Internal control and compliance
Snam is fully committed to maintaining an internal control and risk management system that equals international best practices. Compliance includes communication, education, training and monitoring to ensure that laws, regulations and rules are understood and followed.
What is the internal control and risk management system
The internal control and risk management system is all the necessary or useful tools to address, manage and check activities in the company, aimed at
- ensuring compliance with corporate laws and procedures
- protecting corporate assets, efficiently managing activities
- providing precise and complete accounting and financial information
How Snam's internal control and risk management system works
Snam's internal control and risk management system is based on an integrated model of controls, with the duties of all involved, and cleary identified procedures for coordination between the control body and operations. Management is primarily responsible for applying the internal control and risk management system, since control activities are an integral part of managerial processes.
Framework for Integrated Internal Control
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) provides guidance to executive management and governance entities on organisational governance, business ethics, internal control, enterprise risk management, fraud and financial reporting. Snam is among the many companies worldwide that use COSO’s internal control model.
Verifying if control and risk management system is adequate and effective
Responsibility lies with the Board of Directors, which, with the assistance of the Control, Risk and Related Parties Transactions Committee, sets rules and periodically verifies the system’s adequacy and effective operation that the main business risks are identified and managed. In its capacity as the "internal control and audit committee", Snam’s Board of Statutory Auditors oversees the system’s effectiveness.
The chief executive officer (CEO) has been named by the board as the director responsible for the internal control and risk management system, giving him the duty for its planning, implementation and management.
Risk managed through 3 organisational levels of internal control
Snam’s risk management system is comprised of three levels of internal control. Various operating units are involved based on specific allocations of responsibility. These units are set within the corporate structure shown below.
the role of the Internal Auditor at Snam
The role, duties and responsibilities of the Internal Auditor at Snam are defined by rules of the Board of Directors on Internal Auditing.
The Internal Auditor performs his or her activities while maintaining the necessary independence and due objectivity, competence and professional diligence, as set forth in the International Standards for the Professional Practice of Internal Auditing, issued by the Institute of Internal Auditors, as well as in compliance with the principles set forth in Snam’s Code of Ethics.
The Board of Directors, guided by the Control, Risk and Related Parties Transactions Committee and with input from the Board of Statutory Auditors, appoints the Internal Auditor based on a proposal from the internal control and risk management system director, in agreement with the chairman of the Board of Directors.
The Board of Directors has appointed Lorenzo Alzati as Internal Auditor. More information on the role can be found in the Corporate Governance Report.
10 August 2018 - 10:58 CEST