Marks and Spencer 2013 Annual Report Download - page 50

Download and view the complete annual report

Please find page 50 of the 2013 Marks and Spencer annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 120

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120

Governance Marks and Spencer Group plc Annual report and financial statements 2013 48
Accountability continued
Risk: International
Internal Audit have carried out a number of
International operational reviews including China
and the Balkans. Both audits were designed to
assess the adequacy and effectiveness of
internal controls, but varying risk profiles meant
work focused on different functional areas.
China was included on the plan due to its
strategic importance and significant growth
plans whilst the Balkans was selected following
a change in the ownership model.
In China there were opportunities to improve
operational reporting and automate controls to
improve supply chain efficiencies. In the
geographically dispersed Balkan stores there
were opportunities to improve compliance with
certain operating standards.
Risk: Multi-channel
We reviewed the design of the payment process
for the new online platform to assess the
adequacy of the planned control environment.
We also evaluated whether proposed
programme testing would maximise operational
effectiveness. The selection of Payment Control
Design as the area of focus recognises that
payment processes carry a high level of inherent
risk. The audit identified the need to ensure that
operational processes retain flexibility as future
business requirements develop, and to ensure
that the end to end customer journey meets
expectations.
Risk: Distribution centre restructure
Internal Audit scheduled a review to assess the
adequacy and effectiveness of controls over
supplier compliance with product packaging
and labelling requirements; a high risk area of
the Distribution Centre Restructure programme.
The level of risk is conferred by our large and
geographically disparate supply base, with
suppliers required to achieve compliance for
distribution centre go live. The audit identified
opportunities to improve reporting processes
and procedures relating to supplier compliance
rates to focus attention on the measures that
are most critical for go live.
Management actions
Management actions from our audits are tracked to completion and the status of these actions is reported to the Audit Committee
to ensure that the risks identified are appropriately addressed. This will, in turn, further mitigate the risks included in our Group
Risk Profile.
Programme & IT change
1. Our new online platform (Multi-channel) and our Distribution
centre restructure are highly interdependent programmes reliant on
significant IT change. Failure to deliver these key programmes or
adequately manage associated IT change could increase the likelihood of
cumulative failure.
2. Cumulative failure in the successful delivery of our major business
programmes would significantly impact our ability to realise agreed benefits.
3. The success of the new platform in supporting our aim to be a leading
multi-channel retailer will be influenced by a number of factors, one being
our ability to keep pace with ongoing developments in the Omni-channel
world, currently considered to be a potential ‘emerging risk.
GM product
1. To ensure GM product meets our core customers’ expectations, the
business needs to react with pace to changes in consumer preference in
the context of a challenging Economic outlook.
2. Our UK catalogue is the core of our international offer; delivering GM
product style and quality is critical in achieving our aim to grow our
International business.
3. UK and international sales performance against plan is a key contributory
factor in our ability to achieve effective GM stock management.
4. Other potential emerging risks (for example Changing competitor
environment) may impact the relevance of our GM product and our
engagement with our core customer.
Risk interconnectivity
We continue to recognise the significant interdependency between our key risks, which is in part a product of our heavily
interconnected business environment (both in terms of systems and processes). The following diagrams are based on our current
Group Risk Profile. Both are designed to highlight how changes to one risk could impact on those connected to it, and therefore on
the profile as a whole. We have incorporated a number of potential emerging risks which do not feature on our Group Risk Profile at
this point in time, but could influence our business in the longer term, illustrating how emerging risk is considered by the Board.
Risk and the role of Internal Audit
Internal Audit & Risk comprises both the Group Risk function and Internal Audit. Whilst Group Risk facilitates and manages the
risk process that is ultimately owned by the Group Board, Internal Audit are accountable to the Audit Committee. Audit projects
are often closely aligned to the Group Risk Profile due to the risk-based approach used to prioritise audit work. The following
examples illustrate how Internal Audit work supports Group Risk whilst driving improvements to our control environment and
adding value in core business areas.
Changing
competitor
environment
(4)
GM product
(1)
Economic
outlook
(1)
International
(2)
GM stock
management
(3)
IT change
(1)
Multi-channel
(1)
Omni-channel
(3)
Programme
and workstream
management
(2)
Distribution
centre
restructure
(1)
Key:
Emerging risk
Group risk
Key:
Emerging risk
Group risk