The role of the Chief Audit Executive is to monitor and verify the adequacy, effectiveness and correct operation of the internal control system.

The Chief Audit Executive is endowed with an adequate level of autonomy and independence, as well as with adequate means to carry out its function. It is not responsible for any operational area and is hierarchically subordinate to the Board of Directors.

The Chief Audit Executive:

• verifies, both on a continuous basis and in relation to special needs, in conformity with international professional standards, the adequacy and effective functioning of the internal control and risk management system, through an audit plan, to be approved by the Board of Directors. Such a plan is based on a structured analysis and ranking of the main risks;
• has direct access to all useful information for the performance of its duties;
• drafts periodic reports containing adequate information on its own activity, and on the company’s risk management process, as well as about the compliance with the management plans defined for risk mitigation. Such periodic reports contain an evaluation on the adequacy of the internal control and risk management system;
• prepares timely reports on particularly significant events;
• submits the reports indicated under items c) and d) above to the chairman of the Board of statutory auditors, the control, risk and sustainability committee and the Board of Directors, as well as to the Chief Executive Officer;
• verifies, according to the audit plan, the reliability of information systems, including the accounting one.