Corporate positions


In office 
ADVISOR Paolo Toto
ADVISOR Valentina Toto
ADVISOR Gianfranco Rapposelli


In office   
CHAIRMAN Giovanni Smargiassi

Società di Revisione: PWC

Organization chart

Based on the traditional model of administration and in line with international best practice standards, TOTO’s governance system is an essential tool to ensure the Group’s efficient management, and at the same time, a means of effective control over company activities, in line with the objectives of creating value to protect the interests of all the stakeholders.

TOTO intends to adopt a governance system based on the principles of integrity and transparency, in line with the provisions of the law. The Company also has a:

  • Statute, which defines the main characteristics of the Company, dictating its corporate purpose, as well as the organisational and operating rules for its correct pursuit. The Statute defines the administration and control model adopted, the basic rules for the appointment, composition and division of tasks of the corporate bodies, as well as the relationships between them. By supplementing the provisions of the law, the Statute outlines in detail the criteria and methods for identifying those individuals who at the highest level contribute, for various reasons, to the management and control of the company. It also describes the rights of shareholders and the procedures for exercising them and may be amended during the Extraordinary Shareholders’ Meeting (as required by the current legislation).


  • Ethical Code, is the guarantee and reliability tool to protect the Group’s assets and reputation. It is based on specific responsibilities and social commitments that, in line with the highest ethical standards, allows to pursue the Group’s mission and objectives, operating in an ethical and socially responsible manner. Honesty, fairness, integrity, transparency, impartiality, confidentiality, respect and protection of the environment, safeguarding health and safety of workers: these are the fundamental values ​​identified by the Ethical Code, around which the Group develops its corporate activities and policies. The Ethical Code is, therefore, a point of reference and a guide for all those who collaborate with TOTO, a tool that the Group is constantly committed to spreading towards its stakeholders (employees, partners, suppliers, consultants…), demanding they know and respect the rules contained therein. The Ethical Code is effective in all TOTO’s construction sites in Italy and in the world, respecting the different cultural, political, social, economic and commercial realities of the countries in which the Group operates.

TOTO’s Governance System is regulated and administered mainly by:

  • BOARD OF DIRECTORS, appointed with the widest powers for the ordinary and extraordinary administration of the Company, it has the right to carry out all the deeds it considers appropriate for the implementation and achievement of the corporate purpose. Furthermore, it has the function of defining the strategic and organizational guidelines of the Company, verifying the supervision necessary for monitoring the performance of the Company and the Group. The Board primarily performs the supervision and approval functions of the strategic, industrial and financial plans, the corporate governance system, and the Group’s structure.


  • BOARD OF AUDITORS, the collective body that supervises the compliance with the law and the Statute, as well as the compliance with the principles of correct administration. It supervises the adequacy of the organizational structure of the Company for the aspects of competence and of the administrative-accounting system, as well as the reliability of the latter in correctly representing the management. With the support of the Board of Directors, the Auditing Company and the Internal Audit Manager, it makes sure there aren’t on behalf of  the Company, any atypical and/or unusual transactions both within the group and with related or third parties.


TOTO’s Internal Control and Risk Management System consists of a set of rules, procedures and organizational structures aimed at allowing, through an appropriate process of identification, measurement, management and monitoring of the main business risks, a healthy, correct and consistent management with the established objectives. The subjects of the Internal Control and Risk Management System supervisors are:

  • The Board of Directors
  • The Chief Executive Officer as director in charge of supervising the functionality of the Internal Control and Risk Management System
  • The Board of Auditors
  • The Legal auditing Firm
  • The Supervisory Body
  • The Internal Audit Manager
  • Responsible for the functions entrusted for ‘second level’ supervision (QSA).

Among the supervisors, in order to constantly monitor the effectiveness of the Control System, the Appointed Director and the Internal Audit Manager play a strategic role.


Director in Charge of the Internal Control System

The Director in charge of the Internal Control System performs the typical functions of verifying the adequacy and efficiency of the system and, in case of any faults, proposes the necessary corrective solutions. In particular, the Director in charge:

  • Supervises the identification of the main corporate risks (strategic, operational, financial and compliance);
  • Carries out the guidelines defined by the Board of Directors, ensuring the management of the internal control system previously planned and implemented, constantly verifying, with the support of the Internal Audit manager the overall adequacy, effectiveness and efficiency;
  • With the support of the Internal Audit manager, he is responsible for adapting the system to the dynamics of the operating conditions and the legislative and regulatory guidelines.

