Saint Gobain - Registration document 2016

First page Table of contents Previous page 179 Next page Last page

7 RISKS AND CONTROL 2. Internal control

Corporate departments

Main responsibilities

Reference standards and/or measures

2016 key figures

Doctrine Department

all financial, administrative Manage, update and distribute ‹ and management procedures

Doctrine Intranet 403 documents available on the ‹ 338 questions addressed via the hotline ‹ News 1,417 employee subscribers to Doctrine ‹ at least once anti-corruption rules or competition law Embargos” online training on economic “Saint-Gobain Economic Sanctions and sanctions and embargos More than 5,000 employees completed ‹ counsel (since 2007) competition audit by specialized legal More than 145 sites subject to ‹ training seminars (competition law, In 3 years, more than 400 compliance ‹ anti-corruption rules, economic organized sanctions and embargos) have been completed online training on More than 23,000 employees ‹

Group organization and procedures ‹ Financial and accounting standards ‹ Group Intranet ‹

companies applicable to the Group’s

Legal Department

Identify the main legal risks ‹ Define and implement ‹ relevant policies and controls Provide guidance to ‹ network of compliance and operational staff through the embargo correspondents

economic sanctions and embargos, gifts on competition, anti-corruption rules, interest, etc.) and invitations policies, conflicts of in force (particularly in relation to laws Group Doctrine in respect of legislation ‹ in force and Group policy adopted on Employee training related to legislation ‹ the subject (online and in person trainings) Questions on the compliance statement ‹ Internal Control Reference Framework General Management controls in the ‹

Sectors, Activities and General Delegations The Presidents of the Sectors, Activities on the one hand, and of the General Delegations on the other, are tasked with companies under their responsibilities and ensuring distributing the Internal Control Reference Framework to the 2.2.5 managing the specific risks associated with their business. compliance with Group instructions. They are responsible for Their responsibilities also include: which are laid out in their own risk map; assessing and managing the principal risks in their domain ‹ specifying, so far as is necessary, the specific conditions for ‹ implementation of Group controls to reflect the particular their scope; features of the processes and information systems within

entities in their scope; necessary by risks specific to the operations carried out in prescribing the supplementary controls which are made ‹ Internal Audit and Business Control Department; leading the compliance statement procedure set up by the ‹ results of audits to achieve continuous improvement of the analyzing internal control failures and incidents, and the ‹ internal control system; defense, which they represent directly through the coordinating the supervisory controls or second line of ‹ controls on major points. dissemination of standard procedures or the sampling of

2.3

MANAGEMENT PROCESS IN THE GROUP’S ENTITIES IMPLEMENTATION OF THE INTERNAL CONTROL AND RISK

7

control system that is appropriate to its needs and aligned Each entity is responsible for implementing an internal

introducing the fundamentals of internal control; ‹

Control Reference Framework; implementing the controls described in the Internal ‹ risks; by incorporating controls for dealing with the identified analyzing the main risks and extending the Internal Control ‹ deploying the internal control in all of the entities’ sites; ‹ overseeing the internal control and risk management ‹ statement. system, specifically at the time of the compliance 2.3.1 is used to periodically assess entities’ compliance with a The compliance statement is a self-assessment process which fundamentals. limited number of Internal Control Reference Framework Compliance statement

with the Group’s internal control system. The head of each entity is responsible for:

system in place within their entity; the relevance and effectiveness of the internal control ‹ its compliance with the Group’s internal control system; ‹ appropriate management of the risks faced by their entity. ‹ support from the Company’s corporate and operational This responsibility can not be delegated and is exercised with Directors and from the site Directors. To build a suitable internal control system for their business, described below: the Directors of the entities have to follow the steps

179

SAINT-GOBAIN - REGISTRATION DOCUMENT 2016

Made with