Banco do Brasil Foundation
Risk management and internal controls
In 2020, with the new organizational structure of BB Foundation, the Control and Risk Management was created, being responsible for risk management, internal controls and the monitoring of the Integrity Program.
BB Foundation assesses and monitors risks that may directly interfere with the organization's sustainability, the quality of its programs and projects and the efficiency of processes.
In order to support the Executive Board in achieving the purpose and strategic objectives, BB Foundation uses the model proposed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the ISO 31.000 standard for Risk Management.
BB Foundation's risk management process aims to enable the identification, assessment, mitigation, control, monitoring, measurement, reporting and improvement of the risks inherent in the Institution's activities, protecting it from possible damage and allowing a proactive, transparent management and quality.
BB Foundation monitors the relevant risks, with periodic reports to the Executive Board, the Management Committee and the Trustee and Fiscal Councils.
Internal Controls
Like in the Risk Management, BB Foundation adopted the COSO guideline for the development and implementation of its Internal Controls System, and established the Referential Model of Defense Lines for assessing the effectiveness of this system.
The 1st defense line consists of managing the processes that are part of the production chain of BB Foundation. The work seeks to identify and assess risks associated with the processes, as well as to implement and execute controls that mitigate these risks.
The 2nd defense line corresponds to the typical corporate functions of risk management, internal controls and compliance, as well as the functions of governance, institutional security and legal advice, aiming to subsidize the Executive Board in decision-making.
The 3rd line of defense covers the internal audit function, which assesses the effectiveness of the entire risk management and control cycle of BB Foundation. The independent performance of the auditors is guaranteed.
It’s time to make things up!
Do not leave information, in any media, exposed in
work environments. Always remember to lock the
screen of your PC before sitting in the presence of
third parties.
Learn more about Information Security Management
in the SIC 1.5.4.1
Our value transforms
Corporate Communication – Coursesregarding LGPD
As determined by the Federal Senate
(click here to learn more about this
subject), the General Law for
Protection of Personal Data (Law no
13.709/18) is about to be in force.
If you do not know its impacts yet, it is
good to be prepared.
Thinking about it, UniBB made some
courses available to maje your life easier:
7669 | Sapience 2022 LGPD
Introduction to Privacy and Protection
of Personal Data - 1h
7835 | LGPD - Personal Data Privacy
and Protection in BB - 2h
Monthly reports are made to the Executive Board on the progress of control activities. The scope of these activities is defined in the Plano Anual de Controle - PAC (Annual Control Plan) approved by the Executive Board.
BB Foundation also has an Internal Controls and Compliance Policy that, in addition to being in line with COSO principles, corroborating the solidity of the governance structure, fulfills its premise of helping the organization to achieve its strategic objectives and mitigating compliance risks. The aforementioned Policy provides, among others, that BB Foundation adopts and encourages the unequivocal ethical conduct of all employees of the Institution (employees, contractors and service providers).
So, everything complies?