Atria’s Group Control function handles internal audits in collaboration with an external service provider. An audit plan is drawn up annually for internal audit and approved by the Board of Directors. The priority areas of the audit plan are affected by risk management, issues identified as part of the Group’s internal reporting, goals related to improving the quality and efficiency of the operations, and current issues in the company’s business environment. Where necessary, internal audit also conducts separate studies commissioned by the Board of Directors or the Group’s management.
Internal audit ensures and evaluates the functioning of the company’s internal control system, the relevance and efficiency of the activities, and compliance with guidelines. It also aims to promote the quality of the operations and process, ensure the achievement of Atria’s targets, support the development of risk management practices, and highlight best practices and opportunities in various functions.
Internal audit assesses the following areas:
- Accuracy and adequacy of financial information
- Compliance with operating principles, codes of practice and regulations
- Protection of property against losses
- Cost-effectiveness and efficiency in the use of resources
- Implementation of changes
- Opportunities provided by various practices and the utilisation of best practices
The results of internal auditing are documented and discussed with the audited area of operation and Group management. A summary of the audit results is presented to the Board of Directors at least once a year. Regular discussions are held with the auditor to ensure that the audit activities cover a sufficiently wide range of operations and to avoid overlapping activities.