ANNUAL REPORT 2016
II. Whistle Blowing Policy
49. Whistle Blowing Policy
The Company has a policy in place for the receipt of reports, claims or complaints about irregu-
larities detected in the Company. As set forth in the Regulations of the Audit Committee, which
are published on the Company’s website, the Audit Committee keeps a written record of reports
of irregularities that are addressed to it and, where considered appropriate, takes the necessary
steps, together with the directors and the auditors, and prepares a report on the irregularities.
Thus, some kinds of irregularities may be reported to the Audit Committee without maintaining
anonymity by reporting them directly to the Company, for reference to the Audit Committee. The
Company will refer the reports it receives to the Chairman of the Audit Committee, ensuring
confidentiality.
During 2016 the Audit Committee did not receive any reports of irregularities.
III. Internal Control and Risk Management
50. Individuals, bodies or committees responsible for internal audit
and/ or implementation of internal control systems
Ibersol does not have autonomous internal audit and compliance services.
Risk management, as part of the company’s culture, is present in all processes and is the
responsibility of all managers and employees at the different organization levels.
Risk management is undertaken with the goal of creating value by managing and controlling
uncertainties and threats that may affect the Group companies, with a view to the continuity
of operations, to take advantage of business opportunities.
As part of strategic planning are identified and evaluated the risks of the existing businesses
portfolio and the development of new businesses and relevant projects and defined those
risks management strategies.
At the operational level, are identified and evaluated the risks management objectives of each
business and planned actions to manage those risks that are included and monitored in the
plans of business and functional units.
With regard to security risks of tangible assets and people are defined policies and standards,
and the self-control of its application is made, being conducted external audits to all units
and implemented preventive and corrective actions for the identified risks. In order to ensure
compliance of the established procedures is performed regularly assessing of the main in-
ternal control systems of the Group. For specific business aspects there are risk areas whose
management has been assigned to functional departments.
159
