Business Controls
Syncrude’s Management Framework – Syncrude’s Framework of Management Control is a system that ensures our business and operations are properly governed and managed, and comply with all regulatory requirements. The Framework of Management Control is supported by our Corporate Policies, Delegation of Authority Guidelines, and three management systems.
Corporate Policies
Syncrude’s policies, policy applications and programs provide direction to employees on issues that have broad organizational impact. Corporate policies are intended to ensure consistent and fair management and leadership practices across our entire operation. Policies fall into the following broad categories:
- Business Purpose, Core Values and Principles
- Code of Ethics and Business Conduct
- Safe and Reliable Performance
- Human Resources
- Services
Management Systems – Three key management systems ensure Syncrude maximizes its potential, while minimizing risk, throughout the organization. These include our Environment, Health and Safety Management System, Maintenance and Operations Reliability Management System, and Controls Integrity Management System. Each provides a framework for decision making, managing risk, and protecting our assets.
Environment, Health and Safety
This system comprises our approach to excellence in environment, health and safety. It consists of 10 management elements that are focused on continuous improvement and are fully integrated into all business functions. This integrated and proactive approach to managing and minimizing risk ensures that we assess our risks, implement appropriate controls, and manage our monitoring activities appropriately.
Reliability
Currently, each Syncrude department manages the maintenance and reliability of their equipment. Syncrude has future plans to implement a comprehensive corporate maintenance and reliability program to further enhance these efforts.
Controls Integrity
Syncrude’s new Controls Integrity Management System (CIMS) was largely implemented at the end of 2006, following 18 months of development work.
The system provides a structured approach to assessing financial and business control risks, establishing procedures for mitigating identified risks, monitoring compliance with standards and reporting on these subjects to management.
Consisting of six management elements and 11 business process elements, CIMS enhances Syncrude’s controls systems, providing a solid foundation that supports the achievement of Syncrude’s business goals, greater efficiencies and cost savings, and compliance with all regulatory requirements.
During 2006, work was completed on the design and implementation of control catalogues for both broad corporate and departmental controls. Comprehensive self-assessments were completed in all areas of the organization during the third quarter to ensure the controls were in place and achieving desired results. Control gaps were identified and actions are underway to address these gaps in 2007.
Significant security upgrades were also undertaken to ensure the integrity of our information systems and site access. This included the implementation of a new card access security system for all Syncrude sites and facilities.
Ongoing responsibility for business controls is now being transferred to a Business Controls sustainment group. Throughout 2007 this group will work to further improve and streamline controls systems and complete targeted training. The group will also assist business units in controls sustainment and gap closure.
Internal Control over Financial Reporting – Syncrude maintains an internal control system that includes specific controls to address financial reporting. These controls are commonly referred to as Internal Control over Financial Reporting (ICOFR). Syncrude’s management is responsible for the design and the evaluation of ICOFR. Through the Business Controls efforts undertaken over the last 18 months, a comprehensive ICOFR environment was developed for Syncrude.
In 2006, Syncrude’s Joint Venture participants requested an assessment from Syncrude management on the adequacy and effectiveness of its ICOFR and also requested an independent opinion from external auditors on management’s assessment. Both concluded that Syncrude’s ICOFR is appropriate.