Atria’s Group Control function handles internal audits in collaboration with an external service provider. The Board of Directors approves the annual plan for internal audit. The preparation of the audit plan is guided by risk management, issues identified as part of the Group’s internal reporting, goals related to improving the quality and efficiency of operations, and current issues in the company’s business environment. Where necessary, internal audit also conducts separate studies commissioned by the Board of Directors or the Group’s management.
Internal audit ensures and evaluates the functioning of the company’s internal control system, the relevance and efficiency of activities, and compliance with guidelines. It also aims to promote the quality of the operations and process, ensure the achievement of Atria’s targets and the functioning of risk management, and highlight best practices of various functions and opportunities for developing them.
Internal audit assesses the following areas:
- Accuracy and adequacy of financial information
- Compliance with operating principles, codes of practice and regulations
- Protection of property against losses
- Cost-efficiency and effectiveness of the use of resources
- Implementation of changes
- Opportunities provided by various practices and the utilisation of best practices.
The results of internal auditing are documented and discussed with the audited area of operation and Group management. A summary of the audit results is presented to the Board of Directors at least once a year. Regular discussions are held with the external auditor in order to ensure that the audit activities cover a sufficiently wide range of operations and to avoid overlapping audit activities.