheet and cash flow reviews,

Priority measures, or “6 Essentials”, have been defined in

discrepancies, margin analysis and validation of sales policies,

improved competitive bidding, analysis of inventory

Internal control and risk management are matters for all

needs, under the personal responsibility of its manager.

implementing an internal control system appropriate to its

Group employees. Every entity is responsible for

MANAGEMENT SYSTEM

COMPAGNIE DE SAINT-GOBAIN’S INTERNAL CONTROL AND RISK

2.1

Paris Stock Exchange regulated market.

requirements applicable to companies listed on the Euronext

July 2010, and on the 2013 update to the framework from the

(Autorité des marchés financiers - AMF), as updated in

Commission (COSO). The system complies with the legal

Committee of Sponsoring Organizations of the Treadway

Saint-Gobain’s internal control and risk management system

framework defined by the French securities regulator

is based on the internal control and risk management

Supported by a continuous improvement process and an

internal control and risk management system is a whole set of

Internal Control Reference Framework, Saint-Gobain Group’s

company’s specific characteristics which:

means, behaviors, procedures and actions tailored to each

implementation of its strategy, the effectiveness of its

contributes to the control of its activities and the

‹

operations and the efficient use of its resources;

financial, compliance and other risks.

enables it to appropriately address material operational,

‹

It is more specifically designed to provide assurance

concerning:

guidelines;

application of general management’s instructions and

‹

company;

compliance with the laws and regulations applicable to the

‹

industrial, marketing, financial and other processes;

the efficiency and effectiveness of internal operating,

‹

particular the prevention of fraud;

the protection of tangible and intangible assets, in

‹

the reliability of financial information.

‹

management system is therefore more than just a set of

The Saint-Gobain Group’s internal control and risk

processes. It is in place in all Group entities, where it

procedures and it extends beyond accounting and financial

performance.

contributes to value creation and strengthens companies’

management environment

The internal control and risk

2.1.1

system are as follows:

The cornerstones of the internal control and risk management

adherence to the values and behavioral rules set out in the

‹

the Principles, see Saint-Gobain today, Corporate culture),

Saint-Gobain Principles of Conduct and Action (regarding

which are distributed to all employees;

clearly defined organization and allocation of

‹

ensuring effective segregation of duties;

responsibilities, supported by written procedures and

are aligned with the effective allocation of responsibilities;

delegations of signature authority and other powers that

‹

policies for human resources management aimed at

‹

needed to fulfill their responsibilities and training policies

ensuring that new hires have the knowledge and skills

and knowledge;

to help Group employees expand and update their skills

manner to employees;

written internal procedures distributed in an appropriate

‹

issued by the Group Information Systems Department.

have an obligation to comply with the basic security rules

effective segregation of duties. Saint-Gobain subsidiaries

the basis of allocated roles and responsibilities, to maintain

secure information systems with access rights granted on

‹