Internal risk management and control system

Operation of the internal risk management and control system

Pursuant to best practice provisions II.1.3 and II.1.4 of the Code, the Management Board is responsible for Nuon’s internal risk management and control system. This system is designed to provide reasonable assurance that the achievement of strategic and operational objectives is monitored, that the financial reporting is reliable and that the laws and regulations are complied with. Nuon applies COSO-II as a reference model is this connection. Our internal risk management and control system is embedded in the Risk Management Framework.

The internal risk management and control system is aimed at ensuring that the most important risks are identified and that appropriate measures of control are taken in relation to these risks. The Risk Management Framework constitutes an essential part of our internal risk management and control system. A description of the Risk Management Framework and an overview of the most important risks can be found on page 54.

Important components of the internal risk management and control systems of Nuon are:

  • The Risk Management Framework that comprises the internal risk management system;
  • The Nuon Governance Manual, which contains regulations, guidelines and procedures that are relevant to the relationship of n.v. Nuon with Nuon group companies, business units and staff (including the Nuon Code of Conduct and the Whistleblower Policy, which can be found on the website www.nuon.com. In addition, the Governance Manual comprises the (IFRS) accounting manual and the reporting manual;
  • The COSO II-based self-assessments in relation to risk management and internal control by the Nuon divisions/business units;
  • The business planning & control cycle, within which a long-term business plan is drawn up, discussed and adopted per division/business unit and for the company as a whole. This is followed up by the discussion and adoption of the divisions’/business units’ annual objectives and budgets and of the company as a whole;
  • The decision of the Management Board to consolidate the commodity market risks at a single unit where these risks are specifically managed and controlled;
  • The Transaction Review Committee which assesses applications for investments, large operational projects and sale and purchase contracts and advises the Management Board on these issues;
  • The assessment and, where necessary, further development of the system of key controls which is partly based on the COSO-II model and which is notably aimed at the control objectives in the field of financial reporting;
  • The Business Control Framework containing the most important control measures;
  • The periodic testing of the proper operation of the system of key controls;
  • The certifications within various divisions/business units in such fields as quality (ISO-9000), the environment (ISO-14000) and safety (VCA);
  • The periodic reporting on the financial and operational performance of the divisions and business units, partly based on a system of KPIs that is continuously measured, developed and maintained;
  • The monthly business reviews by the Management Board with the managements of Nuon divisions/business units that take place partly on the basis of periodic reports;
  • The system of Letters of Representation (LoRs), in which the responsible management confirms the reliability of the financial reporting at corporate and division level;
  • The audits of the Internal Audit Department which are performed in conformity with the year plan adopted by the Management Board and the Audit Committee whose reports and findings are discussed with the Management Board;
  • The follow up of actions taken in response to internal and external audits, on which divisions/business units report to the Management Board on a quarterly basis;
  • The Statements on Business Control of the divisions/business units which the Management Board discusses annually with the responsible management;
  • The monitoring reports on the control status of Nuon that are provided to the Management Board.

Our Risk Management Framework is frequently evaluated and developed on an ongoing basis.\.

Important developments in 2007 were:

  • The further development of the Risk Management Framework;
  • The periodic testing of the operation of key controls which must at least cover the objectives in relation to financial reporting;
  • The establishment of a Business Control Framework at the Fiscal Affairs and Subsidies Department, Nuon Germany and Nuon Belgium in conformity with the system as applied elsewhere within Nuon;
  • The start-up of the project that is aimed at the reinforcement of the compliance function within Nuon;
  • The improvement of the design of the system of controls at a number of divisions/business units.

The Risk Management Framework will not provide absolute assurance in relation to the achievement of the corporate objectives, nor will it give any absolute guarantee that material errors, losses, fraud or violations of laws and regulations cannot occur in processes and/or financial reporting.

With due regard to the above the Management Board is of the opinion that, in the year under review, the internal risk management and control system of Nuon provided a reasonable degree of assurance that the financial reporting contains no inaccuracies of material significance and that the system operated effectively in the year under review. In addition, in the context of what is described above, there is no reason to assume that the risk management and control system relating to control objectives in the field of financial reporting risks will not function properly in the year 2008.

Regarding other control objectives, the Management Board is of the opinion that there is no reason to assume that related risks are not adequately controlled. Further refinements regarding certain points will be made to the Risk Management Framework in 2008. In addition, further measures will be taken to strengthen the internal reporting on compliance.

Based on of the above we are of the opinion that we thus satisfy the best practice provisions II.1.3 and II.1.4 of the Code, taking account of the recommendations of the Corporate Governance Monitoring Committee on the application of said provisions.

The above was discussed with the Audit Committee and the Supervisory Board, in the presence of the external auditor.

Back to Corporate Governance

XWelcome to the reporting site 2007

This website contains all information on the Annual Report 2007. Though the greatest care has been taken in preparing this information, discrepancies may occur compared to the printed report or the PDF on the website. This may lead to an incorrect interpretation of the information or inaccurate conclusions. In the case of discrepancies, the printed (Dutch) Annual Report or the PDF of the Dutch Report shall prevail.

This website also contains the full Social Report 2007. This Social Report is exclusively published online. The information in the Social Report 2007 was prepared with the greatest possible care by n.v. Nuon and verified by PricewaterhouseCoopers. Nevertheless, inaccuracies and/or typing errors can occur. No rights may be derived from this website.

Parts of the site can exclusively be reproduced after explicit permission from n.v. Nuon.

© n.v. Nuon, 2008

Toon uitleg

Show the reporting site 2007 online

X