The Group has a coordinating and monitoring function in relation to certain internal control activities at Group level. The Management Assurance staff function operates as the Group’s internal audit function and reports directly to the Senior Vice President Finance with an open line of communication to the Audit Committee.
This function prepares an annual plan for its work, which is approved by the Audit Committee. The results of the function's work, which includes the execution and coordination of internal audit-related activities during the year, are presented at the Audit Committee meetings. The Management Assurance function participated in six out of seven Audit Committee meetings during 2019. In line with one of the Group's fundamental principles, this function has continued to develop step-by-step improvements of the Group's internal control through various activities throughout the year, including fine-tuning of follow-up procedures and reporting, identification of risks related to financial reporting and examination of the effectiveness of related internal controls.
Specific focus is on key Group risks and conducting diagnostics in new market countries and new businesses. Sharing knowledge through different activities is also a key part of improving the control environment. The function utilizes a combination of internal resources and external resources in the form of external auditors, consultants and experts, depending on the specific situation and area. This enables greater flexibility and responsiveness to the risks faced by the Group, which fits Securitas' business model. Current responsibilities include:
- Assisting the ERM self-assessment process, specifically to ensure action plans are made when required
- Monitoring the results of the risk and control diagnostics undertaken during the year, and ensuring the appropriate follow-up of agreed actions
- Assisting in risk management development, implementation and coordination processes
- Determining and planning areas of specific focus and/or control diagnostics based on risk assessments made, discussions with divisional management and audit findings
- Participating in and/or performing certain audit and review activities, such as risk and control diagnostics
- Monitoring communication from the external auditors and ensuring prompt follow-up and implementation of any recommendations that impact the internal controls of the company
- Supporting Group Management when reviewing and discussing audit plans with external auditors in order to coordinate and communicate matters internally, such as scoping, timing and documentation requirements
The function is subject to an annual assessment by the Board to ensure that the activities undertaken enable a well-functioning monitoring structure, together with the other components of the Group's internal control described within the corporate governance report.