internal control

Our governance and risk framework synchronises information and activity across our governance, risk management and compliance functions and enables us to identify, measure, monitor and respond to risk whilst avoiding wasteful overlaps.

In support of the Group’s strategy, the Board and its Committee’s promote a common approach to governance and risk management using the GKN Risk Management Framework. This is based upon the principles of good governance:

  • a common culture – defined through the GKN DNA;
  • a strong commitment to doing the right thing – supported by the GKN Code
  • clear and well defined Group policies and procedures – supported by our GKN Governance Handbook
  • a clear system of delegated authorities – through our Plc and divisional authority levels.

The Risk Management Framework sets a standard framework through which we manage our significant risks. The model is based upon 3 lines of defence:

  • 1st line - risk ownership and control: maintaining an effective risk management and control environment as part of day to day business/operations. 
  • 2nd line – Monitoring and compliance: central monitoring and testing of compliance with Group requirements by Group functions. 
  • 3rd line – Independent audit and assurance: independent testing of the design and operating effectiveness of our systems and controls by Corporate Audit and other third party audit/assurance providers.

The outputs of these lines of defence are regularly monitored by the Board and its Committees. This includes: 

  • review and approval of key items referred to them under the delegated authorities, 
  • regular review of KPIs, major incidents and the output from our assurance and compliance processes.