EasyJet 2014 Annual Report Download - page 72

Download and view the complete annual report

Please find page 72 of the 2014 EasyJet annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 140

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140

70 easyJet plc Annual report and accounts 2014
Corporate governance report continued
RISK MANAGEMENT AND
INTERNAL CONTROL
The Board has overall responsibility for easyJet’s risk
management and systems of internal control.
Risk management
easyJet has a detailed risk management process to ensure
that significant risks are identified and mitigated where
possible. For further details of the risk management
process, the principal risks and uncertainties faced by the
Group and the associated mitigating actions, please refer
to pages 28 to 35.
In order that risks are managed effectively, a number
of activities are undertaken:
ongoing risk management and assurance is provided
through the various monitoring reviews and reporting
mechanisms that are embedded into the business
operations;
regular operational (including safety), commercial,
financial and IT functional meetings are held to review
performance and to consider key risks and issues;
(please refer to page 58 for details of the Safety
Committee); and
the Executive Management Team meets regularly to
consider significant risks and overall business performance.
To mitigate any significant risks identified, the Directors review
the effectiveness of internal controls, including operating,
financial and compliance controls, by the following:
review by management of controls, which mitigate
or minimise high-level risks, to ensure that they are in
operation. The results of this review are reported to
the Audit Committee and the Board which considers
whether these high-level risks are being effectively
controlled; and
discussions with senior personnel throughout the
Company. This ensures key issues are escalated through
the management team and, as appropriate, ultimately to
the Board.
The Audit Committee undertakes an annual review of the
appropriateness of the risk management processes to
ensure that they are sufficiently robust to meet the needs
of the Group (please refer to pages 61 to 63 for details of
the Audit Committee’s responsibilities).
Internal control
The responsibility for establishing and operating detailed
control procedures lies with the Chief Executive. The
internal control systems are designed to manage, rather
than eliminate, the risk of failure to achieve business
objectives. By their nature, they can only provide
reasonable, but not absolute, assurance against material
misstatement or loss.
The Board has conducted an annual review of the
effectiveness of the systems of internal control during
the year, under the auspices of the Audit Committee.
This included reviews of systems and controls relating
to financial reporting processes and the preparation of
the accounts. The internal financial control monitoring
programme, administered by internal audit, has continued
to enhance the review process. No material failings
or weaknesses were identified during the course of
this review.
The internal control regime is supported by the operation
of a whistleblower reporting function. The system is
operated by a specialist external third-party service
provider and allows employees to report concerns
anonymously and in confidence. The Audit Committee
has approved the processes and reporting structure for
the function, and receives regular reports on its operation.
Internal audit
The Internal Audit function’s key objectives are to provide
independent and objective assurance on risks and controls
to the Board, Audit Committee and senior management,
and to assist the Board in meeting its corporate
governance and regulatory responsibilities. Its work is
summarised in a risk-based audit plan, which is approved
by the Board and the Audit Committee and updated on
a rolling basis.
Internal Audit reviews the extent to which systems of
internal control:
are designed and operating effectively;
are adequate to manage easyJet’s key risks; and
safeguard the Group’s assets.
The Head of Internal Audit reports to the Head of Risk and
Tax and has direct access to the Chief Executive and the
Chairman of the Audit Committee. The Head of Internal
Audit is invited to, and attends, Audit Committee meetings
throughout the year and reports regularly on Internal Audit
reviews at the Executive Management Team meetings.
During the year, the effectiveness of the Internal Audit
function was assessed by the Head of Internal Audit and
the Audit Committee; this followed a formal external
effectiveness review completed in 2011.
The role of the Internal Audit function and the scope of its
work both continue to evolve to take account of changes
within the business and emerging best practice. A formal
audit charter is in place.