Kesko's internal audit function is responsible for the Group's independent evaluation and assurance function, which systematically examines and verifies the efficiency of risk management and the management, control, and governance of risks, as required of a listed company. The Audit Committee of Kesko's Board of Directors has confirmed the operating instructions for Kesko's internal audit function.
The internal audit function is organised under Kesko's President and CEO and the Audit Committee, and it reports on its findings and recommendations to the Audit Committee, the President and CEO, the management of the audited operation, and the Auditor. The function covers all of Kesko's divisions, companies and functions. Auditing is based on risk analyses, as well as risk management and control discussions conducted with the Group's and divisions' management. Meetings with the Auditor are arranged on a regular basis in order to ensure sufficient audit coverage and to eliminate overlapping operations.
An internal audit plan, subject to approval by the President and CEO and the Audit Committee, is prepared annually. The audit plan is modified on a risk basis, if necessary. The internal audit function purchases external services as necessary for added resources or for the purpose of conducting audit operations which require special expertise. Audits can also make use of the expertise and work contribution of Kesko Group's other specialists.
Internal audit operations in 2019
In 2019, key focus areas for internal audit were the progress made in the execution of Kesko’s strategies, acquisitions and divestments made, projects related to IT and digitalisation, and the implementation of information security and data protection and projects and changes related to those.
Focus areas of internal audit in 2020
In 2020, key focus areas for internal audit will be progress in strategy execution, information security and data protection, process automation, and significant business and IT projects.