SIEMENS

Our internal audit function systematically evaluates our financial reporting integrity, the
effectiveness of the control system and the risk management system, and adherence to our
compliance policies. Our listed Strategic Companies have their own internal audit departments and
annual audit plans. Topics from the respective annual audit plan of our listed Strategic Companies
that are also relevant for our Managing Board and Audit Committee.

Our internal audit function systematically evaluates our financial reporting integrity, the
effectiveness of the control system and the risk management system, and adherence to our
compliance policies. Our listed Strategic Companies have their own internal audit departments and
annual audit plans. Topics from the respective annual audit plan of our listed Strategic Companies
that are also relevant for our Managing Board and Audit Committee

To ensure that our compliance system is put into action and meets our requirements everywhere in
the world, our internal audit department continuously performs compliance controls and audits
2023.

Our internal audit function systematically reviews our financial reporting integrity, our accounting-
related ICS and ERM. Siemens Healthineers has its own internal audit department and annual audit
plan (see also 8.5.1). The Audit Committee is integrated into our accounting-related ICS. In particular,
it oversees the accounting and accounting process and the adequacy and effectiveness of the
associated ICS, the ERM and the internal audit system. Moreover, we have rules for accounting-
related complaints
DIAGEO

Our management approach to procurement practices 103-03 Evaluation of the management

approach Suppliers are selected based on their ability to effectively deliver our needs in terms of
service, material, timing and cost. All suppliers are required to meet the minimum requirements set
out in our Partnering with Suppliers Standard. Suppliers are also evaluated against the risk of bribery
and corruption through our Know Your Business Partner (KYBP) assessment, which considers
operating risks, market/sector risks and feedback from our internal reviews and assessments.
Ongoing performance against contract and service levels is reviewed by Procurement teams, while
adherence to specific requirements on issues such as labour and human rights is addressed as
described from 406-01 to 412-03.

Procurement practices are reviewed by Internal Audit and by the Compliance team. The audit leads
to a report for functional management and relevant Executive Committee members and includes
remedial actions and recommendations

Our management approach to anti-corruption 103-03 Evaluation of the management approach We

have an internal Anti-Corruption Global Policy, and its core principles are included in our Code of
Business Conduct (our Code). This is applied to all operations and personnel, with routine training
undertaken throughout the business. Adherence to the policy is driven through global and local
management within routine business operations and reviewed during assessments carried out by
independent internal assessors.

Our Business Integrity team monitors all functions’ compliance with our Code of Business Conduct,
which includes our internal anti-corruption principles. Our Internal Audit team regularly audits our
markets, which includes auditing their compliance procedures. Any essential improvements
required by the team are given a time limit for completion, and they will also make
other recommendations for improvement where necessary. These are reviewed by the relevant
management teams and Executive Committee members. The Business Integrity team checks that
those who need to have completed their Code training, and reports results to the
Executive Committee and the Board.
Our management approach to anti-competitive behaviour 103-03 Evaluation of the management
approach We have an internal competition and anti-trust policy, the core principles of which are
included in our Code of Business Conduct. We train personnel across the business in the
requirements of this policy within the training on our Code. We monitor adherence through review
of emerging issues, outcomes from SpeakUp, and routine assessment of all business functions
through our internal independent reviews.

Our Business Integrity team monitors all functions’ compliance with our Code of Business Conduct,
which includes our internal competition and anti-trust principles. Our Internal Audit team regularly
audits our markets, which includes auditing their compliance procedures. Any essential
improvements required by the team are given a time limit for completion, and they will also make
other recommendations for improvement where necessary. These are reviewed by the relevant
management teams and Executive Committee members. The Business Integrity team also checks
that those who need to have completed their Code training, and reports results to the Executive
Committee and the Board.

Workers covered by an occupational health and safety management system

All our workers are required to comply with the mandatory requirements of our Global
Occupational Health and Safety Policy as well as adhering to all global risk management standards.
Adherence to these standards and requirements is continually audited by internal audit teams.
Some of our sites have obtained accreditation to the ISO 45001 Occupational Health and Safety
Management System Standard and are regularly audited against this standard by a third party. No
employees or workers are excluded from the occupational health and safety management system

Our management approach to socioeconomic compliance 103-03 Evaluation of the management

approach Diageo has a sound corporate governance structure and a robust governance, risk and
compliance programme, with our Code of Business Conduct at its centre. We train employees across
the company to comply with all standards and policies, and we conduct targeted interventions with
managers and senior leaders to create a culture of integrity. For more details, see our website and
the Effective risk management section of the Annual Report, pages 38-41.

