The President/CEO and the Executive Leadership Team

The Board of Directors appoints the President and CEO and the Executive Vice Presidents. The President and CEO is responsible for the management of day-to-day operations and is supported by the Executive Leadership Team (ELT). In addition to the President and CEO, the ELT consists of heads of Group functions, heads of business units and heads of two of Ericsson’s regions. Up until December 21, 2011, the Chief Brand Officer was also part of the ELT.

The role of the ELT is to:

• Establish a strong corporate culture, a long-term vision and Group strategies and policies, all based on objectives stated by the Board
• Determine targets for operational units, allocate resources and monitor unit performance
• Secure operational excellence and realize global synergies through efficient organization of the Group.

Remuneration to the Executive Leadership Team

A remuneration policy including guidelines on remuneration to the ELT was approved by the AGM 2011. For further information on fixed and variable remuneration, see the Remuneration Report and Notes to the Consolidated Financial Statements – Note C28, “Information Regarding Members of the Board of Directors, the Group management and Employees” in the Annual Report.

The Ericsson Group Management System

Ericsson has a global management system, the Ericsson Group Management System (EGMS) to drive corporate culture and to ensure that the business is managed:

• To fulfill the objectives of Ericsson’s major stakeholders (customers, shareholders, employees)
• Within established risk limits and with reliable internal control
• In compliance with relevant applicable laws, listing requirements, governance codes and corporate social responsibilities.

The EGMS is founded on ISO 9001 (International Standard for Quality management system) but is designed as a dynamic governance system, enabling Ericsson to adapt the system to evolving demands and expectations, including new legislation as well as customers’ and other stakeholders’ requirements. The management system is an important foundation and is continuously evaluated and improved.

Certificates are evidence from an independent body verifying that the operations fulfill defined requirements. As the EGMS is a global system, group-wide certificates can be issued by a third party certification body proving that the system is efficient throughout the whole organization. Ericsson has a number of certificates and is currently globally certified to ISO 9001 (Quality) and ISO 14001 (Environment) and is in the process of obtaining global OHSAS 18001 (Health & Safety) certification. Ericsson is also ISO 27001 (information security) certified in selected units.

The EGMS comprises three elements:

• Management and control
• Ericsson business processes
• Organization and resources.

Management and control

Strategy and target setting

Ericsson’s strategy and target setting processes consider the demands and expectations of customers as well as other key stakeholders. The process facilitates the alignment of objectives and their measurement in activities at all levels of the organization.

Ericsson uses balanced scorecards as tools for translating strategic objectives into a set of performance indicators for its operational units. Based on the annual strategy work, these scorecards are updated with targets for each unit for the next year and are communicated throughout the organization.

Group policies and directives

Group-wide policies and directives govern how the organization works and are core elements in managing and controlling Ericsson. The policies and directives include a Code of Business Ethics, a Code of Conduct and accounting and reporting directives to fulfill external reporting requirements and the Sarbanes-Oxley Act. The Group Steering Documents Committee secures that the policies and directives cover relevant issues; that they are aligned and consistent with Group strategies, values and structures; and that they are not in conflict with legal and regulatory requirements.

Ericsson business processes

As a market leader, Ericsson utilizes the competitive advantages that are gained through global scale and has implemented common processes and IT tools across all operational units worldwide. Customer requirements are identified, clarified and formalized in Ericsson Business Processes where requirements transform from theory to reality. Through management and continuous improvement of processes and IT tools, Ericsson reduces costs with efficient and effective process flows and with standardized internal controls and performance indicators.

Organization And resources

Company structure

Ericsson is operated in two dimensions: one operational structure and one legal structure.

The operational structure aligns accountability and authority regardless of country borders and supports the process flow with cross-country operations. There are four business units and ten regions. Group functions coordinate Ericsson’s strategies, operations and resource allocation and define the necessary directives, processes and organization for the effective governance of the Group.

The legal structure is the basis for legal requirements and responsibility as well as for tax and statutory reporting purpose. There are more than 200 legal entities within the Ericsson Group with representation (via legal entities, branch and representative offices) in more than 140 countries.

