Huawei 2011 Annual Report Download - page 89

Download and view the complete annual report

Please find page 89 of the 2011 Huawei annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 104

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104

84
/
Risk Assessment
Huawei has established a dedicated risk management
department to regularly perform risk assessments on all
business processes across the company. This department
identifies, manages, and monitors the significant risks to
which the company is exposed, forecasts potential risks
to the company caused by changes in both the internal
and external environments, and submits risk management
strategies along with mitigating measures to corporate
management for decision making.
All process owners are responsible for identifying,
assessing, and managing different types of risks and related
internal control measures. Risk assessment factors include
the likelihood of a risk occurring and its potential impact.
Control Activities
Huawei has established the Global Process Management
System (GPMS) and the Business Transformation
Management System (BTMS), released the global Business
Process Architecture (BPA), and appointed GPOs who
take charge of process and internal control building based
on the BPA. The GPOs identify Key Control Points (KCPs)
and the Separation of Duties Matrix for each process and
apply them to all regions, subsidiaries, and business units.
The GPOs organize monthly compliance tests on the
KCPs to continuously monitor the effectiveness of internal
controls and publish test reports. In addition, the GPOs
perform Semi-Annual Control Assessments (SACAs) to
assess the effectiveness of the overall process design and
executional effectiveness of each business unit. The GPOs
then publish assessment reports and submit the results to
the Audit Committee.
Information & Communication
The company has established information and
communication channels to ensure our information is the
most current, such as customer and supplier information.
Huawei has established an online forum that provides a
channel for employees to communicate with each other.
The top management holds regular meetings with
different departments to help them with operational issues
and ensure that management decisions are effectively
implemented. All business policies and processes are
available on the company's intranet. Managers and
process owners regularly organize training programs on
business processes and internal controls to ensure that
all employees know the most current information. The
company has established a mechanism for process owners
at all levels to regularly communicate with one another,
review the executional effectiveness of internal controls,
and follow up on resolving internal control issues.
Monitoring
The company has established an internal complaint
channel, an investigation mechanism, and an
accountability system. We have clearly defined
guidelines in the Agreement on Honesty and Integrity
which the company signs with its suppliers. Suppliers
can report any improper conduct concerning Huawei
employees through the channels provided in the
agreement. This helps Huawei monitor the integrity of
its employees.
The Internal Audit Dept independently assesses the
internal control effectiveness of the company and
investigates any potential violations of the BCG. The
Internal Audit Dept submits the audit and investigation
results to the Audit Committee and senior management.
Huawei has established an internal control appraisal and
accountability system for GPOs and regional managers.
The Audit Committee regularly reviews the internal
control effectiveness of the company and considers
reports on action plans for internal control issues and
the progress of plan execution. The Audit Committee
has the authority to request that the GPOs or top
management of each business unit provide explanations
for identified internal control issues and, if necessary,
take corrective actions. The Audit Committee may also
suggest that the Human Resources Committee take
disciplinary action when necessary.
Corporate Governance Report