EasyJet 2012 Annual Report Download - page 50

Download and view the complete annual report

Please find page 50 of the 2012 EasyJet annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 108

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108

Corporate governance
continued
Risk management
The Board is responsible for determining the nature and extent
of the significant risks it is willing to take in achieving its strategic
objectives. During 2012, there was continued investment in and
assessment of the risk management process resulting in
improved risk management understanding and reporting. The
process is underpinned by rigorous annual risk identification
workshops completed by both the functional managers and the
Executive Management Team. The process focuses on strategic,
financial and operational risks. This process is coordinated by the
Risk Manager who reports to the Head of Risk and Assurance.
The Head of Risk and Assurance reports to the Chief Financial
Officer and the Chairman of the Audit Committee.
To ensure that risk is effectively managed a number of key
activities are undertaken, as defined by the Executive Directors:
Ongoing risk management and assurance is provided through
the various monitoring reviews and reporting mechanisms that
are embedded into the business operations. Key monitoring
reviews include those conducted continuously in operational
weekly meetings. In addition, the Safety Audit Group (SAG)
meets monthly to discuss safety, security and environmental
risks and the Safety Review Board (SRB) meets monthly, or
more regularly where events require, to review safety
performance. In addition, there are regular commercial,
financial and IT functional meetings.
The Executive Management Team meets regularly to consider
significant risks and overall business performance.
Internal Audit considers, reviews and tests internal control and
business risk matters as defined by its risk based audit plan.
The Directors review the effectiveness of internal control, including
operating, financial, compliance and risk management controls,
which mitigate the significant risks identified. The mechanisms
used by the Directors to review the effectiveness of these
controls include:
Reports from management. Reporting is structured to ensure
that key issues are escalated through the management team
and ultimately to the Board as appropriate.
Discussions with senior personnel throughout the Company.
Consideration by the Audit Committee of internal and external
audit reports.
Controls which mitigate or minimise high-level risks are
reviewed by management to ensure that they are in
operation. The results of this review are reported to the
Board which considers whether these high-level risks are
effectively controlled.
The Audit Committee undertake an annual review of the
appropriateness of the risk management processes to ensure that
they are sufficiently robust to meet the needs of the Company.
Internal audit
Internal Audit is part of the Company’s Risk and Assurance
function. Internal Audit’s work is designed to provide effective risk
based coverage over the internal control environment. This is
summarised in an audit plan, which is approved by the Board and
Audit Committee and updated on a rolling basis.
The Internal Audit department reviews the extent to which
systems of internal control:
are designed and operating effectively;
are adequate to manage easyJet’s risks; and
safeguard the Company’s assets.
The Head of Internal Audit reports to the Head of Risk and
Assurance and also has direct access to the Chief Executive, Chief
Financial Officer and the Chairman of the Audit Committee. The
Risk and Assurance function was formed in 2011 which combines
the responsibilities for Internal Audit, monitoring internal financial
controls, risk management coordination and fraud investigation
into a single function.
The Head of Internal Audit was invited to and attended all of the
Audit Committee meetings in the year and reported regularly
on Internal Audit reviews at the Executive Management Team
meetings during the course of the year.
Internal Audit’s key objectives are to provide independent and
objective assurance on risks and controls to the Board and senior
management and to assist the Board in meeting its corporate
governance and regulatory responsibilities. During the year the
effectiveness of the Internal Audit function was assessed by the
Head of Risk and Assurance and the Audit Committee; this
followed a formal external effectiveness review completed in 2011.
The role of Internal Audit and the scope of its work continue to
evolve to take account of changes within the business and
emerging best practice. A formal audit charter is in place.
easyJet plc
Annual report and accounts 2012
48
PLC
BOARD
FUNCTIONAL
RISK ASSESSMENTS
STRATEGIC
RISK ASSESSMENT
SIGNIFICANT
BUSINESS RISKS
Top Down Feedback
Functional risks Strategic risks
EXECUTIVE
MANAGEMENT
TEAM OWNERSHIP
AND CHALLENGE
RISK EVALUATION GROUP
FILTER
Governance