IBERSOL | Annual Report 2020

ANNUAL REPORT 2020 III. Internal Control and Risk Management 50. Individuals, bodies, or committees responsible for internal audit and/ or implementation of internal control systems. Ibersol does not have autonomous internal audit and compliance ser- vices. Risk management, as part of the company’s culture, is present in all pro- cesses and is the responsibility of all managers and employees at the different organization levels. Risk management is undertaken with the goal of creating value by managing and controlling uncertainties and threats that may affect the Group companies, with a view to the continuity of operations, to take advantage of business opportunities. As part of strategic planning are identified and evaluated the risks of the existing businesses portfolio and the development of new businesses and relevant projects and defined those risks management strategies. At the operational level, are identified and evaluated the risks manage- ment objectives of each business and planned actions to manage those risks that are included and monitored in the plans of business and func- tional units. Regarding security risks of tangible assets and people are defined poli- cies and standards, and the self-control of its application is made, being conducted external audits to all units and implemented preventive and corrective actions for the identified risks. To ensure compliance of the established procedures is performed regu- larly assessing of the main internal control systems of the group. For specific business aspects there are risk areas whose management has been assigned to functional departments. Internal control and the monitoring of internal control systems are over- seen by the Executive Committee. 247