Internal assurance
Rio Tinto's systems of internal control and the assurance as to their effectiveness are focused on risk. These internal control systems encompass the policies and processes that Rio Tinto puts in place to enable it to respond appropriately to significant business, operational, financial, compliance and other risks.
The scope of internal assurance covers all areas of the Group's operations including activities such as finance, human resources, safety, health, environment, operational and legal issues. It also extends to associated activities such as the employment of contractors and, the purchase of goods.
Rio Tinto and its businesses maintain systems to ensure that the Company meets its responsibilities. Our internal assurance process aims to:
- meet the requirements of relevant corporate codes;
- provide relevant information for the directors and executives of Rio Tinto to enable them to fulfil their responsibilities in terms of the policies contained in The way we work;
- provide mechanisms to assist in reviewing and improving social and environment performance; and
- ensure we meet our obligations to voluntary commitments such as the Global Compact.
Our internal assurance activities are undertaken by individual businesses and at the Group level. The activities undertaken at a minimum by businesses are:
- adherence to compliance programmes in terms of Rio Tinto's published Compliance guidance;
- health, safety and environment audits of policy, systems, programmes and performance. These include regulatory and system certification audits;
- regular inspection programmes as part of routine management activities;
- Self Managed Assessments (SMA) by operations of their performance in terms of the Community Standard, following a formalised corporate guideline. SMA was successfully piloted at five sites in 2005; and
- inspections of major waste and water storage facilities, which are required to be undertaken by an independent, qualified expert every two years.
Assurance activities undertaken at the Group level include:
- four yearly reviews of each business to identify and manage strategic risks in relation to health, safety and the environment;
- audits against Rio Tinto safety, occupational health and environment standards;
- annual risk management audits of all business units;
- risk reviews for specific concerns, such as waste and water storage facility management and acid rock drainage;
- audits to assess HSE data quality at operations: six operations were audited in 2005; in the future these will be combined with other internal audit processes;
- completion of the annual internal control questionnaires by all Group business unit leaders covering all aspects of risk to Rio Tinto; and
- Group wide reporting of the results of these activities, including critical and significant incidents and issues, and social and environment parameters.
Graphic: Internal assurance process: Flash | Image
For more information click
Audits
Reviews
Group reporting
Back to top