Experian 2008 Annual Report Download - page 51

Download and view the complete annual report

Please find page 51 of the 2008 Experian annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 148

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148

49Experian Annual Report 2008
Introduction
2 – 5
Business review
6 – 37
Financial statements
65 – 144
Governance
Corporate governance statement
Governance
Corporate governance statement
The board confirms that there is an ongoing process for identifying, evaluating and managing the significant risks
faced by the Group, including those risks relating to social, environmental and ethical matters. This process was in
place throughout the year under review and up to the date of approval of the annual report and meets the requirements
of the Code. For certain joint arrangements, the board places reliance upon the systems of internal control operating
within the partners’ infrastructure and the obligations upon partners’ boards relating to the effectiveness of their own
systems. In the board’s view, the information it received was sufficient to enable it to review the effectiveness of the
Group’s system of internal control in accordance with the ‘Internal Control Revised Guidance for Directors’ contained
in the Code. The audit committee has kept under review the effectiveness of this system of internal control and has
reported regularly to the board.
The key procedures, which operated throughout the year, were as follows:
Risk assessment:
The Group set out its objectives clearly as part of its planning process and organisation design. These objectives
l
were then incorporated as part of the planning cycle and supported by the use of both financial and non-financial key
performance indicators.
Risks were methodically anticipated, identified, assessed and appropriately mitigated as part of an enterprise-wide risk
l
management process operating throughout the Group on an ongoing basis and headed by an Executive Risk Management
Committee.
Senior management made presentations on risk to the audit committee, which reported regularly to the board on the risks
l
facing the Group’s business.
The audit committee has delegated responsibility from the board for reviewing the effectiveness of the Group’s
l
internal controls and received its annual report on the controls over these risks. This included risks arising from social,
environmental and ethical matters.
Control environment and control activities:
The Group has established procedures for delegated authority which ensure that decisions that are significant, either
l
because of their value or the inherent degree of risk, are taken at an appropriate level.
The Group has implemented appropriate strategies to deal with each significant risk that has been identified. These
l
strategies include internal controls, insurance and specialised treasury instruments.
The Group sets out principles, policies and standards to be adhered to throughout its business. These include risk
l
identification, management and reporting standards, ethical principles and practice, accounting policies, treasury policy,
information security policy and policy on fraud and whistleblowing.
Information and communication:
The Group has a comprehensive system of budgetary control, including monthly performance reviews for each major
l
business. These reviews are at a detailed level within each region and global business line and at a high level for the board.
On a monthly basis, the achievement of business objectives, both financial and non-financial, was assessed using a range
l
of performance indicators. These indicators were regularly reviewed to ensure that they remain relevant and reliable.
The Group had whistleblowing procedures in place for employees to report suspected improprieties.
l
Monitoring:
A range of procedures were used to monitor the effective application of internal control in the Group, including
l
management assurance, through the ongoing risk management process, and independent assurance, through internal
audit reviews and reviews by specialist third parties.
The internal audit departments responsibilities include reporting to the audit committee on the effectiveness of internal control
l
systems, focusing on those areas considered to be of greatest risk to the Group.
Follow-up processes were used to ensure there was an appropriate response to changes and developments in risks and
l
the control environment.