Internal audit
Kesko’s internal audit is responsible for the Group’s independent evaluation and assurance function required of a listed company, which systematically examines and verifies the efficiency of risk management, management, control and governance. The Audit Committee of Kesko’s Board of Directors has confirmed the operating instructions for Kesko’s internal audit function.
The internal audit function operates under Kesko’s President and CEO and the Audit Committee, and it reports on its findings and recommendations to the Audit Committee, the President and CEO, the management of the audited operation, and the external auditor. Internal audit covers all Kesko’s divisions, companies and functions. Auditing is based on risk assessments, as well as risk management and control discussions conducted with the management of the Group and the divisions. Regular meetings are arranged with the external auditor to ensure sufficient audit coverage and to eliminate overlapping operations.
An internal audit plan is prepared annually, and it is approved by the President and CEO and the Audit Committee. The audit plan is modified quarterly on a risk basis. If necessary, the internal audit function acquires external services for additional resources or for conducting audit operations requiring particular expertise. Internal audit can also make use of the expertise and work contribution of Kesko Group’s other specialists.
The Chief Audit and Risk Officer reports functionally to the Chair of the Audit Committee, and administratively to Kesko’s President and CEO on matters related to internal audit, and to the Group’s Chief Financial Officer on matters related to risk management.
Internal audit in 2025
The main focus areas for internal audit in 2025 were the utilisation of artificial intelligence, IT project management, acquisitions and their integration, cyber security, store site investments, sales management, the home and speciality goods trade business, vehicle servicing, indirect sourcing, and processes of the shared services centre.
Focus areas for internal audit in 2026
The main focus areas for internal audit in 2026 will be the utilisation of artificial intelligence and related processes, cyber security, changes in IT services, strategic projects, acquisitions and their integration, improving operational efficiency and processes, and processes of the shared services centre.
