The identified risks and adopted policies set the structure for the forth step of the process - Risk-based monitoring. Key risks are monitored through a range of activities, such as self-assessments, audits, risk and control diagnostics, legal reviews, sustainability reviews and/or are subject to other monitoring activities throughout the year.
Monitoring permeates all levels throughout the organization and is performed by different functions depending on whether it is related to operational or financial reporting matters:
- The Board of Directors plays an important role in the ongoing process of identifying and evaluating significant risks faced by the Group and the effectiveness of related controls.
- The Audit Committee monitors the effectiveness of the Group's ERM and internal control systems. In addition, the Committee also supports the Board with the task of ensuring internal control over financial reporting. This is accomplished through several activities such as the review of basic controls.
- The Committee also reviews all quarterly and annual financial reports before publication.
- The President and CEO and Group Management review performance through a comprehensive reporting system based on regular business reviews of actual results, analyses of variances, key performance indicators and regular forecasting.
- The functional committees determine and communicate appropriate policies and monitor the key issues within each area of responsibility.
- The ERM Committee owns and manages the process which provides tools and helps management identify and manage the risks inherent in Securitas' line of business. The members of the committee consist of managers of the functional committees and other specialists.
- The Group Management Assurance function has a coordinating and monitoring role in relation to certain internal control activities at Group level. Risk assessments together with analysis of ERM self-assessment results are used as the basis for determining which activities are to be carried out in relation to monitoring from an audit perspective.
- Local management is primarily responsible for monitoring and ensuring compliance by local units with Securitas Group Policies including any division-specific policies and guidelines.