Control and risk management systems

Ambu’s internal control and risk management systems in connection with its financial reporting can be described as follows:

Control environment

The Board of Directors has established an audit committee, the primary purpose of which is to assist the Board of Directors in monitoring the financial reporting and the effectiveness of the internal control and risk management systems. The audit committee reports to the entire Board of Directors. The Executive Board is responsible for maintaining, at all times, an effective control environment and internal control and risk management system in connection with the financial reporting. Managers at various levels are responsible within their respective areas.

Responsibilities and powers have been defined in the Board of Directors’ instructions for the Executive Board and in policies and procedures. The Board of Directors approves Ambu’s foreign exchange and financial policy, the risk management framework and the company’s code of business conduct. The Executive Board approves other policies and procedures, and the responsible functions issue guidelines and monitor the application of all policies and procedures.

Ambu’s accounting policies and financial reporting procedures can be seen in the Corporate Accounting Manual, which is available to relevant finance employees. The organisational structure and the internal guidelines constitute the control environment together with legislation and other rules.

Risk assessment

There is a relatively greater risk of error in connection with those entries in the financial statements which are based on estimates or which are generated through complex processes than with other entries. A risk assessment aimed at identifying these entries is coordinated with the company’s internal controls.

The risk overview is updated annually, and action plans are drawn up to minimise risks within the most important risk areas.

Market risks, financial risks and risks within human resources and other areas are assessed on the basis of the size of the risk in the short as well as the long term. Risks are regularly discussed by the Board of Directors.


The purpose of the checks is to prevent, uncover and correct any errors or irregularities. These activities are integrated into Ambu’s accounting and reporting procedures and include, among other things, procedures for attestation, authorisation, approval, reconciliation, analyses of results, separation of irreconcilable functions, checks concerning IT applications and the general IT checks.

In a sales-driven organisation like Ambu, the management focuses on ensuring proper and correct accruals and that no special discount or credit structure is established for the purpose of bringing forward revenue in a non-acceptable manner. This is monitored and checked by the finance function, the Executive Board as well as the auditors.

Ambu has introduced internal control standards, i.e. standards for checks in connection with its financial reporting. The purpose of these standards is to guarantee and maintain a uniform level of internal checks and controls in connection with the financial reporting throughout Ambu. Ambu has a clear organisational structure which means that all the subsidiaries’ finance functions report to the group’s CFO. Moreover, a central function is responsible for controlling the financial reporting from the subsidiaries.