46
Organisational and resource management risks
These risks include problems in the planning, management and monitoring of financial, material and human resources, and difficulties in
interdepartmental communications and decision-making, including possible quality problems and other threats in the course of the Group’s
activities.
These risks relate to the following areas:
- Budget Control
- Credit Management
- Receivables Management
- Payables Management
- Personnel Management
- Fraud
Data processing risks
These risks include problems in data processing in information systems, mainly in the following areas:
- Human Error
- Completeness of Invoicing
- Completeness of Master Files
- Review
Presentation and process risks
These risks can lead to ineffectiveness and inefficiency within the Group structure when drawing up financial reports in terms of quality, time
and costs, and include the following aspects:
- Timeliness of the information
- Compliance with internal standards and
Policies Business environment risks
Business environment risks arise due to external factors which can lead to significant changes in the basis underlying internal control of the
objectives of financial reporting and the Group’s strategies. Business environment risks are related to the following matters:
- Failure to comply with commitments undertaken
- Fiscal contingencies
Outsourcing risks
Outsourcing risks arise as a result of the process of transferring part of the administration service to a third party, and are categorised as
follows:
- Service Level Agreements.
- Availability
- Personnel Management
- Knowledge Management
- Legal
The risk identification and assessment process is carried out by the Internal Audit Department and supervised by the Audit and Control
Committee as part of its duties.
• Whether the process covers all financial reporting assertions (existence and occurrence; completeness; evaluation; presentation, disclosure
and comparability; and rights and obligations), whether it is updated and how often.
In order to ensure the reliability of Financial Reporting, when identifying risks and controls, the accounting errors that may arise from the
following objectives for financial information are always considered:
• Completeness: balances or transactions that should be recorded but are not.
• Transaction cut-off: those booked in a period other than when they were accrued.
• Accuracy: transactions recorded with errors (amounts, conditions).
• Occurrence/Existence: transactions that have taken place within the period.
• Valuation/Allocation: record of transactions involving incorrect sums due to inadequate valuation calculations.
• Presentation/Classification: classification errors in the various entries of the financial statements.
• The existence of a process for identifying the consolidation perimeter, taking aspects such as the possible existence of complex company
structures, and instrumental entities or those with a specific purpose into account.
The Financial Department will consolidate the accounts every month.
This process starts with the consolidated accounts being received from the various Business Units each month. These are checked and
approved to ensure they comply with the established principles of control and significant influence.
The last phase of this process involves verifying the standardisation adjustments affecting the income statement (monthly) and the balance
sheet (quarterly)
Furthermore, in this respect, a distribution list has been set up for people in the Finance Department to whom any change on the Group’s
company map and the exits from and entries into new centres must be reported to in order to ensure control over changes to the consolidation
perimeter.
ANNUAL CORPORATE GOVERNANCE REPORT