3. SERIES DE TELEVISIÓN
3.2. Cómo se escribe una serie
Management System”
As stated previously, with a resolution of March 14, 2013, the Board of Directors of Eni SpA, at the proposal of the Control and Risk Committee, approved the “Guidelines for the Internal Control and Risk Management System” (ICRMS), entrusting the CEO with their implementation. These guidelines, which are mandatory for the subsidiaries, including listed subsidiaries, are designed to ensure that the main risks to which Eni is exposed are correctly identified, measured, managed and monitored and set out reference principles, roles and responsibilities for the key players in the system, as well as the criteria that the CEO must follow in
implementing those guidelines.
The Management System Guidelines for the internal control and risk management system (ICRMS MSG), issued by Eni SpA on April 11, 2013, represent a regulatory instrument to be used by the CEO in implementing the guidelines and, in incorporating the principles delineated by the Board, it (i) consolidates and structures within a single document the various elements of the Eni ICRMS, (ii) defines the model of relations between Eni SpA and the subsidiaries in this area, and (iii) at the same time exploits the opportunities for the rationalisation of reporting flows and the integration of controls and monitoring activities.
The ICRMS MSG is used alongside the instrument issued on December 18, 2012, with which Eni developed and implemented a model for the integrated management of corporate risks.
>
Roles and responsibilitiesin designating members
>
Exceptions>
Members of the control bodies>
Board guidelines>
Internal implementation rules>
Requirements85 Eni’s reference framework for implementation and maintenance of an adequate and working
ICRMS provides for a structure of three dimensions, as shown in the following diagrams:
1. Objectives - The first dimension represents the view of the ICRMS in relation to the objectives and associated risks that the ICRMS is intended to pursue and manage:
a. Strategic, b. Operational, c. Compliance, d. Reporting.
2. Scope of application - The second dimension regards the scope of application on the basis of which the ICRMS is structured:
- the management and coordination exercised by Eni SpA over the subsidiaries;
- entity: Eni SpA and the individual subsidiaries, on the basis of their legal and operational independence, establish an appropriate, functional ICRMS under their own responsibility; - processes adopted by Eni, on the basis of which the ICRMS is structured;
3. ICRMS Process - The third dimension represents the ICRMS process and its individual phases: - definition and implementation of the “internal environment”;
- identification, assessment and treatment of risks; - definition and implementation of control activities; - monitoring;
- re-examination and assessment of the entire system; - disclosure and communication.
This ICRMS process is:
- continuous, focusing on improving the overall ICRMS, influencing the definition and achievement of corporate objectives;
>
Objectives>
Scope of application>
The process86
- integrated into corporate operations, as well as organisational and governance arrangements;
- interactive, as the individual phases, while organised into a logical sequence, can receive feedback from the development of each of the other phases so that the value generated by the process is not merely the sum of the value generated by the individual phases; - performed by people, through the activities (and the associated reporting) carried out in
pursuing corporate objectives;
- evaluated every six months, unless unforeseen events occur that may require that a special investigation be performed, to ensure that it is adequate and functions overall.
The Eni ICRMS is structured along the following three levels of internal control:
1. First level of control: identifies, assesses, manages and monitors the risks for which it is responsible, for which it identifies and implements specific management actions. 2. Second level of control: monitors the main risks in order to ensure the effectiveness and
efficiency of their management; also responsible for monitoring the appropriateness and operation of controls implemented for the main risks. It also provides support to the first level in defining and implementing adequate systems for managing the main risks and the associated controls.
3. Third level of control: provides independent, objective assurance on the appropriateness and effective operation of the first and second control levels and, more generally, on the Eni ICRMS as a whole.
The structure of the first and second control levels is consistent with the size, complexity, specific risk profile and with the regulatory environment in which each company operates. The third level of control is exercised by the Internal Audit unit of Eni SpA, which, on the basis of a centralised model (described in more detail in the “Internal Audit” section), performs its controls using a risk-based approach to the overall Eni ICRMS, monitoring Eni SpA and the subsidiaries.
>
The three levels of controlBoard of Directors Watch Structure Chairman CEO Compliance Committee Risk Committee First level of control Risk Owner Process Owner Compliance/
Governance InternalAudit (2)
Functions identified in the Compliance/ Governance models Financial Reporting Officer Process Owner: core business and business support processes Dedicated /not-exclusively -dedicated
(if any) functions: Risk specialist
Planning and control Integrated Risk Management
Strategic, Operating and Reporting Objectives Compliance Objectives (1)
Second level of control
Control and Risk Committee Board
of Statutory Auditors
Third level of control
(1) Including objectives on the reliability of financial reporting.
(2) The Head of the Internal Audit unit reports to the Board, and on its behalf, to the Chairman, without prejudice to his being functionally subject to the authority of the Control and Risk Committee and the CEO, as director in charge of the internal control and risk management system.
87 To enable management and the management and control bodies to perform their roles within
the ICRMS, specific reporting flows have been established between the control levels and the management and control bodies. The flows are coordinated and appropriate in terms of content and timing.
All flows supporting the assessment of the ICRMS by the Board of Directors are channelled through the Control and Risk Committee of Eni SpA, whose analysis is reported directly to the Board in its periodic reports or through the release of specific opinions. These flows are also transmitted to the Board of Statutory Auditors of Eni SpA to enable it to perform its statutory duties in the field of ICRMS.