Internal Control and Risk Management System

• 4.1 Main Documents Regulating the Internal Control and Risk Management System
• 4.2 Participants of the Internal Control and Risk Management System. Delineation of Responsibilities
• 4.3 Enhancement of the Internal Control and Risk Management System
• 4.4 Key Risks and Actions for their Minimization
• 4.5 Organization of Internal Control and Risk Management

Enhancement of the Internal Control and Risk Management System

For the purpose of enhancement of the internal control and risk management system (ICRMS) processes, the Company organized activity on development of the ICRMS aimed at standardization of the control environment and risks of key business processes of the Company in 2010, as well as at enhancement of the risk management processes. The basic direction of the ICRMS development was designated as the transition from exclusively auditing (detecting) the character of control procedures to the combination of three types of control: auditing (subsequent), current and preventive (preliminary). Following the results of the given activity, the Regulations on the control environment and risks of the basic business processes of the Company were worked out, as well as the register of key risks. In the future, it is planned to continue the activity in the field of the ICRMS enhancement with transition from "standardized" to "optimized" level of the ICRMS maturity, as well as to the automation of control procedures and risk management processes.