The adequacy of business processes to the precepts of the Sarbanes-Oxley Law (SOx) has contributed to the improvement of governance in recent years, aiming to attested authenticity, integrity and transparency of the information used in the elaboration of financial reports.

Actions are periodically carried out to improve the internal controls of the 23 mapped processes, which cover 100% of the operations, whose performance and effectiveness are verified by internal and external audits, minimizing the risks of error, fraud or corruption. [205-1]

In 2018, there was continuity of mitigation actions of remediation plans, which maintained the business and information technology environments at a high level of control. In addition, external training was contracted to empower employees from various areas responsible for SOx processes.

Within this context, the implementation of the Integrated Corporate Risk Management System was maintained, based on internationally recognized methodologies such as the COSO ERM 2017 (Committee of Sponsoring Organizations of the Treadway Commission) and ISO 31000 (International Standardization Organization). The work will be supported by the Compliance Advisory.