Saint Gobain - Registration document 2016

7 RISKS AND CONTROL 2. Internal control

process Internal control and risk management

2.1.2

procedures. It involves four key stages: ongoing process that integrates risk management Within Saint-Gobain, internal control is a continuous and analyzing the main identifiable risks; ‹ involved; in each process developing controls that are proportionate to the risks ‹ communicating the objectives of internal control to ‹ employees and implementing controls; effectiveness of internal control. permanent oversight of and regular checks on the ‹ This process is described in the Internal Control Reference Framework and applies to all Group subsidiaries. the internal control and risk management system. corrective action being taken, and to changes, as needed, to Oversight controls and effectiveness checks may lead to

2.2

ORGANIZATION OF INTERNAL CONTROL AND THE RISK

MANAGEMENT SYSTEM

management down to the employees of the individual internal control and risk management, from general entities. Everyone within the organization has some responsibility for

preparing and processing accounting and financial

information (see section 3 of this chapter 7). Group General Management 2.2.2

of the internal control process and the existence and The Group’s general management oversees implementation monitoring systems within the subsidiaries. appropriateness of internal control and risk management

de Saint-Gobain The Board of Directors of Compagnie

2.2.1

chapter 6, section 1). Regular reports on the Group’s internal control and risk being reviewed by the Audit and Risks Committee (see management are submitted to the Board of Directors after system. It also reviews the risks map prepared by the Internal the effectiveness of the internal control and risk management monitoring the process of preparing financial information and The Audit and Risks Committee is specifically tasked with encountered (see chapter 6, section 1). mission and informs the Board promptly of any issues reports to the Board of Directors on the performance of its Audit and Business Control Department. It provides regular Commercial Code, the Chairman of the Board of Directors In accordance with Article L.225-37 of the French presents a report, once a year, on the Compagnie internal describing the procedures for preparing and processing the control and risk management procedures, specifically financial statements and, if applicable, the consolidated accounting and financial information for individual company Directors and is made available to the public. financial statements. The report is approved by the Board of Commercial Code, the Statutory Auditors are required to In accordance with Article L.225-235 of the French submit their observations on the section of the Chairman’s report that deals with the internal control procedures for

Department Internal Audit and Business Control

2.2.3

The Internal Audit and Business Control Department is tasked Group’s internal control and risk management system and by the Group’s general management with designing the with the Company’s corporate departments, the General with coordinating the roll-out of the system, in conjunction The Internal Audit and Business Control Department also performance. Its general remit is to provide systematic, seeks to deliver added value to the Group and enhance its Delegations and the Sectors. methodical assurance that the internal control systems are reinforcing them. relevant and effective, and to make recommendations for organizes oversight of internal control and risk management The Internal Audit and Business Control Department compliance statement, the audit results, the action plan systems based on four principal components, which are: the system. The results of this oversight are reported to the Audit follow-up system and the fraud and incident monitoring and Risks Committee. key role in the Group Compliance Program. The Internal Audit and Business Control Department plays a

176

SAINT-GOBAIN - REGISTRATION DOCUMENT 2016

WWW.SAINT-GOBAIN.COM