Internal control principles

The Board of Directors of Orion has defined the Company’s principles for internal control in the Company. Management practices and management culture are based on compliance with the law and the Articles of Association, and with Orion’s values and ethical business practices. Internal control is part of normal steering and management of operations, as described in the management system, and it is supported by risk management, the audit and internal auditing. The aim of internal control is to ensure that operations are efficient and profitable, operational risks are adequately managed, laws and regulations are complied with and information is reliable. It is based on clear setting and monitoring of objectives, and effective and pragmatic risk management.

In practice, the management of each sub unit is responsible for its internal control, and each business unit or function organises internal control in its own unit or organisation in accordance with the principles in the policies and guidelines set at Group level. Key guidelines are included in the Group’s Corporate Governance Manual.

Risk management in Orion Group

Risk management constitutes a significant part of the Orion Group’s corporate governance and is an integral part of the Company’s responsibility structure and business operations. The aim is to identify, measure and manage the risks that might threaten the Company’s operations and the achievement of the objectives set for the Company.

Overall risk management processes, practical actions and the definition of responsibilities are developed by means of regular risk identification approaches covering the following areas:

• strategic risks, including research and development risks
• operational risks, including sales and business risks, as well as risks related to production, safety and the environment
• financial risks, including market, credit and liquidity risks

Operational risk management also includes project-specific risk management.

Risk management is described in more detail on separate pages:

Strategic risks 
Operational risks
Financial risks

Control measures

For financial steering and reporting, the Group has a reporting system intended to provide the management sufficient and timely information to plan and manage the operations. Orion has Group-wide guidelines and supporting policies for financial steering and harmonising practices. The guidelines and the Company’s extensive enterprise resource planning system ensure uniformity in processes. The Group’s finance department handles financing, Group accounting and tax affairs centrally. In addition, finance personnel in subsidiaries, and the centralised Controller function ensure uniform practices in every country and business area.

Reporting and communications

Orion’s efficient and uniform processes are based on the integrated enterprise resource planning system. For steering of operations, monthly financial reports are produced presenting actual results achieved, a comparison of actual results with targets, and a forecast of future development. Orion also uses numerous indicators in target setting and follow-up in various functions to aid supervision and steering of operations in accordance with the objectives set.

Follow-up and auditing

The Audit Committee of the Board of Directors evaluates the effectiveness of the Company’s internal control and is responsible for evaluating the effectiveness of the internal reporting process. The external audit of the Group companies is carried out in accordance with the applicable laws and the Articles of Association.

The objective of the statutory audit is to verify that the financial statements and the report of the Board of Directors give a fair and adequate presentation of the results of the operations and the financial position of the Group. The audit also includes auditing of the Company’s accounting and administration. The designated auditor of the parent company's auditor co-ordinates the audit of the subsidiaries of the Group in co-operation with the President and CEO and the Internal Audit of the Group.

For the purpose of the supervision and steering of operations, the Group has in addition an internal audit function subordinate to the President and CEO with the central task of examining and evaluating the effectiveness and credibility of the internal control and risk management of the companies and units belonging to the Group.