Experian 2015 Annual Report Download - page 72

Download and view the complete annual report

Please find page 72 of the 2015 Experian annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 179

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179

Defined
governance
structure
Defined Board and Board committees’ terms of reference
Defined global and regional authorities
Review of significant business commitments through global and regional strategic project committees
Oversee the risk management process through global and regional risk management committees
Report regularly on risk to the Audit Committee and Board
Identify risks Assess the potential effect of each strategic, operational and financial risk on the achievement of our
business objectives, and the Group’s corresponding risk appetite
Identify and escalate new, emerging or changing risks, significant control gaps and risk acceptance
Consider external factors arising from our operating environment and internal risks arising from the
nature of our business, its controls and processes, and our management decisions
Evaluate control
environment
Evaluate compliance with policies and standards addressing risk management, compliance,
accounting, treasury management, information security, fraud and whistleblowing
Follow formal review and approval procedures for major transactions, capital expenditure
and revenue expenditure
Monitor budgetary and performance reviews tied to KPIs and achievement of objectives
Apply a risk scoring system, based on our assessment of the probability of a risk materialising,
and the impact (including speed) if it does
Require executive management confirmations of compliance with Experian’s corporate governance
and corporate responsibility processes
Respond to risks Have active risk remediation strategies, including internal controls, insurance and specialised
treasury instruments
Use formal review and approval procedures for significant accepted risks
Communicate Board- and Group-level finance reports, including financial summaries, results, forecasts and revenue
trends, investor relations analysis and detailed business trading summaries
Regional-level detailed performance reviews
Regional and executive risk management committee and Audit Committee risk reporting on the status
of principal and emerging risks, the progress of strategic projects and acquisitions, and escalation of
significant accepted risks
Group Internal Audit reporting to the Audit Committee on assurance testing and fraud and confidential
helpline investigation results
Monitor Comprehensive risk registers representing the current risk and control environment
Management, internal audit and third-party control reviews and follow-ups
Group Internal Audit independent assessment of the adequacy and effectiveness of the system
of internal controls
A variety of Audit Committee risk reporting, addressing material and emerging risks, material litigation,
information security, regulatory compliance and social media
Audit Committee annual review of the effectiveness of Experian’s systems of risk management
and internal control; receipt of an annual report on the controls over relevant risks
Tone of the organisation
First Line
Business unit management
and process owners
Second Line
Independent risk management
and compliance functions
Third Line
Internal assurance
providers
Board risk oversight
Three lines of defence – Assurance model
Executive managementBoard risk oversight
Corporate governance report continued
70 Governance Corporate governance report