LEGRAND / 2018 Registration document

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

INTERNAL CONTROL AND RISK MANAGEMENT RISK FACTORS AND CONTROL MECHANISMS IN PLACE

Risk factors

Structural risk reduction criteria and main systems in place

Criticality

Reference

Operational risks

3.6.2

W Multi-skilled team W Security masterplan W Specific governance

Cybersecurity, continuity and performance of information systems

Critical

3.6.2.1

W Centralized infrastructure management W 24/7 monitoring of critical applications W Single hotline covering the whole world W Audit of systems in place

W Talent management process W Incentives and retention mechanisms for key employees W Onboarding of new employees W Quantitative and qualitative indicators via dedicated reporting W Dedicated department and network of correspondents in the Group W Occasional recourse to experts W Use of internationally renowned consulting firms

Talent, skills management, and well-being at work

3

Material

3.6.2.2

Intellectual property

Material

3.6.2.3

W Market monitoring W Central supervision of the risk of shortages W Excess inventory or substitution plan

Availability of raw materials and components

Material

3.6.2.4

W “Creation of the Product Offering” process W Monitoring and validation meetings with General Management W Analysis of project risk and sharing of indicators

Failure in major new product launch

Material

3.6.2.5

W Systematic approach to the qualification of suppliers W Identification of critical suppliers (interdependence, financially vulnerability, risks relating to Corporate Social Responsibility) W Supplier risk mitigation approach (multi-sourcing strategy, security of supply, CSR action plan) W CSR audit of suppliers W Responsible purchasing policy – “Responsible Supplier Relations” accreditation W Limited concentration of industrial activities W Identification of risks and vulnerabilities, prevention plan W Regular investments in modernization and maintenance of industrial facilities W External audits W Worldwide insurance program covering property/casualty and business interruption risks W Map of vulnerabilities and analysis of exposed assets W Impact mitigation strategies (organizational measures and technical solutions)

Supplier default or risky practices

Moderate

3.6.2.6

Unavailability of a production, storage or logistics site

Moderate

3.6.2.7

Risks related to climate change

Moderate

3.6.2.8

Reputational and compliance risks

3.6.3

W Quality policy W ISO 9001 certification for production sites W Qualification of products by certified laboratories W Processes to monitor quality in production, W Product quality surveillance plan W Customer dissatisfaction management process W Satisfaction surveys W Product recall management procedure W Network of compliance officers in each country W Compliance program W Compliance committees at country and Group level W Guide to Good Business Practice W Competition charter W Risk and control matrix in place for each country W Ethics and fraud whistleblowing system W Training and communication plan

Material

3.6.3.1

Product quality and safety

3.6.3.2 Issue no. 3 on the CSR roadmap

Business ethics

Material

61

LEGRAND

REGISTRATION DOCUMENT 2018