OTHER ISSUES CONSIDERED – ACCOUNTING FOR THE COST OF CLADDING AND FIRE SAFETY REMEDIATION The Group has provided for the estimated cost of remediating cladding and fire safety on properties where there is either a legal/regulatory requirement to do so or where the Group has a constructive obligation. The Committee reviewed, challenged and agreed the basis on which costs associated with the remediation of cladding and fire safety have been included in the financial statements. The Committee considered the appropriateness of where the estimated cost of remediating cladding and fire safety was provided for, versus where property valuations were adjusted to take account of anticipated future spend on properties, including to remediate cladding and fire safety. The Committee also reviewed, challenged and agreed the extent to which the Group had any legal or constructive obligations in respect of cladding and fire safety remediation. The Committee was comfortable with the process and controls adopted by management around the disclosures, and estimation of costs associated with cladding and fire safety remediation. RISK MANAGEMENT The Group’s risk assessment process and the way in which significant business risks are managed is a key area of focus for the Committee. The Committee assessed the approach to risk taken by the Group’s Executive Committee and senior leadership team. The Executive Committee is responsible for the delivery of the Group’s risk management framework. The Executive Committee and senior leadership team set the objectives for the Group and then assess what risks could prevent the Group from meeting these objectives. This assessment resulted in a number of principal and emerging risks being brought to the Board for a detailed assessment. The Committee considered and approved both the Group’s Risk Management Framework and the Group’s assessment of its principal risks and uncertainties, as set out on pages 52-71. Through these reviews, the Committee considered the risk management procedures within the business and was satisfied that the key Group risks were being appropriately managed. The risk assessment flags the importance of the internal control framework to manage risk and this forms a separate area of review for the Committee. The Board formally reviewed the Group’s principal risks at two meetings during the year. INTERNAL CONTROLS Led by the Group’s risk assessment process, we reviewed the process by which the Group evaluated its control environment. The Board has delegated responsibility to management for establishing effective risk management and maintaining adequate internal controls, although the Board retains oversight responsibility. This structure is fully detailed on page 55. Internal controls are designed to provide reasonable assurance regarding (among other things) the reliability of financial reporting and the preparation of the financial statements for external reporting purposes. A comprehensive strategic planning, budgeting and forecasting process is in place. Periodic financial information and performance insight is reported to the Board. INTERNAL AUDIT The Group used the internal Group Risk & Assurance team for internal audit services throughout the year. The team continued to undertake independent audits in our operations, utilising a framework of Operational Compliance Audits for our properties. The property audits focus on safety and, where there are gaps identified, action plans. The results are shared with our Operations Performance team, so best practice is shared to drive improvements. Also, the team completed four other pieces of internal audit work: • Compliance with Senior Accounting Officer requirements. • A follow-up on the progress of previously agreed management actions relating to internal audits from prior years. • A review of our debt collection process. • A review of estates statutory compliance. • Business continuity in information technology. The team also reviewed the principal risks and material control frameworks in preparation for the upcoming Provision 29 changes in the UK Corporate Governance Code. The Committee noted opportunities to strengthen business continuity planning in information technology, conscious of the wider macro risk environment in relation to cyber security, and following internal audit in the financial year. Opportunities have been identified to strengthen the control environment in this regard, with the Committee pleased to see remediation to provide comprehensive documentation promptly underway. The conclusion of all other audits was that there were no material issues and controls were well designed, but we noted there were some areas of improvement to be made to enhance controls and operational efficiency, which management is in the process of implementing. AUDIT & RISK COMMITTEE continued THE UNITE GROUP PLC Annual Report and Accounts 2025 106 GOVERNANCE