The Company’s Internal Control System aims to improve the effectiveness and efficiency of operations, eligibility for financial reporting, compliance with applicable laws and regulations, and established management policies. In day- to-day activities, the Internal Control System is intended to safeguard the Company’s assets and ensure the accuracy of Company data, which is a key source of information used in decision-making.
The Company’s management aims to implement the internal control system in every operational activity through all lines of work. Implementation includes creating and updating policies and procedures that become the responsibility of the Group Corporate Policy Division (GCP).
The Company’s policies and procedures are grouped into five (5) categories, namely financial, operational, production and program, sales and marketing, and human resources, where the formalization of policy and procedure through study and obtain the approval up to the level of authorization which has been established.
The internal control system is also implemented through several steps within the Company. These steps include: the practice of values, ethics and integrity among employees formalized in the code of conduct, which can be accessed by all employees via Intranet (portal) of the Company; the use of computer programs integrated in financial and operational transactions (sales, programming and human resources); the practice of supervisory functions by superiors of respective units; and the practice of separating functions between the maker, checker and approving body in accordance with duties, responsibilities and authority within the Company’s organizational structure and business units.
The Board of Directors periodically evaluates the effectiveness of internal controls through the Internal Audit Unit and the External Auditor.
In efforts to improve the implementation of the Company’s internal control system alongside the Group’s expanding business and activities, towards the end of 2014, the Company began the Compliance & Control Self Assessment (CCSA) project to enhance internal control and development of the business and operational activities of the Group. Upon the project’s full implementation, each Business Unit is expected to assist the Group in anticipating risks, especially those that can have a material impact on the Company.
Risk Management System
The Company’s risk management system is designed to evaluate the effectiveness of the internal environment, goal setting, identification of activities, risk assessment, risk management, control activities, information and communication, as well as surveillance.
Strategies applied in risk management aim to share risks, avoid risks, reduce the level of risks through a system of internal control, or accept risks.
The main risks faced by the Company are grouped into 2 general categories:
External Risks
Internal Risk
During 2015, the risk management system was effective in conducting several preventive measures, including: