AstraZeneca Annual Report and Form 20-F Information 2008

Compliance and group internal audit (GIA)

The role of the Global Compliance function is to help embed a culture of ethics and integrity at AstraZeneca. Global Compliance works closely with GIA, with whom it provides joint assurance reporting to the Audit Committee. The key priorities for our Global Compliance function for 2008/2009 are closely aligned with the Company’s strategic priorities. During 2009, the focus will be on embedding the compliance framework developed in 2008 into the business.

During 2008, the Global Compliance Committee met regularly. The remit of the committee is to oversee and co-ordinate implementation of an effective global compliance programme and evaluate its effectiveness. It does this by assessing key compliance risks within and across SET areas; ensuring co-ordination of compliance auditing and monitoring; reviewing results; and addressing significant policy violations and identifying trends.

Global Compliance provides direct assurance to the Audit Committee on matters concerning compliance issues, with a particular focus on compliance with IFPMA, EFPIA and US PhRMA codes. Complementing this, GIA carries out a range of audits that includes compliance-related audits and reviews of the assurance activities of other Company assurance functions. The results from these activities are reported to the Audit Committee.

GIA is an independent appraisal function that derives its authority from the Board through the Audit Committee. Its primary role is to provide reasonable and objective assurance to the Directors about the adequacy and effectiveness of the Company’s risk management and control framework and the internal controls over key business risks, including financial controls and compliance with laws, regulations and policies.

GIA seeks to discharge the responsibilities set down in its charter by reviewing:

• The processes for ensuring that key business risks are effectively managed.
• The financial and operational controls that help to ensure that the Group’s assets are properly safeguarded from losses, including fraud.
• The controls that help to ensure the reliability and integrity of management information systems.
• The processes for ensuring compliance with policies and procedures, external legislation and regulation.
• On an ad hoc basis, whether value for money is obtained (in terms of efficient use of the Group’s resources).

GIA acts as a source of constructive advice and best practice, assisting senior management with its responsibility to improve governance, control, compliance and risk management.

Back to the top