Internal control is a key element in sound risk management, and Statkraft is focusing on further development of internal control. The overall management system, ”The Statkraft Way”, defines the Group’s guidelines and contributes to a sound control environment for fulfilling the management’s goals. Internal control requirements have been incorporated into HSE, ethics, ICT, corporate responsibility and financial reporting.
The Group’s internal control network annually prepares a financial risk map which is presented to the Group Management and the audit committee. Business and support processes for handling the inherent risk are identified on the basis of the Group’s risk map.
Internal control over financial reporting
The system for internal control over financial reporting contributes to trustworthy and timely financial information in Statkraft’s reports, and is based on the COSO frameworks for internal control (COSO 1992), published by the Committee of Sponsoring Organizations of the Treadway Commission.
All subsidiaries are required to comply with the internal control system as described in ”The Statkraft Way” and in the Group’s finance manual. The same applies to other companies where Statkraft is responsible for the accounting and financial reporting. If a third party is responsible for the accounting and financial reporting, the responsible segment in Statkraft must carry out compensating controls as described in the finance manual.
The main elements of the internal control system are risk assessment, control measures, self-evaluation, reporting and continuous exercise of control and compliance follow-up.