Internal control
Pöyry’s internal control and risk management framework is based on the Pöyry Operating Guidelines, which consist of the key policies and instructions issued by the Board, GEC or function heads which must be followed throughout the group. Pöyry has defined its objectives for internal control based on the international COSO framework. The key elements of internal control are the policies and procedures with an objective to ensure:
- Effectiveness, efficiency and transparency of operations on all levels
- Reliability of financial reporting
- Compliance with applicable laws and regulations and the Pöyry Operating Guidelines
- Ethical business conduct
The Pöyry Code of Conduct defines the manner in which Pöyry is represented in business context and imposes high ethical standards. Transparency and integrity are expected at all management levels and from every person working for Pöyry, which is also reflected in all aspects of financial reporting.
The internal controls framework covers all the processes, policies, guidelines, procedures, instructions and organisational structures of Pöyry that assist the management and ultimately the Board of Directors in ensuring that Pöyry achieves the above mentioned objectives. Pöyry’s controls framework is designed to provide reasonable and adequate assurance that the internal control objectives are achieved, recognising that no controls framework can completely remove all risks. Internal control is not a separate process or set of activities but is embedded in the operations of Pöyry.
Risk management is an integral part of Pöyry’s business management and internal controls framework. The aim of risk management is to enable the achievement of the Company’s strategic and financial objectives and targets in a controlled manner.
