TomTom 2007 Annual Report Download - page 48

Download and view the complete annual report

Please find page 48 of the 2007 TomTom annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 88

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88

42 RISK MANAGEMENT AND INTERNAL CONTROL REPORT
“The Board believes that the Company maintains an adequate and effective
system of risk management and internal control that complies with the Dutch
Code of Corporate Governance.”
Internal control systems are designed to manage,
rather than eliminate, the risk of failure to achieve
business objectives, and can provide reasonable,
but not absolute, assurance against material
misstatement or loss. As such, the controls are
subject to regular review as the business evolves
and changes.
The Company views the careful management of
risk as a key management activity. The Board
reviews the effectiveness of the systems of internal
control relative to strategic, financial, operational
and compliance risks. The Board discusses risk
management and internal controls with the
Supervisory Board on at least a quarterly basis.
The Company embeds risk management into
periodic planning and internal control mechanisms.
Atop-down approach is followed, whereby we identify
the major risks that could affect our business and
our preparednessshould these problems arise.
The key features of the systems of internal control are:
clearly defined lines of accountability and
delegation of authority, together with
comprehensive reporting and analysis against
approved budgets;
minimisation of operating risk, by ensuring that
the appropriateinfrastructure, controls,
systems and people are in place throughout the
businesses. Key policies employed in managing
operating risk include segregation of duties,
authorisation of transactions, monitoring, and
financial and management reporting;
centralised treasury operations to manage the
investment of cash balances and exposure to
currency transaction risks. Treasury policies,
risk limits and monitoring procedures that are
approved annually by the Supervisory Board; and
a Code of Conduct and a Code of Ethics
accessible by staff via our intranet site. The
Code of Conduct is also availableon the
TomTom website (www.tomtom.com).
Assurance on compliance with systems of internal
control, and on their effectiveness, is obtained
through management reviews, control self-
assessment, internal audits and testing of certain
aspects of the internal financial control systems by
the external auditors during the course of their audit.
During 2007 we made the following changes to our
internal control systems, which we believe have led
toimprovements in our control environment:
adoption of our principle-based Product Creation
Framework for all major product lines. As part of
this framework, components used in our products
are de-risked at the earliest possible opportunity
in the design phase to ensure a smooth
transition from design to mass production;
broadening of our Information Technology and
Telephony infrastructure and capabilities;
in order to reduce our time-to-market for new
innovations and to increase the predictability
and reliability of our development processes we
reorganised our Development department into
separated Product Design and Technology
departments;
formation of our Security Committee and
Security department;
strengthening of our supply chain capability,
predictability and flexibility, by dual-sourcing our
high volume products and by expanding our
Engineering and Quality Assurance departments;
implementation of our General Performance
Scheme, a consistent framework for
performancemanagement which aligns clear
target and objective setting with personal
development; and
review of the Group Corporate Insurance
portfolio and implementation of changes to
improve coverage, and to identify and mitigate
additional areas of risk.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Internal control over financial reporting is a process
designed toprovide reasonable, but not absolute,
assurance regarding the reliability of management
and financial reporting, in accordance with
generally accepted accounting principles. Controls
over financial reporting, policies and procedures
include controls to ensure that:
commitments and expenditures are
appropriately authorised by management;
records are maintained accurately and fairly
reflect transactions;
any unauthorised acquisition, use or disposal of
the Company’sassets that could have a
material effect on our financial statements
would be detected on a timelybasis; and
transactions are recorded as required to permit
the preparation of financial statements.
Due to inherent limitations, internal controls over
financial reporting may not prevent or detect
misstatements. Risk management and control
systems provide reasonable assurance that the
financial reporting does not contain any material
inaccuracies. No material weaknesses were
identified during the year. These systems are deemed
to have functioned properly during the year under
review, and there is currently no indication they will
not continue to do so in the forthcoming period.
Amsterdam, 21 February 2008