Corporate Governance Report
II. Whistle Blowing Policy
49. Whistle Blowing Policy
The Company has a policy in place for the receipt of reports, claims or complaints
about irregularities detected in the Company. As set forth in the Regulations of the
Audit Committee, which are published on the Company’s website, the Audit Commit-
tee keeps a written record of reports of irregularities that are addressed to it
and, where considered appropriate, takes the necessary steps, together with the
directors and the auditors, and prepares a report on the irregularities. Thus, some
kinds of irregularities may be reported to the Audit Committee without maintaining
anonymity by reporting them directly to the Company, for reference to the Audit
Committee. The Company will refer the reports it receives to the Chairman of the
Audit Committee, ensuring confidentiality.
During 2015 the Audit Committee did not receive any reports of irregularities.
III. Internal Control and Risk Management
50. Individuals, bodies or committees responsible for internal
audit and/ or implementation of internal control systems
Ibersol does not have autonomous internal audit and compliance services.
Risk management, as part of the company’s culture, is present in all processes and is
the responsibility of all managers and employees at every level of the organization.
Internal control and the monitoring of internal control systems are overseen by the
Executive Committee.
Risk management is undertaken with the goal of creating value by managing and
controlling uncertainties and threats that may affect the Group companies, with
a view to the continuity of operations, to take advantage of business opportunities.
As part of strategic planning are identified and evaluated the risks of the existing
businesses portfolio and the development of new businesses and relevant projects
and defined those risks management strategies.
At the operational level, are identified and evaluated the risks management objec-
tives of each business and planned actions to manage those risks that are included
and monitored in the plans of business and functional units. With regard to security
risks of tangible assets and people are defined policies and standards, and the self-
control of its application is made, being conducted external audits to all units and
158
