Getinge 2022 Annual Report

Getinge 2022 Annual Report Introduction Strategy Corporate Governance Annual Report Sustainability Report Other information Contents Building blocks in the Getinge corporate governance model In addition to the formal corporate bodies, there are three main building blocks in the Getinge corporate governance model: • • • guiding principles and steering documents, operational governance and legal entity governance, which is described below. Combined with the governance of product-related quality and regulatory compliance as well as Getinge's sustainability agenda, the building blocks for Getinge's corporate governance model creates conditions for meeting targets, monitoring and control, which supports the Board's agenda. The primary focus areas and improvements in 2022 are described in more detail on page 29. GETINGE'S CORPORATE GOVERNANCE AND ASSURANCE FRAMEWORK Governing bodies Getinge AB (publ)'s Annual General Meeting, external auditor and Nomination Committee Getinge AB (publ)'s Board of Directors, Remuneration Committee, Audit and Risk Committee and Corporate Internal Audit The President & CEO assisted by the Getinge Executive Team and other forums at the Getinge Executive Team level ↑↓ Getinge's Assurance framework Getinge's Corporate Governance Framework Steering principles and documents Operational governance Legal entity governance ■ Vision, mission, purpose, cultural and brand values Strategic priorities Quality and Regulatory Compliance (QCRM) Policy framework and global requirements Organization, roles and responsibilities Strategic and tactical annual cycle Corporate meeting forums and escalation Basic shared processed and steering documents Legal structure, governance of subsidiaries/legal entities to comply with legal and other requirements Management 1 First pillar: Management has the primary responsibility for owning and managing risks associated with day-to-day operational activities. Other accountabilities as- sumed under the first pillar include design, operation and implementation of internal control activities.") 2 Second pillar: Functions in the second pillar enable the identifica- tion of emerging risks in daily operation of the business. It is done by providing guidance in the form of frameworks, policies and tools for supporting risk management and monitoring compliance.2) ↑↓ Corporate Internal Audit 3 Third pillar: Functions in the third pillar provide objective and independent assurance (internal audit) of operations, processes and controls to ensure improvements and effective risk mitigation. The main purpose of the functions belonging to the third pillar is to evaluate the efficiency of the first and second pillar functions. They are responsible for reporting to the Board and the Audit and Risk Committee. They are also responsible for providing assurance to regulators and external auditors that the structure and implementa- tion of the organization's control culture are effective. 1) The first pillar's control activities include: quality systems audit (at certificate level), management control self-assessment and remediation of audit and investigations findings. 2) The second pillar's control activities include: the Ethics & Compliance function's risk monitoring and risk assessment, internal controls (management testing) and Corporate Quality Audit. 45 46 4 External audit

View entire presentation