The Senior Vice President Group Internal Audit reports to the Chief Impact Officer, and functionally to the Audit Committee. The Senior Vice President Group Internal Audit meets the Chairwoman and CEO on a quarterly basis and works closely with the Chairman of the Audit Committee, holding informal meetings as necessary. The team, with an average of 27 staff, is organized in four different hubs for global coverage – Paris, London, Washington and Singapore. The team members come from diverse professional backgrounds and speak multiple languages.
Sodexo’s Group internal audit activities are certified by the French Internal Audit and Internal Control Institute (IFACI). This internationally recognized certification attests to Sodexo’s compliance with and application of 30 general requirements of the Professional Internal Audit Standards (independence, objectiveness, competence, methodology, communication, supervision and continuous assurance program).
IFACI certification is a high-level confirmation of quality and performance that:
The Internal Audit Department performs internal audits of Group entities based on an internal audit plan established annually. The audit plan is based on the Group Risk Profile (which is established using the approach described under 6.2.3 Approach to Risk Assessment) and input from the Chairwoman and CEO, the Chief Financial Officer and other key Sodexo stakeholders. The Audit Committee reviews and approves this annual audit plan.
The responsibilities of the Internal Audit Department include:
The Internal Audit Department may also conduct special assignments at the request of the Chairwoman and CEO, the Audit Committee, or the Sodexo Leadership Team. During Fiscal 2023, the Group Internal Audit Department conducted 40 audits in 21 countries. In addition, the network of close to 90 internal control coordinators provides support for internal audit engagements and the remediation of weaknesses identified by the Internal Audit team.
The Internal Audit Department regularly tracks implementation of post-audit action plans by Group entities. An overall progress report is updated regularly and submitted on a quarterly basis to the Chairwoman and CEO, the Group Chief Financial Officer, and the Audit Committee. All action plans are followed up regularly.
In Fiscal 2023, the Internal Audit Department carried out a post- audit quality survey with all audited entities. 95% of these entities considered that the quality of audits was satisfactory.
Finally, the Internal Audit Department assesses the external auditors’ independence and reviews the annual budgets for external auditors’ fees (for both statutory audit work and other engagements) prior to their approval by the Audit Committee.
Risk management and the reinforcement of internal control are a permanent strategic priority for the Group.
Internal controls cannot provide an absolute guarantee that all risks have been eliminated. Sodexo nevertheless endeavors to ensure that the most effective internal control procedures feasible are in place in each of its entities.
In compliance with the July 2010 recommendation issued by the French securities regulator (Autorité des marchés financiers – AMF) , this report is prepared on the basis notably of the “Reference Framework” produced by the French Market Advisory Group and published by the AMF.
