From the Boardroom
51
The members of the Compensation Committee as at 31
December 2012 were:
• Dag Mejdell, Chair
• Hilde Ringereide
• Ingrid Lund
Arrangements for anonymous employee contact with the
Board.
EVRY places great importance on ensuring that employees can
freely express their views and provide feedback to the Board.
In order to ensure anonymity, the Board has set up a contact
point for ‘whistleblowers’ through the law firm Hestenes
og Dramer & Co in Oslo to ensure that information can be
submitted directly to the Chairman of the Board without the
company knowing the identity of the sender. The Board has
drawn up a specific policy for the handling of such referrals,
including arrangements to monitor the progress of each case.
The Board’s evaluation of its own work.
The Board carries out an annual evaluation of its own
performance, working arrangements and competence. The
Chairman of the Board prepares a report on this evaluation,
which is made available to the Election Committee. The Board
also carries out a similar evaluation of the CEO.
10. Risk management and internal control
Main features
EVRY’s risk management and internal control is based on
elements of the COSO framework, and helps ensure that
EVRY has unified control in place that covers the company’s
operational activities, financial reporting and compliance
with legislation and regulation.
Group internal audit
EVRY has a separate internal audit department, which reports
directly to the Board and the Audit Committee. The Board has
approved a mandate that defines the objectives, authority and
responsibility of the internal audit function. The internal audit
department is managed by the head of Internal Audit, and has
three full-time equivalent employees. The department’s work
is based on an annual program that is evaluated and approved
by both the Board and the Audit Committee.
Finanstilsynet (the Financial Supervisory Authority of Norway)
is not directly responsible for supervising EVRY, but can exer-
cise control over the group through the banks in accordance
with the ICT regulations. EVRY has chosen to follow an open
approach in its relationship with Finanstilsynet.
Operational control
EVRY has implemented a regime with an Approval Authority
Matrix and guidelines to specify the level of authority granted
to individuals and the next level of authority required to
decide or approve matters beyond the individual’s authority.
The level of authority delegated to the CEO is approved by
the Board, and the entire Approval Authority Matrix, i.e. the
manner in which the CEO delegates this authority, has been
considered and approved by the executive management and
reviewed by the Audit Committee. The group’s organisational
structure defines five levels of decision-making committees,
which have clearly defined authority limits for all the relevant
types of decisions.
EVRY has a legal department, managed by the in-house
attorney who reports directly to the CFO. The head of the
legal department also fulfils the role of secretary to the Board
and therefore has direct access to members of the Board.
Procedures and guidelines are in place to ensure that the legal
department is involved in all activities over a certain size that
might represent legal risks for the group, including bidding
for contracts and entering into agreements. The group has
standard policies for contract terms and conditions.
EVRY’s CEO and CFO hold monthly status meetings with
each business area. These meetings review commercial
performance and decide on appropriate follow-up measures.
EVRY operates a risk management process for its delivery and
development processes. The CEO and Board receive periodic
reports. EVRY’s framework for risk management uses a
predefined process and methodology, and work is underway
to ensure that this framework is harmonised throughout the
merged company.
The company strives to adapt its control processes to local
operations and to ensure a pro-active approach to risk
management, so that the risks involved in normal operations
are systematically identified, analysed and managed. It also
ensures that risk exposure is continually monitored.
Corrective measures are identified and defined, as is
responsibility for following up specific risk areas.
EVRY also continually monitors market conditions and
key economic figures that provide the basis for evaluating
financial risk.
Risk related to financial reporting
EDB Business Partner ASA was a subsidiary of Telenor ASA
prior to the merger with ErgoGroup AS in October 2010.
As a result of this relationship, EDB Business Partner ASA was
subject to the Sarbanes Oxley Act (SOX) because Telenor ASA
was listed on the NASDAQ exchange.
1...,41,42,43,44,45,46,47,48,49,50 52,53,54,55,56,57,58,59,60,61,...134