62
evaluates the effectiveness and design of the System on an on-going basis, both with respect to the risks
identified and to the controls implemented to mitigate such risks.
In this regard, the dimensions of the Atresmedia Risk Management and Control System are as follows:
1.
Regulatory compliance
The Atresmedia Group has defined a regulatory compliance system, which enables all regulations to be
respected, both in relation to the sectors in which it operates and in respect of the generic manner in which they
affect the Group in view of its status as a listed company or the legislation to which it is submitted (labour, tax,
environmental, etc.).
The supervision of regulatory compliance, via specific controls, is one of the principles on which the Atresmedia
Group's Risk Management and Control System is based.
Additionally, a series of Internal Procedures and Protocols have been adequately defined and notified, which have
been included within the Group's Risk Management and Control System, representing additional control
mechanisms to ensure compliance in order to mitigate the appearance of various associated risks. These
Procedures and Protocols are supervised and approved by the Regulatory Compliance Committee and are
adequately notified to the Audit and Control Committee on a frequent basis to oversee that they are effectively
complied with.
2.
Organisation
All the risks and controls of the Atresmedia Group are assigned an organisational unit, enabling the risks and
controls to be adapted by organisation/business, and responsibilities to be identified in the System, both at
corporate level and in each of the organisational units and business units.
Risks and controls exist that are assigned to the whole Group, but also within the System others exist that are
solely assigned to certain units of the organisation, on being specific to the related business or organisation.
The heads of each organisation may monitor the risks and controls specific to their organisation.
In this regard, the organisations defined within the Atresmedia Risk Management and Control System are as
follows:
Television Division
Radio Division
Advertising Division
Multimedia Division
Diversification Division
Cinema Division
Corporate Division (Systems and Human Resources)
Financial Division
Legal, Judicial and Regulation Division
Audit, Processes and Quality Division
Foundation
These organisational units have in turn defined their internal organisation (lower organisational units) for the
purposes of assigning responsibilities in the performance and design of the controls and in their supervision.
3.
Processes
Via a detailed processes map, the Group's risks and controls are associated so that at any time it is possible to
identify which risks have the greatest impact on one or another business or corporate process; together with the
existing controls and the needs for improvement or redefinition thereof, to the extent that the processes are
evolving on an operational and technological basis.
The main processes identified within the Risk Management and Control System are as follows:
Definition and preparation of the corporate strategy
Acquisition of contents and purchase of rights
Contents production
Design of the grid and definition of programming strategy
Purchases of goods, services and technology