7.3. Control activities
Solvay uses a systematic approach to designing and implementing control activities in the most relevant processes. The key responsibilities in this approach are defined in Solvay’s Management Book. The corporate process owner (CPO) is the top management, function general manager, sponsor of processes (and sub processes). The corporate process manager (CPM) is responsible for the definition of a standard process for the Group. He should:
- identify risks and assess them;
- set up procedures and control activities relevant to those risks;
- roll out those controls across the Group.
The Internal Audit and Risk Management Department assists the corporate process managers in identifying the most significant risks in the processes and in designing control activities in proportion to the stakes inherent in each process. It also helps them to set up their annual internal control plan (indicating which issues and controls are to be a priority for the coming year, as well as the roll-out plan). This plan is validated each year by an Internal Control Steering Committee chaired by the Group CFO, and comprising all function general managers. At each level of the Group (corporate, Shared Services platforms and GBUs), the management operating the various processes is responsible for the execution of the controls.
General controls on the information systems cover both the security aspects, aimed at securing the protection of data, and the quality aspects, aimed at ensuring the best suitability of solutions (management of changes and projects) and services (management of information system operations) to the needs of the users.
With regard to the controls on financial data, these controls are implemented throughout the Record-to-Report process. Furthermore, a Financial Reporting Guide explains how the IFRS rules should be applied throughout the Group.
The financial elements are consolidated monthly and analyzed at every level of responsibility of the Company (such as, for example, Solvay Business Services, the finance director of the entity, Group Accounting and Reporting and the Executive Committee) and in various ways, such as variance analysis, plausibility and consistency checks, ratio analysis and comparison with forecasts.
The results are also validated quarterly by the Audit Committee, taking into account the work carried out by the external auditor.