Auditing

External and internal auditors give management, shareholders and other stakeholders assurance that Hydro complies with external and internal rules and regulations. The external auditor gives its independent opinion on the consolidated financial statements of Hydro. Various internal auditing activities gives management assurance that the internal control system is working adequately and according to management’s expectations.

External auditor

Deloitte is Hydro’s primary auditor. The Board Audit Committee supervises the independence of the auditor and has established a pre-approval policy. This policy defines the services that are compatible with the role as independent auditor.

Please see note 44 to the consolidated financial statement for remuneration of external audit.

Controls and procedures

Hydro's internal control framework provides sound controls, built on a foundation of integrity, ethical values and appropriate organizational attitudes. We have a disclosure committee comprised of senior managers responsible for reviewing the financial and related information included in our reports. In addition, our internal audit function is an integral element of our management structure. This function evaluates our risk management, control, and governance processes to determine if they are adequate and contribute to the achievement of our objectives. It also supports management's evaluation of internal controls over financial reporting in accordance with relevant legislation through various audit activities.

Throughout 2007, we have continued to follow the internal control over financial reporting framework developed under the section 404 of the U.S. Sarbanes-Oxley Act, 2002. The primary exception is that our external auditors will not be required to issue a separate audit opinion on our internal control over financial reporting as this was a specific SEC requirement.

Our management has continued to be guided by the "Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal control - integrated framework" principles in evaluating the effectiveness of our financial controls and procedures. The COSO framework is widely recognised as the most comprehensive control framework and consists of the five interrelated components

1. Control Environment
2. Risk Assessment
3. Control Activities
4. Information and Communication
5. Monitoring

Pre-approval of audit services

Hydro's audit committee has a pre-approval policy governing the engagement of primary and other external auditors to provide audit and non-audit services to Hydro or any entity within the group. Under this pre-approval policy, the audit committee has defined and pre-approved subcategories of audit and non-audit services. The audit committee's pre-approval policy includes annual monetary frames for each of the following categories of services: 

• audit-related
• tax
• non-audit related

The chairperson of our audit committee is authorized to approve changes to the subcategories of these services and/or any increase in the monetary frames between regular meetings of the audit committee. Any such change must be disclosed to the full audit committee on a quarterly basis.  

The audit committee's pre-approval policy also applies to auditors, other than our primary external auditors, which, in the aggregate, audit more than 5 percent of Hydro's consolidated assets or income from continuing operations before tax. For such auditors, the pre-approval policy applies only to services provided to the Hydro subsidiary or subsidiaries under audit.  Within the scope of the pre-approval policy, all services have been pre-approved and all amounts for audit related, tax and other non-audit related services are within the monetary frames established by the audit committee.

Employment of external auditor personnel

Principles have been established to ensure that the independence of Hydro's external auditor is not impaired in connection with the recruitment of former or current external auditor personnel and their close family members. Our policy requires a "cooling-off period" before recruiting former employees from the current external auditor to defined positions within Hydro.

Internal audit

Internal Audit Corporate provides independent assurance to management and the Board of Directors by evaluating whether Hydro’s risk management, control, and governance processes are adequate and contribute to the achievement of the company’s objectives. The scope includes both financial and non-financial perspectives.

The independence of Internal Audit Corporate is ensured through the fact that the Internal Audit Officer reports directly to the President & CEO. Furthermore, certain employment decisions related to the Internal Audit Officer is subject to supervision from the Board Audit Committee.  The Internal Audit Officer has unrestricted access to the Board Audit Committee.

Internal Audit Corporate performs risk based operational audits throughout the organization and has a specific responsibility to evalute the internal controls over financial reporting. 

HSE audits

To secure continuous improvement and compliance with corporate requirements, sector presidents must submit self-assessment letters on health, security, safety and environment biannually. In addition, every sector is audited every three year through Hydro Executive Leadership Protocol based on the International Safety Rating System (ISRS) and ISO 14001, and adjusted to include all elements of HSE.

At lower levels in the organization, HSE audits are performed regularly based on standardized audit tools and audit plans that are updated every year.

Hydro's policy is that all production sites shall be in accordance with the ISO 14 001 standard or equivalent. It is not a requirement that the sites shall be certified. Still, the majority of our production sites are. Compliance is also followed up through our internal HSE audit protocol HELP, which is based on inter alia ISO 14 0001 and our HSE Management System.

Other audit activities

In addition to audits performed by Internal Audit Corporate and HSE audits, there are several other audit activities undertaken throughout the organization. These include performance audits, partnership audits,, and various certification activities including ISO audits.