Our Business Integrity team monitors and reviews compliance systems, training activity and
mechanisms such as the SpeakUp helpline. Our Internal Audit team also undertakes regular audits
at market level which include an assessment of compliance. All audits are reported to the
Executive Committee member responsible and to the Chief Executive and Chief Financial Officer.
The Executive Committee routinely reviews the outcomes of audits, compliance monitoring of
required processes and training, and the details of grievances raised through the SpeakUp helpline.
These areas are also reviewed by management’s Audit and Risk Committee and by the Audit
Committee of the Board. Reviews have led to further training on our Code of Business Conduct.

MANAGEMENT APPROACH TO PROCUREMENT PRACTICES (DIAGEO SUSTAINABILITY REPORT 2023)

Our Internal Audit and Business Integrity teams review our procurement practices. From their audit,
we produce a report for functional management and relevant Executive Committee members, which
includes remedial actions and recommendations.

Workers covered by an occupational health and safety management system

All our employees must comply with the mandatory requirements of our Global Health, Safety and
Wellbeing Policy, as well as adhere to all relevant global risk management standards. Adhering to
these standards and requirements is continually assessed by Internal Audit teams.

Where appropriate, our sites are accredited to the ISO 45001 (or equivalent) Occupational Health
and Safety Management System Standard and are regularly audited against this standard by an
approved third party. No employees or workers are excluded from the occupational health and
safety management system. Health and safety performance is monitored through regular site,
regional and global business performance meetings. Our Partnering with Suppliers Standard – our
code for suppliers – has been developed to help drive higher standards in all aspects of our supply
chain.

In relation to health and safety, our aim is to create a proactive health, safety and wellbeing
culture and working environment in which all occupational injuries and illness are foreseeable and
preventable. We expect all our suppliers to act in a manner that demonstrates their personal and
collective commitment to this aim. For those suppliers based on our sites, they are expected to
adhere to relevant Diageo global risk management standards, to engage their employees on the
Diageo ways of working and to attend Health and Safety forums where required.
COCA-COLA SUSTAINABILITY REPORTS (2022)

EMBEDDING HUMAN RIGHTS ACROSS OUR NETWORK

Our industry-leading global audit program is a key component of our long-term, ongoing
commitment to supporting human rights. We use the same rigorous SGP protocols to audit our
own operations as we do our bottling partners and Tier 1 suppliers (packaging and ingredients). In
2022, we conducted 2,770 audits and found that 99% of our own operations, 93% of system
bottlers and 91% of our Tier 1 suppliers complied with our SGP protocols. These audit results are
reviewed by the Corporate Governance and Sustainability Committee of our Board of Directors on
an annual basis.

While this process helps us hold our company and partners accountable, we also focus on building
capacity to support respect for human rights across our value chain. This includes providing
training and resources such as checklists, toolkits and guidelines. In 2022, we conducted bottler
and supplier human rights-focused training across seven of our operating units, attended by over
1,000 participants.

SUPPLIER GUIDING PRINCIPLES (SGP) AUDITS

Audits against our SGP protocols at facilities— ~2,700 audits annually

SGP AUDITS FOR WASTE MANAGEMENT

Customized audit module to understand and improve the economic conditions and practices for
people working across the waste collection sector

SERIOUS INCIDENT PREVENTION:

We expanded our selfassessments and governance audits beyond production operations to include
fleet and distribution operations (route-to-market). We continue our focus on identifying,
implementing and strengthening controls to prevent serious injuries. We also continue to build
unique solutions (i.e., toolkits, guidance) to enhance the capacity and capability of our system in
identifying and mitigating risks.

EQUAL PAY FOR EQUAL WORK

Pay equity is defined as compensating employees fairly and equitably, without regard to gender
(globally), or race and ethnicity (in the United States). On an annual basis, we conduct audits to
ensure our employees are paid equitably. Additionally, we are diligent and stay aware of the
changing regulatory landscape. In 2022, we published our first-ever pay gap report for Coca-Cola
Ireland.

We are working to embed our philosophy into our business practices and processes, and to extend
our analyses beyond base pay to broader aspects of our total rewards policies. Read more about our
pay equity philosophy

L’Oréal’s Internal Audit teams are particularly vigilant in this respect. Implementation of the
corruption prevention programme is systematically reviewed during audit assignments, using a
dedicated audit guide which contains specific checks. Individual interviews are conducted separately
with the Country Manager and the Chief Financial Officer. They give rise to an individual report
reviewed and signed by these latter persons. Specific audits may also be conducted as part of the
annual audit plan.