This page contains a Flash digital edition of a book.
72


John Lewis Partnership plc Annual Report and Accounts 2014


AUDIT AND RISK COMMITTEE REPORT CONTINUED


Having undertaken a review of the non-audit services provided during the year, at both the half year and year end, the Committee is satisfied that these services did not prejudice the external auditors’ independence.


Internal audit activities The Partnership Board has ultimate responsibility for the Partnership’s system of internal control and risk management and reviewing its effectiveness. The Partnership Board delegates the monitoring of internal control and risk management processes to the Committee. The Committee seeks assurance from the work of the Internal Audit and Risk Management department which provides objective assurance of the effectiveness of those arrangements through the delivery of a risk-based work plan and risk management activities. The Head of Internal Audit and Risk Management reports functionally to the Chair of the Committee and operationally to the Finance Director. The Internal Audit and Risk Management team has been strengthened during the year with additional IT and project assurance specialists; it was also restructured to provide dedicated internal audit managers for the Group and each Division.


The Committee reviews and approves the scope of the Internal Audit work programme each year. At each meeting, the Committee receives a report from the Head of Internal Audit and Risk Management on the work of internal audit, and on management responses to recommendations for improvements made in the audit reports issued.


During the year, the Committee has reviewed 20 Internal Audit reports covering key processes, systems and controls and IT projects and programmes. In addition, the Committee received an internal audit review of the holiday pay issue that arose during the year. The Committee oversaw the review by an external professional services firm of the Partnership’s personnel policies with a particular focus on pay policies, and systems. Whilst this review found that the existing policies were compliant with relevant legislation and regulations, further


work was being undertaken to strengthen the personnel policies’ governance and assurance framework.


The Committee conducted an annual evaluation of the internal audit function during the year and members of the Committee and management were provided with an opportunity, through an evaluation questionnaire, to comment on the Internal Audit function’s effectiveness. The outcome of the evaluation was positive. Some concerns were raised as to whether the size of the team was sufficient given the nature of high-risk, strategically important change and investment programmes. The team has since been strengthened. On all other areas; role, work approach, communication and impact the results of the evaluation were good.


The Partnership’s systems of risk management and internal control Managing risk is fundamental to safeguarding our Partners’ interests. This year the Committee has overseen the risk management framework being strengthened and embedded within the Partnership as part of a continuous improvement programme. During the year, a first meeting of the pan- Partnership Risk Forum was held. It was chaired by the Head of Internal Audit and Risk Management and attended by the Divisional risk teams. Waitrose, John Lewis and Partnership Services have established divisional Risk Committees, with consistent Partnership- wide terms of reference, that report to their respective Management Boards.


Executive management is responsible for identifying and evaluating the key business risks and for implementing and maintaining systems for managing those risks in an efficient and effective manner.


The Committee monitors the development of policies and systems for identifying, evaluating and managing significant risk throughout the Partnership. It also monitors management’s actions to manage those risks and reports regularly to the Partnership Board, which seeks regular assurance that the systems of internal control for risk


management are operating effectively. The Committee has also conducted an annual review of the effectiveness of the risk management and internal control process.


To support this process, the Partnership has developed a risk management framework for the identification, assessment and monitoring of significant risks faced by the Partnership. Further details on this can be found on page 47. At each meeting, the Committee receives an updated Risk Report on the key Partnership risks identified as part of the business planning process.


Strategic, commercial, operational, financial and health and safety risk areas are all included within the scope of these activities.


The systems of internal control are designed to manage, rather than seeking to eliminate, the risk inherent in pursuit of business objectives. In pursuing these objectives, internal controls can only provide reasonable, and not absolute, assurance against material misstatement or loss.


During the year, the Committee has reviewed the measures for mitigating risks through appropriate internal controls and assurance mechanisms. The Committee received reports and presentations from management covering areas such as:


– Holiday pay review, as noted above;


– Processes and procedures relating to Information Assurance, to safeguard customer and Partner personal data, and the security and the resilience of the Partnership’s transactional websites;


– Key strategic contracts for goods for resale (i.e. goods and services not for retail sale), to assess compliance with contractual terms, relating to our supplier’s employment standards and services levels and contract management. The review has led to a roll-out of a template services agreement and the development of a new contract database;


– Operational risks, including business continuity and IT business interruption and disaster recovery, inflationary risks, profit protection and customer complaints;


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84  |  Page 85  |  Page 86  |  Page 87  |  Page 88  |  Page 89  |  Page 90  |  Page 91  |  Page 92  |  Page 93  |  Page 94  |  Page 95  |  Page 96  |  Page 97  |  Page 98  |  Page 99  |  Page 100  |  Page 101  |  Page 102  |  Page 103  |  Page 104  |  Page 105  |  Page 106  |  Page 107  |  Page 108  |  Page 109  |  Page 110  |  Page 111  |  Page 112  |  Page 113  |  Page 114  |  Page 115  |  Page 116  |  Page 117  |  Page 118  |  Page 119  |  Page 120  |  Page 121  |  Page 122  |  Page 123  |  Page 124  |  Page 125  |  Page 126  |  Page 127  |  Page 128  |  Page 129  |  Page 130  |  Page 131  |  Page 132  |  Page 133  |  Page 134  |  Page 135  |  Page 136
Produced with Yudu - www.yudu.com