BT 2007 Annual Report Download - page 72

Download and view the complete annual report

Please find page 72 of the 2007 BT annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 178

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178

Internal control and risk management
The Board is responsible for the group’s systems of internal
control and risk management and for reviewing the effectiveness
of those systems, which it does annually. Such systems are
designed to manage, rather than eliminate, the risk of failure to
achieve business objectives; any system can provide only
reasonable and not absolute assurance against material
misstatement or loss. The process in place for reviewing the
group’s systems of internal control includes procedures designed
to identify and evaluate failings and weaknesses, and in the case
of any categorised as significant, procedures exist to ensure that
necessary action is taken to remedy the failings.
The Board also takes account of significant social,
environmental and ethical matters that relate to BT’s businesses
and reviews annually BT’s corporate social responsibility. The
company’s workplace practices, specific environmental, social
and ethical risks and opportunities and details of underlying
governance processes are dealt with in the Business review –
Motivating our people and living the BT values and Our
commitment to society.
BT has processes for identifying, evaluating and managing the
significant risks faced by the group. These processes have been
in place for the whole of the 2007 financial year and have
continued up to the date on which this document was approved.
The processes are in accordance with the Revised Guidance for
Directors on the Combined Code published by the Financial
Reporting Council (‘the Turnbull Guidance’).
Risk assessment and evaluation takes place as an integral part
of the group’s annual strategic planning cycle. The group has a
detailed risk management process, culminating in a Board
review, which identifies the key risks facing the group and each
business unit. This information is reviewed by senior
management as part of the strategic review. The group’s current
key risks are summarised in Business review – Group risk
factors.
The key features of the risk management process comprise
the following procedures:
rsenior executives, led by the Secretary, review the group’s key
risks and have created a group risk register describing the
risks, owners and mitigation strategies. This is reviewed by the
Operating Committee before being reviewed and approved by
the Board.
rthe lines of business carry out risk assessments of their
operations, have created registers relating to those risks, and
ensure that the key risks are addressed.
rsenior management reports regularly to the Group Finance
Director on the operation of internal controls in its area of
responsibility.
rthe Chief Executive receives annual reports from senior
executives with responsibilities for major group operations
with their opinion on the effectiveness of the operation of
internal controls during the financial year.
rthe group’s internal auditors carry out continuing assessments
of the quality of risk management and control. Internal Audit
reports to the management and the Audit Committee on the
status of specific areas identified for improvement. Internal
Audit also promotes effective risk management in the lines of
business operations.
rthe Audit Committee, on behalf of the Board, considers the
effectiveness of the operation of internal control procedures
in the group during the financial year. It reviews reports from
the internal auditors and from the external auditors and
reports its conclusions to the Board. The Audit Committee has
carried out these actions for the 2007 financial year.
New subsidiaries acquired during the year have not been
included in the above risk management process. They will be
included for the 2008 financial year. Material joint ventures and
associates, which BT does not control, outside the UK are not
part of the group risk management process and are responsible
for their own internal control assessment.
The Board has approved the formal statement of matters
which are reserved to it for consideration, approval or oversight.
It has also approved the group’s corporate governance
framework, which sets out the high level principles by which the
group is managed and the responsibilities and powers of the
Operating Committee and the group’s senior executives. As part
of this framework the development and implementation of
certain powers relating to group-wide policies and practices are
reserved to identified senior executives.
US Sarbanes-Oxley Act of 2002
BT has securities registered with the US Securities and Exchange
Commission (SEC). As a result, BT is obliged to comply with
those provisions of the Sarbanes-Oxley Act applicable to foreign
issuers. BT complies with the legal and regulatory requirements
introduced pursuant to this legislation, in so far as they are
applicable to the group.
It is the opinion of the Board that the Audit Committee
includes in the person of Phil Hodkinson a member who is an
‘audit committee financial expert’, and who is independent (as
defined for this purpose). The Board considers that the
Committee’s members generally have broad commercial and
business leadership experience, having held various roles in
accountancy, financial management and supervision, treasury
and corporate finance and that there is a broad and suitable mix
of business, financial and IT experience on the Committee.
The code of ethics adopted for the purposes of the Sarbanes-
Oxley Act is posted on the company’s website at www.bt.com/
ethics The code applies to the Chief Executive, Group Finance
Director and senior finance managers.
Disclosure controls and procedures
The Chief Executive and Group Finance Director, after evaluating
the effectiveness of BT’s disclosure controls and procedures as of
the end of the period covered by this Annual Report & Form
20-F, have concluded that, as of such date, BT’s disclosure
controls and procedures were effective to ensure that material
information relating to BT was made known to them by others
within the group. The Chief Executive and Group Finance
Director have also provided the certifications required by the
Sarbanes-Oxley Act.
Internal control over financial reporting
BT’s management is responsible for establishing and maintaining
adequate internal control over financial reporting for the group.
Internal control over financial reporting is designed to provide
reasonable assurance regarding the reliability of financial
reporting and the preparation of financial statements for
external reporting purposes in accordance with IFRS, and the
required reconciliation to US GAAP.
Management conducted an assessment of the effectiveness of
internal control over financial reporting based on the framework
for internal control evaluation contained in the Turnbull
Guidance.
Based on this assessment, management has concluded that as
at 31 March 2007, the group’s internal control over financial
reporting was effective.
There were no changes in BT’s internal control over financial
reporting that occurred during the 2007 financial year that have
BT Group plc Annual Report & Form 20-F 71
Report of the Directors Governance