Huawei 2015 Annual Report Download - page 120

Download and view the complete annual report

Please find page 120 of the 2015 Huawei annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 145

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145

118
Improving the Internal Control System
Huawei continued to design and implement an internal
control system based on its organizational structure and
operating model. The internal control framework and its
management system apply to all business and financial
processes of the company and its subsidiaries and
business units. The internal control system is based on
the five components of the COSO framework: Control
Environment, Risk Assessment, Control Activities,
Information & Communication, and Monitoring. It also
covers internal controls of financial statements to ensure
their truthfulness, integrity, and accuracy.
Control Environment
A control environment is the foundation of an internal
control system. Huawei is committed to a corporate
culture of integrity, business ethics, and compliance with
laws and regulations. Huawei has issued the BCGs to
identify acceptable business conduct. The BCGs must be
observed by all employees, including senior executives.
Regular training programs are offered, and all employees
are requested to sign the BCGs to ensure that the BCGs
have been read, understood, and observed.
Huawei has implemented a mature governance structure,
with clearly defined authorization and accountability
mechanisms. The governance structure comprises the
BOD, its committees, group functions, and multi-level
management teams.
Huawei clearly defines the roles and responsibilities
of its organizations to ensure the effective separation
of rights and responsibilities. The CFO of Huawei is
in charge of internal controls. The business control
department reports to the CFO for any possible defects
and improvements already made in terms of internal
controls, and assists the CFO in building the internal
control environment. The internal audit department
independently monitors and assesses the status of
internal controls for all business operations.
Risk Assessment
Huawei dedicates a department to internal controls
and risk management to regularly assess risks to the
company's global business processes. This department
identifies, manages, and monitors significant risks,
forecasts potential risks caused by changes to the
internal and external environments, and submits risk
management strategies along with risk mitigation
measures for decision making. All process owners are
responsible for identifying, assessing, and managing
business risks and taking necessary internal control
measures. Huawei has instituted a mechanism for
improving internal controls and risk controls to efficiently
manage critical risks.
Control Activities
Huawei has established the Global Process Management
System and the Business Transformation Management
System, released the global BPA, and appointed GPOs
in line with the BPA. Responsible for building processes
and internal controls, GPOs:
Identify key control points and the Separation of
Duties Matrix for each process, and apply these to
all regional offices, subsidiaries, and business units.
Conduct monthly compliance tests on key control
points and issue test reports to ensure continuous
and effective monitoring of internal controls.
Optimize processes and internal controls based
on business pain points to improve operational
efficiency and help achieve business objectives.
Perform SACAs to assess the overall process design
and the effectiveness of process execution by each
business unit, and then report the results to the AC.