Internal control and risk

The respective responsibilities in connection with the financial statements are set out in the Directors’ report on pages 25 to 28 and 41 of the Annual Report 2009 for the Directors and Auditors respectively. The Board, through the Audit Committee, is responsible for the Group’s system of internal control and for reviewing its effectiveness.

An ongoing process for identifying, evaluating and managing significant risks faced by the Group has been in place throughout the year which accords with the Turnbull guidance on internal control. The Audit Committee has, as part of its review process, considered the Group’s system of internal control throughout the year. The system of internal control is designed to manage rather than eliminate risk of failure to meet business objectives, and can only provide reasonable, not absolute, assurance against material misstatement or loss.

The Internal Audit Department is involved in the review and testing of the internal control system and of key risks across the Group, in accordance with the annual programme agreed with the Audit Committee. From time to time it undertakes ad-hoc assignments requested by senior managers or the Audit Committee, the findings of which are discussed with the Audit Committee.