Iren S.p.A. has adopted an Internal Control and Risk Management System (ICRMS) to manage and monitor major business risks in order to contribute to the sustainable success of the entire Group.
The Board of Directors defines the guidelines of the ICRMS in accordance with the company's strategies and annually assesses its adequacy and effectiveness. The Board of Directors defines the principles concerning the coordination and the flow of information among the parties involved in the Internal Control and Risk Management System with the aim of maximising the effectiveness of the system itself, reducing the duplication of activities and ensuring the successful performance of the duties of the control body.
The organisation of the Internal Control and Risk Management System involves the following figures and the respective competencies:
- the Board of Directors plays a role in guiding and assessing the adequacy of the system;
- the Directors in charge of establishing and maintaining the ICRMS, i.e., the Chair, Deputy Chair, and Chief Executive Officer, each with reference to the area to which their respective delegated authority pertains;
- the Control, Risk and Sustainability Committee (CRSC) set up within the board of directors, with the task of supporting the Board of Directors’ assessments and decisions relating to the ICRMS through adequate investigation activities and relating to the approval of periodical financial and non-financial reports.
- the Head of the Internal Audit function, who is in charge of verifying that the ICRMS is functional, adequate and consistent with the guidelines defined by the Board of Directors;
- the Board of Statutory Auditors monitors the effectiveness of the Internal Control and Risk Management System;
- the Supervisory Board, appointed by the Board of Directors pursuant to and in accordance with Legislative Decree 231/2001;
- the other corporate functions involved in the Internal Control and Risk Management System (such as the Risk Management Department and the functions dealing with legal and non-compliance risk), which are articulated in relation to the Iren Group’s size, sector, complexity and risk profile, among which, in particular, the Risk Management Director.