Internal control system and risk management
The correct operation and positive progress of business at Granarolo is guaranteed by an internal control system organised and managed both autonomously by the operative management and in a centralised manner, and is divided into three levels:
first level: inspections as part of the operative processes, aimed at insuring the correct performance of operations that require specific business capabilities, of pertinent risks and/or regulations, are assigned to the departments directly involved in the various processes;
second level: inspections to oversee the process of identifying, assessing, managing and controlling the risks linked with operativeness, guaranteeing coherence with the company objectives, and complying with segregation criteria that allow for effective monitoring. These are assigned to specific structures that are different from the operative ones (Safety and environment, Quality assurance and food safety, Management control;
third level: inspections carried out by Internal Auditors, supplying overall assurance on the design and operation of the internal control system through independent assessments.
The Internal Audit Department reports first to the President of the Board of Directors and then to the Control and Risk Committee, which monitors independence, effectiveness and efficiency, and may be required by the Committee to carry out checks in specific operating areas.
Internal Auditing activities are conducted in accordance with international standards for the Professional Practice of Internal Auditing.
In 2014, activities focused on the verifications, required by the audit plan, which was approved by the Board of Directors. It was prepared in accordance with a methodological approach based on audit testing that complements the objectives of corporate control relevant to the analysed context (Operational and Financial). The critical issues, identified during the audit, were shared with management, and measures (a plan of action) were drawn up to correct these critical points.
The Internal Audit Department periodically monitors and checks the correct, timely implementation of the plan of action through follow-up actions. The results of these activities and progress of the action plan is regularly reported by the Internal Audit to top management, the Control and Risk Committee and the Board of Auditors.