Internal control comprises the control of the Company’s and the Group’s organisation, procedures and support measures. The objective is to ensure that reliable and accurate financial reporting takes place, that the Company’s and the Group’s financial reporting is prepared in accordance with law and applicable accounting standards, that the Company’s assets are protected and that other requirements are fulfilled. The system for internal control is also intended to monitor compliance with the Company’s and the Group’s policies, principles and instructions. Internal control also comprises risk analysis and follow-up of incorporating information and business systems. The Group identifies, assesses and manages risks based on the Group’s vision and goals. Risk assessment of strategic, compliance, operational and financial risks shall be performed annually by the CFO and presented to the audit committee and the board of directors.
The board of directors and the board’s audit committee are responsible for internal control. Processes managing the business and delivering value shall be defined within the business management system. The CEO is responsible for the process structure within the Group.
A self-assessment of minimum requirements of defined controls mitigating identified risks for each business process shall annually be performed and reported to the audit committee and the board of directors. The CFO is responsible for the self-assessment process, which is facilitated by the internal controls function. In addition, the internal controls function performs reviews of the risk and internal controls system according to plan agreed with the board of directors and Group Management.