The purpose of Internal Audit function is to provide independent and objective assurance designed to improve Fortum Group’s operations. Internal audit provides a disciplined and systematic approach in examining and evaluating the appropriateness and effectiveness of the group’s management and corporate governance processes, internal control system, risk management, and operational processes. The operating principles of internal audit are defined in the Internal Audit Charter approved by the Audit and Risk Committee of the Board of Directors.
Internal audit assignments are conducted in accordance with a risk and assurance based annual plan approved by the Audit and Risk Committee of Board of Directors and focusing on key risks and core processes in Fortum operations.
The internal audit reports functionally to the Audit and Risk Committee and administratively to the Fortum CFO. It reports the results of the conducted audits, related findings and recommendations to the responsible business unit, area and function management for corrective actions. A summary of the audit results and the status of the management’s implementation of agreed corrective actions to address the findings identified in the audits are regularly reported to the Audit and Risk Committee and Fortum Leadership Team. All audit reports are also provided to the external auditor.
The Internal Audit cooperates regularly with the Group’s other assurance functions, such as Risk Management, Internal Control and Compliance, Safety and Security.