45 HEINEKEN N.V. ANNUAL REPORT 2008 IT Heineken's worldwide operations are highly dependent on the availability and integrity of its (common) information systems. IT processes and infrastructure are to a large extent centralised and outsourced to professional outsourcing partners. Structured monitoring processes are in place, which includes clear agreements on assurance from outsourcing partners. The harmonisation, centralisation and outsourcing of IT have a positive impact on the overall control environment. Code of Business Conduct and Whistle-blowing The Code of Business Conduct and Whistle-blowing procedure are applicable to all majority-owned subsidiaries. Compliance is supported through continuous monitoring of effectiveness, rotational audits and employee perception irveys. Employees may report suspected cases of serious nisconduct to their direct superior, the local Trusted epresentative or anonymously to an independently run onfidential helpline. The Integrity Committee oversees the inctioning of the Whistle-blowing procedure and reports i-annually to the Executive Board and Audit Committee m reported cases and effectiveness of the procedure, dditional communication and training are planned for 009 to reaffirm the importance of responsible conduct nd compliance. upervision he Executive Board oversees the adequacy and functioning f the entire system of risk management and internal control, ssisted by Group departments. Group Internal Audit rovides independent assurance and advice on the entire sk management and internal control system. The Assurance leetings, at local and regional level, oversee the adequacy nd operating effectiveness of the risk management and iternal control systems in their respective environments, egional Management and Group Internal Audit participate the local meetings to ensure effective dialogue and ansparency. The outcome and effectiveness of the risk lanagement and internal control systems have been scussed with the Audit Committee. The worldwide external audit activities - which are based on local statutory materiality levels, and therefore more detailed than necessary for the audit of the Heineken N.V. consolidated financial statements - provide additional assurance on true and fair presentation of financial reporting on operating company level. Within the scope of their financial audit assignment, external auditors also report on internal control issues through their management letters and attend local and regional Assurance Meetings. Special attention was given to the integration of financial reporting of the acquired businesses from former S&N and some other acquisition, including transfer to the Heineken Accounting Policies. In 2009, the Heineken standard chart of accounts will be implemented. Considering Heineken's risk management and control system described in this section, the financial reporting is adequately designed and worked effectively in the year under review in providing reasonable assurance that the 2008 financial statements do not contain any material misstatements. There are no indications that the risk management and control systems relating to financial reporting are not working properly in the current year. This statement cannot be construed as a statement in accordance with the requirements of Section 404 of the US Sarbanes-Oxley Act, which is not applicable to Heineken N.V. Main risks Under the explicit understanding that this is not an exhaustive list, Heineken's main risks are described below. It includes mitigation measures and where possible quantifying the potential impact. Risks concerning the Heineken brand and Company reputation, volatility and rise of input costs, availability and cost of capital, and increasing legislation (like alcohol, excise duties and anti-trust) affecting the business, are considered the most significant risks. The main Company risks have been discussed with the full Supervisory Board. inancial reporting he risk management and control system over financial eporting contains clear accounting policies, a standard nart of accounts and 'assurance letters' signed by General id Finance Managers. The Heineken common systems nd embedded control frameworks, as implemented in a arge number of the subsidiaries, support common ccounting and regular financial reporting in standard forms, esting of key controls relevant for financial reporting are art of the Common Internal Audit Approach.

Jaarverslagen en Personeelsbladen Heineken

Jaarverslagen | 2008 | | pagina 47