The Board’s objective is to achieve success for M&S by building a sustainable business for the long term, generating shareholder value through consistent profitable growth, whilst making sure that our customers can always trust us to do the right thing.
In doing so, the directors recognise that creating value is the reward for taking acceptable risks.
The Board has overall accountability for the Group’s approach to assessing systems of internal control and risk, and for monitoring their effectiveness. Independent assurance is provided by the external auditors and internal audit, who present their findings regularly to the Audit Committee on behalf of the Board.
Internal control and risk assessment are designed to manage, rather than eliminate, the risk of failure to achieve corporate objectives. Accordingly, they can only provide reasonable but not absolute assurance against material misstatement or loss.
Internal control
The Board maintains control and direction over appropriate strategic, financial, operational and compliance issues. It has put in place an organisational structure with formally defined lines of responsibility and delegation of authority.
There are also established procedures for financial planning, capital expenditure, information and reporting systems, and for monitoring the Group’s businesses and their performance.
Plans and policies
- communication of the Group’s strategy, objectives and targets, values and standards;
- annual operating and capital plans and future projections;
- operating policies and procedures;
- clearly defined capital investment control guidelines;
- review of treasury policies by the Board; and
- review of social, environmental and ethical matters by the How We Do Business Committee.
Competent people
- appointment and development of employees of the necessary calibre to fulfil their allotted responsibilities; and
- clear roles and accountabilities with regular performance reviews.
Monitor and control
- review by operating divisions of their plans with the relevant director prior to submission to the Board for approval, including identification and assessment of risks;
- monthly comparison of operating divisions’ actual financial performance against budget; and
- regular consideration by the Board of year end forecasts.
Regulatory update
- reporting of accounting and legal developments; and
- regular briefings on latest best practice corporate governance to the Board.
Risk assessment
Every six months the Board reviews the Group Risk Profile – the tool that drives risk assessment and action planning. This is supported by an ongoing process for identifying, evaluating and managing the significant risks faced by the Group. See the table of principal risks and uncertainties in the next section.
As an integral part of planning and review, managers from each business area and major projects:
- identify the risks to their plans;
- evaluate the risks using likelihood and impact; and
- document the actions being taken to manage those risks.
This process has been in place for the year under review and up to the date of approval of the Annual report and financial statements. It has been regularly reviewed by the Board and accords with the Internal Control Guidance for directors on the Combined Code produced by the Financial Reporting Council.
Assurance
On behalf of the Board, the Audit Committee examines the effectiveness of the Group’s:
- assessment of risk by reviewing evidence of risk assessment activity and a report from internal audit on the process undertaken;
- systems of internal control, primarily through approving the internal audit plan and reviewing its findings, reviews of the annual and interim financial statements and a review of the nature, scope and reports of the external audit;
- action plans taken, or to be taken, to remedy any failings or weaknesses identified; and
- action plans in place to manage significant risks.
The Audit Committee has completed its review of the effectiveness of the Group’s systems of internal control during the year, which are in compliance with the Turnbull Guidance 2005. It confirms the necessary action plans to remedy identified weaknesses in internal control are in place and have been throughout the year.