LEGRAND_REGISTRATION_DOCUMENT_2017

INTERNAL CONTROL AND RISK MANAGEMENT Risk factors and control mechanisms in place

Risk factors

Structural risk reduction criteria and main systems in place

Operational risks

3.6.2

W Systematic approach to the qualification of suppliers W Identification of critical suppliers (interdependence, financially vulnerability, risks relating to Corporate Social Responsibility) W Supplier risk reduction approach (multi-sourcing strategy, security of supply , CSR action plan) W CSR audit of suppliers W Responsible purchasing policy – “Responsible Supplier Relations” accreditation

Supplier default or sustainable practices

3.6.2.1.

W Market monitoring W Globalised purchasing W Sensitivity analysis of cost of raw materials W Backup plan

Cost and availability of resources, raw materials and components

03

3.6.2.2.

W Talent management process W Incentives and retention mechanisms for key employees W Onboarding for new employees W Quantitative and qualitative indicators via dedicated reporting

Talents and skills

3.6.2.3.

W Limited concentration of industrial activities W Identification of risks and vulnerabilities, and prevention plan W Regular investments in modernization and maintenance of industrial facilities W External audits W Worldwide program for insurance against risks of accidental damage and operating losses

Business continuity

3.6.2.4.

W Dedicated team W Security masterplan W Specific governance W Audit of the systems in place

Continuity and security of IT systems

3.6.2.5.

Reputational and compliance risk

3.6.3

W Quality policy W ISO 9001 certification for production sites

W Qualification of products by certified laboratories W Customer dissatisfaction management process W Satisfaction surveys W Product recall management procedure W A department responsible for monitoring regulations and standards W Use of external experts

Product quality and safety

3.6.3.1.

W Network of compliance officers in each country W Compliance program W Guide to Good Business Practice W Competition charter W Risk and control matrix in place for each country

Business ethics

W Whistleblowing for ethics and fraud W Training and communication plan

3.6.3.2.

W Head of Occupational Health & Safety (OHS) and network of correspondents W Prevention policy based on international standards W Legrand’s Charter on Human Rights W Mapping of risks to human rights at work W Responsible purchasing W Application of the Privacy by Design principle for Eliot products W Security audits and intrusion tests

Employment practices

3.6.3.3.

Data privacy

W Systematic Privacy Impact Assessment of smart products W Team for the EU General Data Protection Regulation project

3.6.3.4.

W Dedicated department and network of correspondents in the Group W Limiting our Environmental Footprint: a priority of the 2014-2018 CSR roadmap W ISO 14001 and ISO 50001 certification and environmental audits W Environmental reporting in line with Grenelle 2 and the Global Reporting Index W Carbon footprint reduction plan

Environmental protection and climate change

3.6.3.5.

47

REGISTRATION DOCUMENT 2017 - LEGRAND