Internal control and risk management

Tieto’s internal control framework supports the execution of the strategy and ensures regulatory compliance. The foundation for internal control is set by internal financial control, internal audit, risk management, and governance policies as well as Tieto’s values and Code of Conduct.

The aim of Tieto’s internal control framework is to assure that operations are effective and efficiently aligned with the strategic goals and to ensure reliable, complete and timely financial reporting and management information as well as compliance with applicable legislation and regulations. The framework endorses ethical values, good corporate governance and risk management practices.

Risk management framework

Tieto uses risk management as a means of preventing unexpected incidents that may have severe impact on our business and achievement of the strategic goals. It also contributes to developing business operations and their profitability and ensuring the continuity of successful business operations. The role of risk management is to maintain the company’s risk management framework and report risk exposures consisting of strategic, financial, compliance and operational risks.

The CFO and CRO have the joint responsibility to arrange and lead Tieto’s risk management. The ARC monitors the efficiency of the company’s internal control, and risk management. The internal audit assures that the control framework is functional and effectively implemented.