IT EN
Explore Explore

Leader of the Transition

The new Multiutility

Iren in figures

Group structure

Management

Management system

Our history

We work for development

Energy production

Networks

Electricity, Gas and Services

Waste management

Water

Smart Solutions

District heating
Explore Explore

Our integrated strategy

Sustainability Governance

Stakeholder engagement

Sustainability report
Explore Explore

We invest in innovation

Open Innovation

Projects

Iren UP Cleantech Venture

IrenLab research

Explore Explore

Company Profile

Company strategy

Iren stock

Risk management

Financial profile

Financial Statements and Presentations
Explore Explore

Our Governance

Corporate bodies

Meeting

Financial calendar

Remuneration policies

Internal Dealing

Internal control, risk management and compliance

Corporate documents

Search

Suggestion tips

Efficienza
Energetica
Articles
Investors
Ascopiave
Pubblica
Bilanci
Solutions
In Cifre
Struttura
News
Governance Internal control, risk management and compliance Internal control and risk management system

Internal control and risk management system

Management and monitoring of business risks

The Internal Control and Risk Management System (ICRMS), is the set of rules, procedures and organisational structures aimed at enabling the identification, measurement, management and monitoring of key business risks within the Group.

 

In particular, the ICRMS contributes to ensuring the efficiency and effectiveness of company procedures, the reliability of its financial information, its respect for laws and regulations as well as its Articles of Association and internal procedures. Thus, the ICRMS plays a central role in the company's organisation, contributing to the adoption of informed decisions consistent with risk appetite, as well as to the dissemination of proper knowledge of risks, legality and company values.

A functional model

for achieving goals

and creating value.

Specifically, the ICRMS reports to the Board of Directors (BoD), with the role of guidance and evaluation of adequacy, and involves the following individuals:

 

  • Directors in charge of the ICRMS, whose duties include establishing and maintaining an effective internal control and risk management system;
 
  • Control, Risk and Sustainability Committee (CRSC), on the basis of adequate preliminary activities, generally tasked with supporting the assessments and decisions of the Board of Directors relating to the internal control and risk management system, as well as those concerning approval of the periodic financial reports.

The levels of the ICRMS

The Internal Control and Risk Management System is implemented through three levels of control:

 

  • third level control exercised by bodies internal to the company, i.e. Internal Audit, or external, i.e. the Board of Statutory Auditors, the Independent Auditors, and the Supervisory Board under Legislative Decree 231/2001; 
 
  • second level control entrusted to specialised systems such as, the Risk Management function, Compliance, the Financial Reporting Officer, the Data Protection Officer, and Management Control;
 
  • primary control of line, entrusted to individual organisational units or Group Companies, carried out on the processes under their responsibility; responsibility for this control lies with Operations Management/Risk owner and is an integral part of every business process.

Corporate Governance Code

Corporate Governance Code

View

Download