Nokia 2013 Annual Report Download - page 115
Download and view the complete annual report
Please find page 115 of the 2013 Nokia annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.113
CORPORATE GOVERNANCE STATEMENT
The management conducts a yearly assessment of Nokia’s
internal controls over fi nancial reporting in accordance with
the Committee of Sponsoring Organizations (COSO) frame-
work and the Control Objectives for Information and related
Technology (CoBiT) of internal controls. For the year , the
assessment was performed based on a top down risk as-
sessment of Nokia’s fi nancial statements covering signifi cant
accounts, processes and locations, corporate level controls,
control activities and information systems’ general controls.
As part of its assessment the management documented:
■ The corporate-level controls, which create the “tone from
the top” containing Nokia values and Code of Conduct and
provide discipline and structure to the decision making and
ways of working. Selected items from Nokia’s operational
mode and governance principles are separately document-
ed as corporate level controls.
■ The control activities, which consist of policies and proce-
dures to ensure the management’s directives are carried
out and the related documentation is stored according to
Nokia’s document retention practices and local statutory
requirements.
■ The information systems’ general controls to ensure that
suffi cient information technology general controls, includ-
ing change management, system development, computer
operations as well as access and authorizations, are in place.
■ The signifi cant processes, including six fi nancial cycles and
underlying IT cycle identifi ed by Nokia to address control
activities implementing a top down risk based approach.
These cycles include revenue cycle, delivery cycle, invest-
ment cycle, treasury cycle, human resources cycle, record to
report cycle and IT cycle. Financial cycles have been de-
signed to (i) give a complete end-to-end view to all fi nancial
processes (ii) identify key control points (iii) identify involved
organizations, (iv) ensure coverage for important accounts
and fi nancial statement assertions and (v) enable internal
control management within Nokia.
Further, the management also:
■ assessed the design of controls in place to mitigate the
fi nancial reporting risks;
■ tested operating eff ectiveness of all key controls;
■ evaluated all noted defi ciencies in internal controls over
fi nancial reporting as of year-end; and
■ performed a quality review on assessment documentation
and provided feedback for improvement.
Based on this evaluation, the management has assessed
the eff ectiveness of Nokia’s internal control over fi nancial
reporting, as at December , , and concluded that such
internal control over fi nancial reporting is eff ective.
Nokia also has an Internal Audit function that acts as an
independent appraisal function by examining and evaluating
the adequacy and eff ectiveness of Nokia’s system of inter-
nal control. Internal Audit resides within the Chief Financial
Offi cer’s organization and reports to the Audit Committee of
the Board of Directors. The head of Internal Audit function
has at all times direct access to the Audit Committee, without
involvement of the management.
For more information on Nokia’s risk management, please
see Note of Nokia’s consolidated fi nancial statements.