Marks and Spencer 2010 Annual Report Download - page 58

Download and view the complete annual report

Please find page 58 of the 2010 Marks and Spencer annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 126

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126

Marks and Spencer Group plc Annual report and financial statements 2010 Directors’ report 54
How do we manage our risks and controls?
Our aim is to build a sustainable business through consistent, profitable
growth and to make sure that our customers and wider stakeholders
can always trust us to do the right thing. We recognise that creating
shareholder value is the reward for taking acceptable risks.
The Board has overall accountability for running the business
effectively – making sure risks are managed and it’s all under
control. Internal controls and risk management are designed to limit
the chance of failure to achieve corporate objectives. Independent
assurance is provided by the external auditors and internal audit,
who present their findings regularly to the Audit Committee.
We have adopted an integrated approach to our risk
management, independent assurance and internal controls to
ensure greater linkage across our review and assessment of risk.
How does the Board know it’s all under control?
We are an extensive business with a wide range of objectives
and risks. The Board is responsible for ensuring that everything
goes according to plan and that reporting lines and individual
accountabilities are clearly understood. We also have operating
policies and procedures covering everything from financial planning
and reporting, capital expenditure, project governance and
information security to business continuity, employee performance
management and how we do business. Detailed policies and
procedures are in place to ensure the accuracy and reliability of
financial reporting and the preparation of consolidated financial
statements.
This year the Board has reviewed and agreed changes to
some key polices and procedures including:
reconstitution of the Management Board to clarify its
accountabilities for strategic initiatives, risk management, business
processes, systems and controls;
establishment of the Group Investment Committee through which
all investment and commitment between £1m-£15m is now
reviewed, giving greater visibility, control and consistency to the
approval process across the Group;
acceleration of Lead to Succeed, our leadership development
programme that started last year, to drive the business forward
through collaborative working, sharper focus on the customer and
clearer accountabilities; and
ongoing tight control of our cash flow, working capital, cost
management and capital expenditure. We have also reviewed our
financial headroom and debt profile resulting in a bond
buy-back and issue of new debt.
How does the Board get a clearer picture of the risks?
Every six months the Board reviews the Group Risk Profile the tool
that drives business improvement and internal audit activity. This is
supported by an ongoing process for identifying, evaluating and
managing the significant risks faced by the Group. Our principal risks
and uncertainties are set out on pages 56-57.
The Audit Committee is responsible for monitoring the risk process
and this year provided challenge in a number of areas. As a result we
have improved the risk process to make it more dynamic and
insightful, whilst keeping it simple and practical. Key changes include:
greater Management Board engagement so that risks are clearly
understood and owned by executives;
clearer categorisation of risk likelihood and impact criteria to draw
out the most critical risks;
more detailed understanding of the potential causes and
consequences for the top risks in each business area and the
impact of any existing mitigation and assurance activity; and
more insightful risk reporting to highlight consistent themes,
enable the Board to make informed decisions on strategy and
provide the Audit Committee with assurance over the adequacy
and effectiveness of risk management.
Further discussion on financial risk management is given on pages
102 to 105.
Governance report
Accountability
ASSURANCE
On behalf of the Board, the Audit Committee examines the
effectiveness of the Group’s:
systems of internal control, primarily through approving the
internal audit plan and reviewing its findings, reviews of the
annual and half year financial statements and a review
of the nature, scope and reports of external audit;
management of risk by reviewing evidence of risk assessment
activity and an internal audit report on the process;
action taken or to be taken to manage critical risks or to
remedy any control failings or weaknesses identified.
The Audit Committee has completed its review of the
effectiveness of the Group’s systems of internal control during
the year, which are in compliance with the Turnbull Guidance
2005. It confirms the necessary action plans to remedy identified
weaknesses in internal control are in place and have been
throughout the year.