Internal Audit

Internal Audit evaluates and inspects the effectiveness of the Group’s internal control system, the relevance and efficiency of the activities, and compliance with guidelines. It also aims to promote the quality of operations and the processes, ensure the achievement of Atria’s goals and the effectiveness of risk management. The target of internal audit is also to highlight best practices and development opportunities in various functions.

Internal Audit assesses the following areas:

• Accuracy and adequacy of financial information
• Compliance with operating principles, guidelines and regulations
• Protection of property against losses
• Economical and efficient use of resources
• Implementation of changes
• Measures resulting from changes in the operating environment
• Opportunities provided by various practices and the utilisation of best practices

The results of internal auditing are documented and discussed with the audited area of operation and Group management. A summary of the audit results is presented to the Board of Directors at least once a year. Regular discussions are held with the auditor to ensure that the audit activities cover a sufficiently wide range of operations and to avoid overlapping audit operations.

The Board of Directors approves the annual plan for internal auditing. The preparation of the audit plan is guided by risk management, issues identified as part of the Group’s internal reporting, goals related to improving the quality and efficiency of the operations, and current issues in the company’s operating environment. Atria’s Group Control function is responsible for internal auditing in cooperation with an external service provider. Where necessary, separate studies commissioned by the Board of Directors or the Group’s management will be conducted.