APC 2012 Annual Report Download - page 147
Download and view the complete annual report
Please find page 147 of the 2012 APC annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.-
1 -
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137 -
138 -
139 -
140 -
141 -
142 -
143 -
144 -
145 -
146 -
147 -
148 -
149 -
150 -
151 -
152 -
153 -
154 -
155 -
156 -
157 -
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
-
281
-
282
-
283
-
284
-
285
-
286
-
287
-
288
-
289
-
290
-
291
-
292
-
293
-
294
-
295
-
296
-
297
-
298
-
299
-
300
-
301
-
302
-
303
-
304
-
305
-
306
-
307
-
308
-
309
-
310
-
311
-
312
-
313
-
314
-
315
-
316
-
317
-
318
-
319
-
320
 |
 |
2012 REGISTRATION DOCUMENT SCHNEIDER ELECTRIC 145
CORPORATE GOVERNANCE
3
INTERNAL CONTROL AND RISK MANAGEMENT
The regional internal controllers carried out controls on site as to the
reliability of self-assessments of Internal Control and the effi ciency of
the remediation plans put in place as a result of the previous year’s
self-assessments.
Global Functions
In 2012, the Global Functions continued to set guidelines, issue
instructions and provide support.
For example:
•in 2012, the IT Security Department intensifi ed its website
tests referred to as “penetration testing”. This skill set allows
the vulnerability of websites to be identifi ed and for remedial
measures taken to limit the effects on any future attacks. In2012,
15sites were tested with the internal skill sets of the IT Security
Department and 20 were tested using external expertise;
•in2012, the IT Security Department created a platform to better
address cyber threats. This platform can switch from a passive
mode to a more proactive mode for detecting and responding to
cyber-attacks. Under the project, equipment will be provided to
about 200sites, of which just over half had been carried out at
the end of2012;
•the Solution Risk Managers (Solution Risk Department) assist
the Tender Managers in risk assessment and the defi nition of
remediation measures during the preparation of offers. The
offer approval circuit prior to submission of bids depends on the
amount and nature of the residual risks;
•in2012, the Security Department contributed to the creation of
new Security Division in three areas:
–Africa and the Middle East,
–the Andes, comprised of Venezuela, Colombia and Ecuador,
–India.
It has also formalized corporate governance for the protection of
personal data in the form of Binding Corporate Rules (BCR). This
governance was offi cially approved by the European personal
data protection authorities in November2012.
A network of “Personal Data Protection” country correspondents
was also put in place for the implementation and operation of this
governance;
•the Corporate Treasury Department has, to date, made the use
of the Group secure payments tool available to 80subsidiaries;
•a tool for issuing and managing bank guarantees was also
developed to monitor these commitments, which are rapidly
increasing with the growth of sales in the form of projects. The
deployment of this tool primarily concerned companies in the
Infrastructure Business and will be gradually extended to other
Group companies concerned.
Internal Control Department
Internal Control continued to deploy the Key Internal Controls
– training and requests for self-assessments – throughout the
Operating Divisions, with the scope extended to cover new units:
40% of the defi ciencies identifi ed during the 2011 campaign were
deemed settled in2012.
New defi ciencies were identifi ed owing to additional Key Internal
Controls, which gave rise to further action plans.
Internal Control self-assessments were received and analyzed,
which identifi ed areas needing work in2013 as part of the process
of continuous improvement.
In addition to the analysis and action plans initiated by the Units
and Operating Divisions, similar work is being carried out in the
Global Functions. On the basis of the results obtained in their fi eld,
the various functions defi ne and implement improvement actions
asneeded.
The list of Key Internal Controls continues to evolve. In2012, the
Key Internal Controls of certain processes (Purchasing, Information
Systems, Credit Management, etc.) were modifi ed according to
the results of the self-assessments of the previous year and the
adjustments necessary depending on changing activities and
requirements.
The software package for the management of self-assessment
questionnaires and follow-up action plans of Internal Audit and
Internal Control introduced in2011 continues to be improved.
The regional internal control organization introduced in 2011
consists in2012 of 25 regional in-house controllers in three regions,
who:
•perform the duties defi ned under Section Organization and
management: key participant – Internal Control Department
for the units in their regional scope, covering all Operational
Departments;
•establish standardized procedures (e.g. for internal control
assignments such as control cycles, documentation, scope
defi nition, work programs etc.), in line with Internal Audit
procedures;
•completed more than 80 on-site inspection missions in2012 to
assess the level of internal control and the adequacy of action
plans, issuing the necessary recommendations when needed.
Internal Audit Department
The Internal Audit Department contributes to the analysis and to
strengthening the Internal Control System by:
•mapping global risks;
•verifying the effective application of Key Internal Controls during
audit assignments;
•reviewing the audited unit’s internal control self-assessment and
related action plans.
The audit assignments go beyond the Key Internal Controls, and
include an in-depth review of processes and their effectiveness.
The internal auditors also review newly acquired units to assess
their level of integration into the Group, the level of internal control
and the effectiveness of operational processes, as well as ensuring
Group rules and guidelines are properly applied, and more generally
compliance with the law.
A summary overview of the department’s audits makes it
possible to identify any emerging or recurring risks that require
new risk management tools and methodologies or adjustments
to existing resources.