Marks and Spencer 2015 Annual Report Download - page 46

Download and view the complete annual report

Please find page 46 of the 2015 Marks and Spencer annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 132

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132

44
MARKS AND SPENCER GROUP PLC
DIRECTORS’ REPORT: GOVERNANCE
ACCOUNTABILITY
RISK IN ACTION
Internal Audit & Risk comprises both the
Group Risk function and Internal Audit.
Group Risk facilitates and manages the risk
process that is ultimately owned by the
Group Board. Internal Audit, accountable
to the Audit Committee, uses a risk-based
approach to provide independent
assurance over the adequacy and
e ectiveness of the control environment,
including controls related to key risks
on the Group Risk Profi le. Management
actions from all of our audits are tracked
to completion and the status of these
actions is reported to the Audit Committee
to ensure that the risks identifi ed are
appropriately addressed. This will, in turn,
further mitigate the risks included in our
Group Risk Profi le.
The following examples illustrate how
Internal Audit supports the business
through driving improvements to our
control environment and adding value
in core business areas.
RISK: INTERNATIONAL EXPANSION
In support of the Group’s international
growth plans, Internal Audit reviewed the
process to identify and approve new store
locations, with a focus on Asia. The audit
con rmed that we have a well de ned
governance structure in place through the
Proper ty Board , from the review of initial
new stores proposals, to the formal post-
investment reviews that measure actual
performance against initial estimates.
The audit highlighted an opportunity to
improve the quality and consistency of data
supporting these initial estimates prepared
by the in-country teams, including greater
alignment with the process for UK stores.
This would support better decision-making
and enable more e ective comparison of
proposals across countries. The audit also
recommended more robust tracking of
actions agreed at the post-investment
reviews through to their completion, to
drive profi tability.
RISK: GM CUSTOMER ENGAGEMENT
The continuous improvement of our
customers’ online experience is an
important part of driving customer
engagement. Following last year’s M&S.com
website launch, Internal Audit reviewed the
process to maintain product content online,
including narrative product descriptions,
photographic images, and the navigation
paths supporting customer searches.
Our review confi rmed that robust review
mechanisms are in place to minimise the
risk of errors or omissions in product
information on the website. However,
in instances where data is missing or
incorrect, delays in resolution can impact
the timeliness with which products are
launched online. The audit recommended
clearer defi nition of roles and
responsibilities between the GM teams
developing and buying the products, and
the M&S.com team managing the website
content, and a more structured “critical
path” for product launches online.
RISK: IT CHANGE
In 2014/15 new agreements were
implemented with a number of third-party
IT service providers, covering areas such as
Infrastructure and Application Support
and End User Computing. E ective
management of our IT service providers is
a key element of managing IT change risk,
ensuring, for example, that IT changes
are executed in line with M&S IT policies.
Internal Audit conducted a review to assess
the e ectiveness of IT service provider
management processes. The audit provided
assurance that signifi cant focus had been
placed on the successful implementation
of the new agreements. Atthe time of the
audit there was further work required to
clearly defi ne vendor management roles
and responsibilities and to implement
monitoring against all contractual service
levels, both of which have subsequently
been addressed.
RISK AND THE ROLE OF INTERNAL AUDIT
RISK INTERDEPENDENCY
We recognise that there is signifi cant
interdependency between our keyrisks.
This diagram, based on our current Group
Risk Profi le, highlights how changes to one
risk could impact on those connected to it,
and therefore on the Group Risk Profi le as a
whole. By understanding the relationship
between our key risks, if they were to
materialise, we are better placed to ensure
that we are managing them appropriately
and to understand the entirety of our
risk exposure.
The highlighted risks illustrate potential
interdependent risk scenarios:
The success of our business is highly
infl uenced by our ability to retain quality
individuals 10 . The loss of key product
developers would impact our ability to
provide a point of di erence against our
competitors in terms of quality, value and
innovation 3, whilst maintaining expertise
in our Food technology team enables us to
maintain high standards of fo od safet y and
integrity across our products and supply
chain in an increasingly challenging
environment 2. Our customers tell us
that they trust us to do the right thing.
By maintaining these high standards of
food safety and integrity, we continu e to
stand out from our competitors 3.
Strong GM customer engagement 1 is
infl uenced by our ability to maximise
product availability and provide customers
with an e cient and reliable delivery
proposition 12 . The robustness of the
online business 7 will also impact this
supply chain and logistics network, aswell
as having a direct in uence on customer
engagement through the provision of a
reliable online experience.