Report of the Report of the Financial Other Contents Overview Executive Board Supervisory Board statements information The HEINEKEN Governance, Risk and Compliance activities are organised within the HEINEKEN Business Framework which is applicable to all HEINEKEN subsidiaries. Based on theCOSO reference framework and adapted to the Company's strategic goals and operating model, this framework provides an overview of HEINEKEN's identity, mission and vision, organisation structure, Code of Business Conduct, Company Rules and Risk Management. Risk identification and assessment HEINEKEN's risk management activities seek to ensure identification and appropriate response to any significant threat to the Company's reputation, its assets, the safety of its employees, or the achievement of its strategic objectives. To this end, HEINEKEN has put in place a comprehensive risk management system which identifies, assesses, prioritises and manages risks on a continuous and systematic basis, and covers all subsidiaries across regions, countries, markets and corporate functions. Ongoing identification and assessment of risks is an integral part of ElEINEKEN's governance cycle. Each reporting entity presents, along with its business plan, a risk assessment which covers risks of various natures: operational (among others compliance, financial, safety), strategic and external risks. Implementation of adeguate responses is then assessed on a guarterly basis. Simultaneously, the risks reported by the operating companies are aggregated on a global level to determine El EINEKEN's main risks and coordinated risk response across geographies. Accountability for mitigating, monitoring and reporting on each of the most significant risks is assigned to functional directors. These risks are subject to half-yearly review to account for emerging risks or changes in the Company's internal or external environment that could reguire a review of HEINEKEN's risk management priorities. Internal control activities HEINEKEN's internal control activities aim to provide reasonable assurance as to the accuracy of financial information, the Company's compliance with applicable laws and internal policies and the effectiveness of internal processes. The foundation for managing the Company's operations is the HEINEKEN Rulebook which translates the Company's objectives and strategies into clear rules. These rules articulate how to work as they comprise all mandatory standards and procedures. Compliance with the rules is tested every year through self-assessment of key processes and controls by management. Appropriate action plans for deficiencies are established by local management. Progress on these remediation steps is monitored and reported on at least a guarterly basis. Underpinning the Rulebook and supporting El EINEKEN's ethical culture, the first rule pertains to the Code of Business Conduct. The Code of Business Conduct and its underlying policies set out the expected standard of behaviour of all HEINEKEN employees and third parties working with HEINEKEN. Adherence to these policies is a.o. supported by adeguate trainings and a reporting platform available 24/7 where employees can speak up confidentially and securely if they observe or suspect ethics violations. Assurance Three lines of defence structure HEINEKEN has a three lines of defence structure in place: Operational management, as first line of defence, has the ownership, responsibility and accountability for implementing, assessing, controlling and mitigating risks. Continuous improvement of processes and compliance with the HEINEKEN standards and procedures lies with the internal control function (Process Control Improvement), HEINEKEN's second line of defence, which also facilitates periodic functional risk assessments (Financial Reporting, Tax, Supply Chain, IT) and controls self-assessments. Acting as third line of defence, Global Audit is mandated to perform group-wide reviews of key processes based on HEINEKEN's strategic priorities and most significant risk areas. Audit activities The Global Audit department provides independent and objective assurance and consultancy services. Global Audit employs a systematic and disciplined approach to evaluate and improve the organisation's governance and risk management processes including reliability of information, compliance with laws, regulations and procedures, and efficient and effective use of resources. The methodology followed by HEINEKEN internal audit team complies with the standards of the Institute of Internal Auditors and other relevant governing bodies. 23 Eleineken N.V. Annual Report 2014

Jaarverslagen en Personeelsbladen Heineken

Jaarverslagen | 2014 | | pagina 25