APC 2011 Annual Report Download - page 140

Download and view the complete annual report

Please find page 140 of the 2011 APC annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 280

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280

138 2011 REGISTRATION DOCUMENT SCHNEIDER ELECTRIC
CORPORATE GOVERNANCE
3INTERNAL CONTROL AND RISK MANAGEMENT
10.5 Control procedures
This section describes specifi c measures taken in 2011 to improve
the Group’s control system.
Operating units
For internal control to be effective, everyone involved must
understand and continuously implement the Group’s general
guidelines and the Key Internal Controls.
Training in Key Internal Controls continued in 2011 for those
involved for the fi rst time in the annual self-evaluation process: newly
promoted managers and entities recently integrated. Operational
units, trained by their line management undertook self-evaluation
of compliance with the Key Internal Controls governing their scope
of operations.
The self-assessments conducted during the 2011 campaign
covered 90% of consolidated revenue and made it possible to
defi ne improvement plans in the operating units, when necessary.
The ultimate goal is that these evaluations should cover at least
90% of consolidated revenue each year.
The self-assessments are conducted in the units by each process
manager. Practices corresponding to the Key Internal Controls are
described and performance is rated on a scale of1 (non- compliance)
to4 (very good).
For all responses below3 (compliance) on the scale, an action plan
is defi ned and implemented to achieve compliance. These action
plans are listed in the self-assessment report.
The unit’s fi nancial manager conducts a critical review of the
self- assessments by process, and certifi es the quality of the overall
results. The self-evaluation is then also certifi ed by the person in
charge of the unit.
Operating Divisions and business
To control the reliability of the fi nancial statements and the
alignment of performance with set targets, the Group relies on
Senior Management’s quarterly review process and procedures
carried out by the Management Control and Accounting Unit to
control the quality of accounting data provided by consolidated
units (see “Internal Control organisation and Management – Senior
Management” and “Internal control procedures governing the
production and processing of accounting and fi nancial information”).
In 2011, the Operating Divisions continued to provide training for
the operating units on internal control issues and examined and
challenged the self-assessments of internal audits of these units.
After analysing the results, improvement plans were developed
either for certain units or for certain Key Internal Controls at the
Division level.
The regional internal controllers carried out audits on site as to the
reliability of self-assessments of Internal Control and the ef ciency of
the remediation plans put in place as a result of the previous year’s
self-assessments.
Global Functions
In 2011, the Global Functions continued to set guidelines, issue
instructions and provide support.
During the year:
the Company’s processes were mapped and each one assigned
a “process guarantor” sponsored by a member of the Executive
Committee. The key processes for carrying out strategy of
Schneider Electric are the subject of particular attention so as to
ensure coherence with operational results, IT and organisational
resources employed including coherence with internal
controldemands;
for the two-year period 2010 and 2011, the IT Security Department
carried out 13audits in units, which gave rise to reports giving
conclusions and recommendations for the managers of the units
audited. The implementation of recommendations by the units
is subject to monitoring. In 2011 particular attention was paid to
R&D centres;
in addition to on-site audits, the security function in 2011
acquired a new skill known as “penetration testing”. This skill
set allows the vulnerability of websites to be identifi ed and for
remedial measures taken to limit the effects on any future attacks.
Five sites were audited;
the Management of Solution Risks Department assists project
leaders in risk assessment, the conclusion of contracts for
major projects and organisation of validation meetings before
submitting proposals;
in 2011, the Security Department headed up the organisation
of a new Group-level crisis room. In addition, by identifying at a
global level certain internal competences specifi c to the area of
investigation, it initiated the creation of a new organisation directly
reporting to the Fraud Committee that will signifi cantly increase
investigation capabilities as regards combatting internal fraud;
the Corporate Treasury Department continued to roll out its
central payment system developed in 2009 and which today
covers 60 subsidiaries. Roll out will continue in the years to
come. A system of monitoring bank guarantees so as to track
commitments is also under development.
Internal Control Department
Internal Control continued to deploy the Key Internal Controls
– training and requests for self-assessments – throughout the
Operating Divisions, with the scope extended to cover new units:
50% of the defi ciencies identifi ed during the 2010 campaign were
deemed settled in 2011.
New defi ciencies were identifi ed owing to additional Key Internal
Controls, which gave rise to further action plans.
Internal Control self-assessments were received and analysed,
which identifi ed areas needing work in 2012 as part of the process
of continuous improvement.
In addition to the analysis and action plans initiated by the Entities
and Operating Divisions, similar work is being carried out in the
Global Functions. On the basis of the results obtained in their fi eld,
the various functions defi ne and implement improvement actions
as needed.