Tesco 2012 Annual Report Download - page 64

Download and view the complete annual report

Please find page 64 of the 2012 Tesco annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 158

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158

Key to delivering effective risk management is ensuring that our people
have a good understanding of the Group’s strategy and our policies,
procedures, values and expected performance. We have a structured
internal communications programme that provides employees with
a clear definition of the Group’s purpose and goals, accountabilities
and the scope of permitted activities for each business unit, as well as
individual line managers and other employees. This ensures that all our
people understand what is expected of them and that decision-making
takes place at the appropriate level. We recognise that our people may
face ethical dilemmas in the normal course of business so we provide
clear guidance based on the Tesco Values. The Values set out the
standards that we wish to uphold in how we treat people. These are
supported by the Group’s Code of Business Conduct, which offers
guidance on relationships between the Group and its employees,
suppliers and contractors.
Risk management
The Group maintains a Key Risk Register. The Register contains the
key risks faced by the Group, including their impact and likelihood,
as well as the controls and procedures implemented to mitigate these
risks (see diagram below). The content of the Register is determined
through regular discussions with senior management and review by
the Executive Committee and the full Board. A balanced approach
allows the degree of controllability to be taken into account when
we consider the effectiveness of mitigation, recognising that some
necessary activities carry inherent risk which may be outside the
Group’s control. Our key risks are summarised on pages 40 to 47
of the Principal risks and uncertainties section of this Annual Report.
The risk management process is cascaded through the Group, with
operating subsidiary boards maintaining their own risk registers
and assessing their control systems. The same process also applies
functionally in those parts of the Group requiring greater overview.
For example, the Audit Committee’s terms of reference require it to
The Executive Committee has authority for decision-making in all
areas except those set out in the Schedule of Matters Reserved for the
Board, and meets formally on a regular basis. The Company Secretary
attends in his capacity as Secretary of the Committee.
The Executive Committee is responsible for implementing Group
strategy and policy and for monitoring the performance and
compliance of the business, drawing on the work of relevant
committees, and reporting on these matters in full to the CEO
and by him to the Board.
The Committee has set up further subcommittees, focusing on
Commercial, Compliance, Internet Retailing, People Matters, Property
Strategy, Sustainability and Technology. These subcommittees have
as members an appropriate mixture of Executive Directors and senior
management from relevant functions.
Risk Management and Internal Controls
Accepting that risk is an inherent part of doing business, our risk
management systems are designed both to encourage entrepreneurial
spirit and also provide assurance that risk is fully understood and
managed. The Board has overall responsibility for risk management
and internal control within the context of achieving the Group’s
objectives. Executive management is responsible for implementing
and maintaining the necessary control systems. The role of Internal
Audit is to monitor the overall internal control systems and report on
their effectiveness to Executive management, as well as to the Audit
Committee, in order to facilitate its review of the systems.
Background
The Group has a three-year rolling business plan to support the delivery
of its strategy. Every business unit and support function derives its
objectives from the three-year plan and these are cascaded to
managers and staff by way of personal objectives.
Even
chance
Significant
Less than
likely
Moderate
Highly
probable
Catastrophic
Highly
improbable
Minor
More
than likely
Substantial
Likelihood ratings (over the next five years)
Impact ratings (over a one-year period)
High risk
Medium risk
Significant risk
The Company can totally control
this risk
The Company can largely control this
risk or influence the environment
The Company is one of a number
of entities that can control the risk
or influence the environment
The Company can only marginally
influence or effect control in this
risk environment
The Company has no effective
influence over the control of
this risk
Controllability factors
Risk matrix (likelihood to impact)
Corporate governance
60 Tesco PLC Annual Report and Financial Statements 2012