The Senior Vice President Group Internal Audit reports to the General Secretary, and functionally to the Audit Committee. The Senior Vice President Group Internal Audit meets the Chairwoman and Chief Executive Officer on a quarterly basis.
The team, with an average of 27 staff, is organized in five different hubs for global coverage – Paris, London, Washington, Porto and Singapore. The team members come from diverse professional backgrounds and speak multiple languages.
Sodexo’s Group internal audit activities are certified by the French Internal Audit and Internal Control Institute (IFACI). This internationally recognized certification attests to Sodexo’s compliance with and application of 30 general requirements of the Professional Internal Audit Standards (independence, objectiveness, competence, methodology, communication, supervision and continuous assurance program).
IFACI certification is a high-level confirmation of quality and performance that:
The Internal Audit Department performs internal audits of Group entities based on an internal audit plan established annually.
The audit plan is based on the Group Risk Profile (which is established using the approach described under 6.2.3 Approach to Risk Assessment) and input from the Chairwoman and Chief Executive Officer, the Chief Financial Officer and other key Sodexo stakeholders. The Audit Committee reviews and approves this annual audit plan.
The responsibilities of the Internal Audit Department include:
The Internal Audit Department may also conduct special assignments at the request of the Chairwoman and Chief Executive Officer, the Audit Committee, or the Sodexo Leadership Team.
During Fiscal 2024, the Group Internal Audit Department conducted 39 audits in 25 countries. In addition, the network of close to 50 internal control coordinators provides support for internal audit engagements and the remediation of weaknesses identified by the Internal Audit team.
The Internal Audit Department regularly tracks implementation of post-audit action plans by Group entities. An overall progress report is updated regularly and submitted on a quarterly basis to the Chairwoman and Chief Executive Officer, the Group Chief Financial Officer, and the Audit Committee. All action plans are followed up regularly.
In Fiscal 2024, the Internal Audit Department carried out a post-audit quality survey with all audited entities. 98% of these entities considered that the quality of audits was satisfactory.
Finally, the Internal Audit Department reviews each request for non-audit services performed by the external auditors, prior to their approval by the Audit Committee, and carries out monitoring of these fees.
Risk management and the reinforcement of internal control are a permanent strategic priority for the Group.
Internal controls cannot provide an absolute guarantee that all risks have been eliminated. Sodexo nevertheless endeavors to ensure that the most effective internal control procedures feasible are in place in each of its entities.
This report is prepared on the basis notably of the “Reference Framework for risk management and internal control systems” published by the French securities regulator (Autorité des marchés financiers - AMF) in July 2010.
