APC 2013 Annual Report Download - page 166

Download and view the complete annual report

Please find page 166 of the 2013 APC annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 332

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332

3CORPORATE GOVERNANCE
INTERNAL CONTROL AND RISK MANAGEMENT
Risk identification and management
9.4
General risks at the Group level Risk management by the Risk and Insurance
Department
The Internal Audit Department uses interviews to update the list of
general risks at the Group level each year. In2013, 65 of the The Risk and Insurance Department contributes to the internal
Group’s top managers were interviewed. control system by defining and deploying a Group-wide insurance
strategy, as defined in “Risk Factors and Insurance Strategy.” The
The risks identified through these interviews are ranked by impact insurance strategy includes the identification and quantification of
and probability of occurrence. The threat/opportunity aspect of the main insurable risks, the determination of levels of retention
each risk is also taken into account. and transfer of such risks; it also prepares and deploys measures
Risk factors related to the company’s business, as well as to prevent these risks and protect assets.
procedures for managing and reducing those risks, are described
Risk management by the Security Department
in “Risk Factors.” These procedures are an integral part of the
internal control system.
The Group’s Security Department defines corporate governance
The risk matrix and the analysis of changes from one year to the
with regard to loss prevention in the area of willful acts against
next contribute to the development of an internal audit plan for the
property and people.
following year. The major and global risks were audited by the
Internal Audit Department over a period of three years to assess In this respect and in close cooperation with the Risk and
action plans for managing and reducing these risks. In2013, a Insurance Department, it is directly involved in assessing the nature
third of the major and global risks identified at the end of2012 of such risk as well as defining adequate prevention and protection
were audited. measures.
Global risks at the Operating Division level
The Security Department publishes internally a table of “Country
Risks” for use in security procedures that are mandatory for people
travelling, expatriates and local employees. On request, it provides
Each Operating Division assesses its global risks and ranks them support to local teams for any security issues (site audit,
by impact and probability of occurrence. It defines action plans for expatriates or local employee security, security on
reducing the major risks identified. assignments,etc.).
The Internal Audit Department coordinates these assessments in It provides daily coordination with the Group’s worldwide partner in
the framework of the list of global risks at the Group level each the field of medicalandsecurity assistance (International SOS –
year. start of contract in January2011).
Risk factors related to the company’s business at
It brings its methodology to develop emergency plans (evacuation
plans, crisis management plans, business continuity plans,etc.)
and coordinates the corporate crisis team (SEECC – Schneider
the unit level
Electric Emergency Coordination Center) each time that it is
Risk factors related to the company’s business are managed first activated.
and foremost by the units in liaison with the Operating Divisions, The Security Department is integrated in the “Fraud Committee”
based on Group guidelines (in particular via the Key Internal alongside the Internal Audit Department and the Legal Department
Controls). Each subsidiary is responsible for implementing and is directly involved in combatting internal fraud (managing and
procedures that provide an adequate level of internal control. carrying out internal investigations).
The Divisions implement cross-functional action plans for risk The Security Function also participates in crisis management, in
factors related to the company’s business identified as being particular in the management of corporate crisis cell and in support
recurrent in the units or as having a material impact at the Group of local entities (limiting the consequences of the occurrence of
level, as appropriate. The internal control system is adjusted to certain risks such as civil war, weather events, pandemics, attacks
account for these risks. on people, terrorism,etc.).
The Group’s insurance programs cover the remaining portion of
Management of Information Systems risks
transferable risks.
Risk Solutions
An IT Security unit within the Information, Process and
Organization Department defines and implements specific security
The Risk Solutions Management Department defines and policies for information systems. This department has specific skills
implements principles and tools designed to manage these risks. in auditing the security of information systems. After each site
audit, a report is issued setting out findings and recommendations
The network of Solution Risk Managers assesses the risks of all for the attention of the persons in charge of the units audited. The
major projects in conjunction with the Tender Managers during the corrective actions are monitored.
preparation of offers.
164 2013 REGISTRATION DOCUMENT SCHNEIDER ELECTRIC