GSK_ Annual_Report_2021-22

GlaxoSmithKline Pharmaceuticals Limited | Annual Report 2021-22 38 one of the key mechanisms that we have chosen to channelise our employees towards societal good. At GSK, we strive to strengthen communities and bring the change that we wish to see in this world through volunteering. The CSR policy of GSK can be accessed on our website (https://india-pharma.gsk.com/media/6492/ csr-policy_revised-310715.pdf) . A detailed report on the CSR programmes undertaken during the year is provided in Annexure ‘A’ to the Directors’ Report of this Annual Report. 10. Risk management The significance of risk management holds an important place in the management of a healthcare company. We focus on delivering products to serve millions of patients across the world. Hence, risk management goes beyond ensuring business success, gaining investor confidence or ensuring regulatory compliance. An adverse impact on the business could result in disruption to patient service, directly impacting quality and sustenance of human life. We take immense pride in our culture, including the maturity of our risk management processes. Our risk management culture is driven via the Internal Control Framework (ICF) model which is approved by the Global GSK Leadership Team (GLT) and global Risk Oversight and Compliance Council (GROCC). At a country level, the Risk Management and Compliance Board (RMCB) is responsible for promoting the ‘tone from the top’ and an appropriate risk culture, in addition to ensuring effective oversight of internal controls and risk management processes. The risk management process is monitored by the RMCB on a regular basis (minimum bimonthly meetings). The Risk Management Framework, covering business, operational and financial risks, is also reviewed twice a year by the RMCB and presented to the Risk Management Committee of the Board of Directors. Each function maintains risk registers where each risk is described, the root cause is identified, along with existing controls and monitoring. Mitigation actions along with owners and timelines are agreed upon. All significant risks are discussed at the bimonthly RMCB and then subsequently, at the Risk Management Committee of the Board at least twice a year. Real-time internal risk management processes ensure that your Company is able to manage any crisis, including black-swan events like the global pandemic. The maturity of the process has changed the approach from risk mitigation to risk-resilience. This has helped with timely business decisions aligned with the risk appetite and culture, helping to ensure our brands remain available to our patients and customers, during the most challenging pandemic times. At present, in the opinion of the Board of Directors, there are no risks which may threaten the existence of GSK. Vigil mechanism Your Company has a ‘Speak Up’ programme which offers people, whether working for GSK or not, a range of channels to voice concerns and report any misconduct. The Speak Up channel and procedures encourage everyone to raise concerns about potential unethical, illegal or inappropriate conduct and assures confidentiality and protection from retaliation, retribution or any form of harassment to those reporting such concerns. An independent third party manages these reporting lines and calls are logged through their central system to ensure the integrity of the programme. We endeavour to treat all questions or concerns about compliance in a confidential manner, even if the person reporting a question or concern identifies himself/herself. We also have an extensive and widely communicated process to prevent and take disciplinary action, and deter acts of sexual harassment. The Speak Up channels can be accessed on our website (https://gsk.com/speakup ) . We also have in place a whistleblower policy, to provide a mechanism for its employees/external stakeholders to approach local/group management or the Chairperson of the Audit Committee in case of any grievance or concern (accindrx. audicomitteechairmangskindiarx@gsk.com ) . The GSK Code can be accessed on our website ( https://www.gsk.com/en-gb/about-us/codes-and- standards/codes-and-standards ). 11. Internal control framework We conduct our business with integrity and high standards of ethical behaviour, in compliance with the laws and regulations that govern the business. Our Internal Control Framework (ICF) is a comprehensive enterprise-wide risk management model and supports the continuous process of identification, evaluation and management of the Company’s risks. ICF is supported by standard operating procedures, policies and guidelines, including suitable monitoring procedures and self-assessment exercises. Compliance with laws and regulations is monitored through a well-crafted framework. As required by the Companies Act 2013, we have implemented Directors’ Report