Τhe Group’s Risk Management System has been designed to identify and manage threats as well as opportunities and includes security controls and mechanisms at various levels within the organization, as described in detail at: http://www.helpe.gr/userfiles/8ea1f0cb-9e62-48e4-b947-a27b00fb14bb/COMPLETED-FINAL-GR-WEB_1.pdf (p. 36-44, 159-161 & 165-167).
The Group’s Internal Auditing Department, which is part of the Internal Auditing System, contributes to improving the Group’s performance in the fields of Risk Management, Internal Control Systems and Corporate Governance so that the Group’s strategic objectives can be achieved.
Significant actions in 2016 included:
- Increased staffing of the Group's Internal Audit Directorate, with the aim of improving its operation and function.
- A Risk Assessment at Group level was held for the 2nd consecutive year. The aim of this action is to develop a unified approach to identifying, assessing and managing risks in the Group and to exploit the results in the preparation of the Group's annual and three-year audit plans.
- An in-house training program regarding internal audit units has been implemented to gradually inform all staff on the basic principles governing the internal control function and the value this adds to strengthening the Audit culture and to improve cooperation between the Internal Audit Division with the audited units.
- A total of 46 audits (35 regular and 11 extras) were completed, surpassing the year’s audit program.
Audit category
|
Amount
|
Production and marketing of petroleum products facilities
|
22
|
Suppliers
|
2
|
Regulatory compliance
|
4
|
Company owned tankers
|
2
|
Financial-administrative-commercial issues
|
16
|
5. Audits have been extended to new areas that have not been audited in the past, such as Refinery Equipment Inspection Departments, and Marketing Facilities and Airports, which are directly related to equipment integrity and plant security issues.
6. Corruption complaints in specific areas were investigated and improvements were proposed where deemed necessary with the aim of eliminating any doubt or derogation from the Group's procedures.