The Internal Control System comprises a series of rules, procedures and organisational frameworks designed to deliver the following objectives:
- Ensure corporate strategies are respected
- Ensure the efficiency and effectiveness of company processes
- Safeguard business values
- Ensure activities conform with all current laws and regulations.
IP Gruppo api takes a three-tiered approach to monitoring, measuring and controlling potential risks (market, operative, reputation, compliance), as illustrated below.
Levels of the control system
Level 1 controls - or line controls – are designed to ensure operations are carried out correctly. These controls are implemented internally and set out in corporate procedures. They are the basis of the total internal control system.
Level 2 controls - or risk and compliance controls – have the aim of ensuring the management risk process is carried out correctly and that specified operational limits are respected over the various functions. They also extend to ensuring that company operational rules are complied with, including self-imposed regulations.
The roles responsible for these controls are distinct from those in production.
Level 3 controls - audit – are focused on periodically evaluating and verifying the thoroughness, functionality and adequacy of the internal control system. The purpose of the activity is to identify anomalous trends, violations of procedures and regulations, and to evaluate how well the overall internal control system functions.