https://storage.googleapis.com/inderes-ir-pages-dev-assets/toivo/images/toivo_logo_white.png
fi / en
To toivo.fi
menu
menu

About us

History

Corporate responsibility

IR calendar

Releases

Subscribe to releases

Reports and presentations

Investor contacts

Listing 2025

Toivo as an investment

Strategy and financial targets

Market

Business model

Key figures

Outlook

Estimates and analysis

Share information

Share monitor

Dividend

Shareholders

Management shareholding

Flagging notifications

Corporate governance

Articles of Association

Annual General Meeting

Annual General Meeting 2025

Board of Directors

Nomination committee

Management Team

Remuneration

Insider issues

Auditor

Risk management

Internal control and audit

Disclosure policy

Contact details

About us

About us

History

Corporate responsibility

IR calendar

Releases

Releases

Subscribe to releases

Reports and presentations

Investor contacts

Listing 2025

Toivo as an investment

Toivo as an investment

Strategy and financial targets

Market

Business model

Key figures

Outlook

Estimates and analysis

Share information

Share information

Share monitor

Dividend

Shareholders

Management shareholding

Flagging notifications

Corporate governance

Corporate governance

Articles of Association

Annual General Meeting

Annual General Meeting 2025

Board of Directors

Nomination committee

Management Team

Remuneration

Insider issues

Auditor

Risk management

Internal control and audit

Disclosure policy

Contact details

Change language: fien

Internal control and audit

Internal control and audit

Internal control is an ongoing process carried out by the company's Board of Directors, management and personnel as part of day-to-day operations and decision-making. It encompasses all activities and mechanisms through which Toivo Group ensures the achievement of its objectives and compliance with regulations. The purpose of internal control is to safeguard the company's assets, improve operational quality and ensure reliable and timely reporting. The structure of controls is based on clearly defined responsibilities, internal control checkpoints and procedures to ensure the flow of information.

Effective internal control is built on five elements: the control environment, risk management, control activities, information flow and monitoring. The control environment emphasises management and board commitment to ethical values, as well as clarity of responsibilities and authorities at all organisational levels. Risk management, in turn, is closely linked to strategic and operational decision-making, making use of up-to-date risk assessments and matrices, among other things.

Control activities include both day-to-day process controls and controls through systems and approval procedures. Information sharing and reporting ensure that relevant information reaches the right parties in a timely manner. Monitoring is carried out both through continuous evaluation and regular self-evaluations as well as external audits.

Internal control related to financial reporting

The objective of internal control with regard to financial reporting is to ensure that the company's financial information is accurate, timely, and compliant with regulatory requirements and the company's internal guidelines. This is achieved through clear reporting guidelines, well-functioning systems, and control measures. Management reporting systems also support this process, allowing for continuous monitoring and rapid response when necessary.

Internal auditing

Internal audit is an independent, objective and consultative function designed to review and improve the effectiveness of the company's risk management, control and governance. It operates under the authority of the Board of Directors, or an Audit Committee if one exists, and reports its findings directly to the Board or Committee. Internal audit activities are based on an annual risk-based plan approved by the Board of Directors. Audit methods include data collection through interviews and document review, analysis and drawing conclusions, as well as documenting and following up the results. If necessary, the audit will revisit previous findings.

Audit topics may include financial reporting, regulatory compliance, operational processes, information security, or management of related party transactions. Particular attention is paid to areas of risk, such as supplier or customer dependencies, changes in legislation, opening new markets or past internal and external findings. Priority areas are identified in consultation with management and the Board of Directors, or the Audit Committee if applicable, and are prioritised according to their importance and potential impact.

Successful implementation of internal control and auditing relies on cooperation throughout the organisation. The Board of Directors is responsible for overseeing the entire process and monitoring its effectiveness. The Board of Directors, or the Audit Committee if applicable, monitors and directs internal audit activities. Company management is responsible for the functioning of processes and the implementation of daily controls. Personnel play a crucial role: each employee is responsible for ensuring that rules and guidelines are followed in their own work, thereby contributing to effective internal control.

Together, effective internal control and an independent internal audit form a central basis for the good governance of the Toivo Group. They support goal-based management, ensure the company's stability and transparency, and lay the foundation for continuous development and responsible growth.

Internal audit and control

Toivo Group Oyj | Gransinmäki 6 | 02650 Espoo