ASSYSTEM_Registration_Document_2017

MANAGEMENT REPORT

INTERNAL CONTROL AND RISK MANAGEMENT PROCEDURES PUT IN PLACE BY THE COMPANY RELATING TO THE PREPARATION AND PROCESSING OF ACCOUNTING AND FINANCIAL INFORMATION

3.7 DESCRIPTION OF MAIN RISKS AND UNCERTAINTIES

See Chapter 5 of this Registration Document. The effects of climate change and the measures taken by the Company to reduce these effects are set out in Chapter 4 of this Registration Document (particularly Sections 4.1.1 and 4.6.3.2).

3.8 INTERNAL CONTROL AND RISK MANAGEMENT PROCEDURES PUT IN PLACE BY THE COMPANY RELATING TO THE PREPARATION AND PROCESSING OF ACCOUNTING AND FINANCIAL INFORMATION

3

The Group's internal control system comprises a combination of resources, procedures, behavioural standards and actions adapted to the specific features of each Group company and the Group as a whole. This overall system: ● helps the Group manage its business activities and ensure the effectiveness of its operations and the efficient use of its resources; ● is designed to enable the Group to appropriately factor in the significant risks to which it is exposed (operational, financial and compliance-related risks). The purpose of internal control is to ensure: ● compliance with the applicable legislation and regulations; ● the application of instructions and guidelines stipulated by the Board of Directors; ● the smooth functioning of each entity's internal procedures, in particular those designed to take into account risks encountered in their activity and consequently, to safeguard assets;

inherent limitations. These limitations are due to various factors, such as uncertainties in the external environment, the exercise of judgement, or the cost/benefit relationship of setting up new control mechanisms. Assystem's internal control system concerns all fully consolidated subsidiaries controlled by the Group. The summary information set out below relating to internal control procedures is focused on significant elements that could have an impact on the accounting and financial information published by the Group. The Group has chosen to apply the internal control framework advocated by the AMF in its recommendation no. 2015-01 issued on 12 January 2015. The internal control procedures in place within the Group, and notably those relating to the preparation and processing of accounting and financial information, are broken down on the basis of the five main components of internal control (see Section 3.8.3 below). The sections below also describe the procedures in place for identifying, analysing and managing accounting and financial risks. See Chapter 5 for further information on the Group's risk factors.

● the reliability of financial information.

However, internal control cannot provide an absolute guarantee that Assystem's objectives will be met, as any internal control system has

45

ASSYSTEM

REGISTRATION DOCUMENT 2017