Universal Registration Document 2022
R I SK AND R I SK MANAGEMENT INTERNAL CONTROL AND RISK MANAGEMENT
2 . 2 I NTERNAL CONTROL AND R I SK MANAGEMENT
2.2.1 GENERAL PRESENTATION A global approach The risk management and internal control systems to which the management systems contribute, as well as the internal audit system constitute a global approach to control the group’s activities and objectives. Governance and scope The risk management and internal control systems are managed by the Audit, Internal Control and Risk Management Department (ASMR) which reports to the Audit, Security and Risk Management Department (ASM) of Groupe ADP. The governance of these systems is based on: ◆ the Board of Directors, which determines the directions taken by Aéroports de Paris SA’s activity and ensures they are followed (article 16 of the Articles of Association); ◆ the Audit and Risk Committee, an extension of the Board of Directors, whose mandate is specified in the rules of procedure of the Board of Directors; ◆ the Executive Committee (Comex), chaired by the Chairman and CEO, which takes part in directing Groupe ADP, both operationally and strategically, and debates any subject relating to its smooth running; ◆ the Risk and Internal Control Operational Committee (CORCI) which brings together the directors of the entities 1;
2
◆ the Group’s business lines; ◆ the network of “Audit Risk Management Internal Control” (ARC) coordinators appointed in each ADP SA entity, as well as the network of contacts within the Group’s subsidiaries (France and international). It is based on the model of “three lines of activity control”, invented by the IFACI (the French Institute for Audit and Internal Control) and the AMRAE (the French Association for the Management of Corporate Risks and Insurance). Governance of risk management functions within the Group Groupe ADP’s internal control and risk management systems also contribute to securing the Group’s activities: ◆ on the one hand, the risk management system aims to identify, assess and prioritise the Company’s main risks. As part of this work, controls may be put in place to remedy an identified weakness; ◆ on the other hand, internal control is based on the main risks identified. At the same time, these systems can be supplemented by “quality” procedures (ISO), elements of internal control. Lastly, internal audit ensures the robustness of internal control.
BOARD OF DIRECTORS AUDIT AND RISK COMMITTEE
EXECUTIVE COMMITTEE (COMEX) RISK AND INTERNAL CONTROL OPERATIONAL COMMITTEE (CORCI)
1 st LINE OF CONTROL
2 nd LINE OF CONTROL
3 rd LINE OF CONTROL
HR
INTERNAL AUDIT
LOCAL MANAGEMENT
Purchases
Legal
Actors involved in the business activity
EXTERNAL AUDITS REGULATION
Finance
RISK MANAGEMENT AND INTERNAL CONTROL RISK HEDGING BY INSURANCE
Management
ETHICS AND COMPLIANCE
IS …
Network of ARCcoordinators andmanagement systems
Source: Institut Français de l’Audit et du Contrôle Internes (IFACI)
157
AÉROPORTS DE PAR I S / UN I VERSAL REG I STRAT I ON DOCUMENT 2022
Made with FlippingBook - Online Brochure Maker