ber
2003 by the International Auditing and Assurance Standards Board (IAASB).
We planned and performed our evidencegathering procedures to obtain a basis for
our conclusions in accordance to the International Standard on Assurance Engagements
(ISAE) 3000 “Assurance Engage-ments other than Audits or Reviews of Historical
Information”, approved December 2003 by the IAASB. However, we have not performed
an audit according to International Standards on Auditing. Accordingly, we do
not express such an opinion. The scope of our evidence-gathering
procedures was to: | •
| Observe the existence of internal
management processes which ensure the implementation of the CC Policy, the Code
of Conduct, the Business Practice Office (BPO) misconduct reporting, the Third
Party Management (3PM) initiative and the marketing practices across the Group; | | •
| Test the effectiveness of the
internal reporting system used to collect HSE information from Group subsidiaries; | | •
| Observe compliance with the
Group internal HSE reporting guidelines at selected sites; and | | •
| Perform, on a sample basis,
certain procedures on the 2005 CC and HSE key figures. |
Our evidence-gathering procedures included the following work: | •
| Interviewing personnel respon-sible
for CC management at Group level; | | •
| Visiting the Pharma, Sandoz,
Consumer Health and Ciba Vision business unit global headquarters, selected country |
|
| | | and
business unit headquarters and specific sites in Argentina, India, Switzerland,
Turkey, the United Kingdom and the United States; | | •
| Interviewing the personnel responsible
for CC management, including CC reporting and key figures, Code of Conduct training,
the 3PM imple-mentation, the Compliance reporting, and marketing practices in
the different headquarters where our visits took place; | | •
| Performing tests on a sample
basis of evidence supporting selected HSE parameters with regard to the reported
data aggregation from the selected sites to Group level; and | | •
| Reading and performing tests
on a sample basis of the relevant documentation including Group policies, management
and re-porting structures, documen-tation and systems in place to collect, analyze
and aggregate reported CC and HSE key figures. |
In
our opinion and based both on our work described in this Report and the principles
detailed in paragraph 2 of this Assurance Report, nothing has come to our attention
that causes us not to believe that: | • | The
Group level internal management processes intended to implement the CC policy,
the Code of Conduct, the BPO misconduct reporting, the 3PM initiative and the
marketing practices are functioning as designed; | | • | The
internal reporting system for the collection, analysis and aggregation of the
reported HSE key figures is functioning as designed; | | • | The
Group internal HSE reporting guidelines have been applied properly; or | | • | The
reported 2005 CC and HSE key figures |
|
| | | figures
from the sites and reporting units do give, in all material respects, a fair picture
of the CC and HSE performance. |
From our work,
we have provided the following recommendations to the management, which have been
agreed: | •
| Consider clarifying, simplifying
and streamlining the CC organization: reasses the value and purpose of having
numerous CC related roles and evaluate the need for more focused CC leadership
at key levels within the organization. | | •
| Clearly define the definitions
of the questions and terms used in the CC reporting and realize a focused communication
to the reporting units to ensure a clear and consistent understanding. | | •
| Strengthen the HSE reporting
control environment at site level through the application of existing tools that
facilitate plausibility checks, cross-checks and trend analyses and ensure that
site level HSE reporting procedures and controls are adequately documented. |
PricewaterhouseCoopers
AG 
Dr.
Thomas Scheiwiller
Thomas
Frei
Basel, January 18, 2006 |
|
