EasyJet 2015 Annual Report Download - page 67

Download and view the complete annual report

Please find page 67 of the 2015 EasyJet annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 130

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130

Strategic report Governance Accounts
63
www.easyJet.com
RISK MANAGEMENT AND
INTERNAL CONTROL
The Board has overall responsibility for easyJet’s risk
management and systems of internal control.
Risk management
easyJet has an established risk management process to ensure
that significant risks are identified and mitigated where possible.
For further details of the risk management process, the principal
risks and uncertainties faced by the Group and the associated
mitigating actions, please refer to pages 24-29.
In order that risks are managed effectively, a number of activities
are undertaken:
ongoing risk management and assurance is provided through
the various monitoring reviews and reporting mechanisms that
are embedded into the business operations;
regular operational (including safety), commercial, financial and
IT functional meetings are held to review performance and to
consider key risks and issues; (please refer to pages 52-53 for
details of the Safety Committee); and
the Executive Management Team meets regularly to consider
significant risks and overall business performance.
To mitigate any significant risks identified, the Directors review
the effectiveness of internal controls, including operating,
financial and compliance controls, by the following:
review by management of controls, which mitigate or minimise
high-level risks, to ensure that they are in operation. The results
of this review are reported to the Audit Committee and the
Board which considers whether these high-level risks are being
effectively controlled; and
discussions with senior personnel throughout the Company.
This ensures key issues are escalated through the management
team and, as appropriate, ultimately to the Board.
The Audit Committee undertakes an annual review of the
appropriateness of the risk management processes to ensure
that they are sufficiently robust to meet the needs of the
Group (please refer to pages 54-57 for details of the Audit
Committee’s responsibilities).
Internal control
The responsibility for establishing and operating detailed control
procedures lies with the Chief Executive. The internal control
systems are designed to manage, rather than eliminate, the risk
of failure to achieve business objectives. By their nature, they
can only provide reasonable, but not absolute, assurance against
material misstatement or loss.
The Board has conducted an annual review of the effectiveness
of the systems of internal control during the year, under the
auspices of the Audit Committee. This included reviews of
systems and controls relating to financial reporting processes
and the preparation of the accounts. The internal financial
control monitoring programme, administered by Internal Audit,
has continued to enhance the review process.
The internal control regime is supported by the operation of
a whistleblower reporting function. The system is operated by
a specialist external third-party service provider and allows
employees to report concerns anonymously and in confidence.
The Audit Committee has approved the processes and reporting
structure for the function, and receives regular reports on
its operation.
Internal audit
The Internal Audit function’s key objectives are to provide
independent and objective assurance on risks and controls to the
Board, Audit Committee and senior management, and to assist
the Board in meeting its corporate governance and regulatory
responsibilities. Its work is summarised in a risk-based audit plan,
which is approved by the Audit Committee and updated on a
rolling basis.
Internal Audit reviews the extent to which systems of internal control:
are designed and operating effectively;
are adequate to manage easyJet’s key risks; and
safeguard the Group’s assets.
The Head of Internal Audit reports to the Head of Risk and Tax
and has direct access to the Chief Executive and the Chairman
of the Audit Committee. The Head of Internal Audit is invited to,
and attends, Audit Committee meetings throughout the year
and reports regularly on Internal Audit reviews to the Executive
Management Team.
During the year, the effectiveness of the Internal Audit function
was assessed by the Audit Committee. The role of the Internal
Audit function and the scope of its work both continue to evolve
to take account of changes within the business and emerging
best practice. A formal audit charter is in place.