How we manage risk - continued
Declaration
Governance o www.ahold.com/reports2009
QJ
3
Code of Conduct 2
Our Global Code of Professional Conduct and Ethics is based on Ahold's core values. It is
intended to help each employee understand and follow relevant compliance and integrity
rules, and know when and where to ask for advice. The code applies to Ahold, our
operating companies and all management-level employees, as well as to third parties hired
by or acting on behalf of Ahold. It coexists with the local codes of conduct at each of our
operating companies. The code is available in the corporate governance section of Ahold's
public website (www.ahold.com).
-o
n>
Monitoring
We use a comprehensive business planning and performance review process to monitor
our performance. This process covers the adoption of strategy, budgeting, and the
reporting of current and projected results. Business performance is assessed according
to both financial and non-financial targets. A group-wide management certification
process is in place to meet business needs and the requirements of the Dutch Corporate
Governance Code. Each quarter, executive management of each reporting entity send
letters of representation to the Corporate Executive Board confirming compliance with
Ahold's Global Code of Professional Conduct and Ethics, policies on fraud prevention
and detection, accounting and internal control standards, disclosure requirements and
corporate responsibility. Our Internal Audit function helps to ensure that we maintain and
improve the integrity and effectiveness of our system of risk management and internal
control by undertaking regular risk-based, objective and critical evaluations. Internal Audit
also monitors the effectiveness of corrective actions undertaken by management with
specific follow-up procedures to significant audit findings.
Governance Risk and Compliance Committee
In 2009 we established a Governance Risk and Compliance (GRC) Committee that
replaced our former Disclosure and Compliance Committee. Ahold's Chief Financial Officer
and Chief Corporate Governance Counsel sit on the GRC Committee, as do other members
of management responsible for key governance, risk and compliance functions. The GRC
Committee, which meets at least quarterly, oversees GRC activities within the Ahold Group
and reviews relevant reports that are submitted to the Corporate Executive Board, the
Supervisory Board and the Audit Committee.
Annual declaration on risk management and control systems regarding financial
reporting risks
Ahold supports the Dutch Corporate Governance Code and makes the following
declaration in accordance with best practice provision II.1.5:
The Corporate Executive Board is responsible for establishing and maintaining adequate
internal risk management and control systems. Such systems are designed to manage
rather than eliminate the risk of failure to achieve important business objectives, and can
only provide reasonable and not absolute assurance against material misstatement or loss.
With respect to financial reporting, management has assessed whether the risk
management and control systems provide reasonable assurance that the 2009 financial
statements do not contain any material misstatements. This assessment was based on
the criteria set out in COSO: Internal Control - Integrated Framework. It included tests
of the design and operating effectiveness of entity level controls, transactional controls
at significant locations, and relevant general computer controls. Any control weaknesses
not fully remediated at year-end were evaluated. Based on this assessment, management
determined that the Company's financial reporting systems are adequately designed and
operated effectively in 2009.
o
0)'
Ahold Annual Report 2009 29