Risk management

Ericsson’s risk management is integrated with the business and its operational processes, and is a part of the EGMS to ensure accountability, effectiveness, efficiency, business continuity and compliance with corporate governance, legal and other requirements. The Board of Directors is also actively engaged in the Company’s risk management. Risks related to set long-term objectives are discussed and strategies are formally approved by the Board as part of the annual strategy process. Risks related to annual targets for the Company are also reviewed by the Board and then monitored continuously during the year. Certain transactional risks require specific Board approval, e.g. acquisitions, management remuneration, borrowing or customer finance in excess of pre-defined limits.

Strategic and tactical risks

Strategic risks constitute the highest risk to the Company if not managed properly as they could have a long-term impact. Ericsson therefore reviews its long-term objectives, main strategies and business scope on an annual basis and continuously works on its tactics to reach these objectives and to mitigate any risks identified.

In the annual strategy and target setting process, objectives are set for the next five years. Risks and opportunities are assessed and strategies are developed to achieve the objectives. The strategy process in the Company is well established and involves regions, business units and Group functions. The strategy is finally summarized and discussed in a yearly Global Leadership Summit with approximately 250 managers from all parts of the business. By involving all parts of the business in the process, potential risks are identified early and mitigating actions can be incorporated in the strategy and in the annual target process following the finalization of the strategy.

Technology development, industry and market fundamentals and the development of the economy are key components in the evaluation of risks related to Ericsson’s long-term objectives.

The outcome from the strategy process forms the basis for the annual target process which involves regions, business units and Group functions. Risks and opportunities linked to the targets are identified as part of this process together with actions to mitigate the identified risks. Follow-up of targets, risks and mitigating actions are reported and discussed continuously in business unit and region steering groups and are reviewed by the Board of Directors.

The Company has been using the Balanced Scorecard concept to structure its targets, risks and opportunities for many years. For 2011 risks and opportunities were identified and analyzed in the three balanced scorecard perspectives. For more information on risks related to Ericsson’s business, see the chapter “Risk Factors” in the Annual Report.

Operational and financial risks

Operational risks are owned and managed by operational units. Risk management is embedded in various process controls, such as decision tollgates and approvals. Certain cross-process risks are centrally coordinated, such as information security, IT Security, corporate responsibility and business continuity and insurable risks. Financial risk management is governed by a Group policy and carried out by the Treasury and Customer Finance functions, both supervised by the Finance Committee. The policy governs risk exposures related to foreign exchange, liquidity/financing, interest rates, credit risk and market price risk in equity instruments. For further information on financial risk management, see Notes to the Consolidated Financial Statements – Note C14, “Trade Receivables and Customer Finance”, Note C19, “Interest-Bearing Liabilities” and Note C20, “Financial Risk Management and Financial Instruments” in the Annual Report.

Compliance risks

Ericsson has implemented Group policies and directives to ensure compliance with applicable laws and regulations, including a Code of Business Ethics and a Code of Conduct. Risk management is integrated in the Company’s business processes. Policies and controls are implemented to ensure compliance with financial reporting standards and stock market regulations, such as the US Sarbanes-Oxley Act.

Monitoring and audits

Company management monitors the compliance with policies, directives and processes through internal self-assessment within all units. This is complemented by internal and external audits. External financial audits are performed by PwC, and ISO/management system audits by Det Norske Veritas, DNV and Intertek. Internal audits are performed by the company’s internal audit function which reports to the Audit Committee. Audits of suppliers are also conducted in order to secure compliance with agreed key performance indicators and Ericsson’s Code of Conduct which is mandatory for suppliers to the Ericsson Group.

Risk mitigation

Significant activities ongoing in order to mitigate risks are:

• Establish flexibility to cost-effectively accomodate for fluctuations in demand
• Conduct regular Supplier Code of Conduct audits
• Efficient business continuity management
• Corporate governance training as needed
• Continuous monitoring of information systems to guard against data breaches.