The role of “director in charge of the internal control and risk management system” is entrusted to the Company’s Chief Executive Officer.

Internal Audit Manager

On the 19-04-2017 the creation of the Internal Audit Department of TOTO Costruzioni Generali S.p.A. was formalized, directly under the supervision of the Chief Executive Officer.

The institution in the Company of the Internal Audit has a strategic value and represents a key element in the improvement of the design of the Company’s Internal Control System and Corporate Governance.

Internal Audit conducts a systematic and continuous monitoring activity according to international principles, aimed at:

  • Develop control methodologies and tools to create value;
  • Help the management of each level to improve the quality of information and the management of individual processes;
  • Identify weaknesses in processes and reduce operational risks;
  • Verify compliance with procedures and regulations;
  • Prevent embezzlement.

In this regard, the Internal Audit Manager is responsible for:


  • Operating in compliance with international standards according to an Audit Plan based on a structured risk analysis process;
  • Reporting on its activities (or on events of particular relevance) with evaluations on the suitability of the Internal Control System;
  • Providing the necessary elements to the BoD in order to allow it to express its assessment on the adequacy of the Company’s Internal Control and Risk Management System (also for administrative, accounting, systemic and compliance purposes).

The Internal Audit Manager also works on behalf of the Supervisory Body (Organismo di Vigilanza, operating body in the Company), through a verification activity on the Compliance System pursuant to the Legislative Decree 231/01, designed to maintain the effectiveness of the Organizational Model. In this regard, TOTO has a set of rules, processes and procedures aimed at preventing crimes through the adoption of an appropriate organizational management and control system. Since October 21st, 2011, the Company has adopted an “Organization, Management and Control Model” included in art. 6 of the Legislative Decree no. 231/01, inspired by the guidelines of Confindustria. “TOTO’s Board of Directors, in the meeting session of December 7th, 2018, decided on the new “Organization, Management, Control and Anti-Corruption Model” which was updated with respect to all the types of predicate offences provided for by the Legislative Decree no. 231/01 and applicable to the Company and to the anti-corruption legislation in Italy and abroad .” The use of the Model encourages rigour, transparency and a sense of responsibility in internal relations and with the outside world and, at the same time, offers stakeholders the best guarantees for efficient and correct management through the introduction of procedures to manage any risk situations.


In compliance with the provisions of art. 6, paragraph 1, lett. b) of the decree, the task of continuously monitoring the adequacy and operation of Model 231, as well as updating it, suggesting modifications and additions, has been entrusted to the Company’s Supervisory Body (SB). Three external members are part of TOTO’s SB, one of them appointed as Chairman of the Body, identified among experts and professionals in the sector. All members of the SB are endowed with the necessary requisites of integrity, professionalism, autonomy and independence and perform the functions attributed to them by guaranteeing the necessary continuity of action. The SB is appointed by the Board of Directors of the Company, with a motivated provision that acknowledges the requirements of integrity, professionalism, autonomy and independence. In order to guarantee these requirements, the SB remains in office for a three-year period, regardless of the end of term or possible early dissolution of the Board of Directors that appointed the Body.

Risk Management Model

The Risk Assessment aims at identifying the company’s processes which are exposed to the most significant risk levels and on which to focus the audit activities. In this regard, TOTO launched a Risk Self Assessment in 2017 which, on an annual basis, provides a self-assessment on behalf of the Heads of Seat (Process Owner) both of the inherent risk (based on probability and impact) and the residual risk (the control measures applied) in relation to the processes for which it is responsible.


The Risk Assessment’s function, in addition to representing the homogeneous reference base for all the company’s assurance management, is to ultimately support, through a structured process:

  • The corporate procedural and IT system;
  • Risk Disclosure in the Report on Operations attached to the Balance sheet on the basis of the identified Top Risks;
  • The evaluation and selection of Partners, Clients and Suppliers and the drafting of the related contractual agreements;
  • The Executive Committee in the evaluation phase of a call for tenders/business initiative;
  • The allocation of sums / funds for risks to the Budget rather than to the Balance (i.e. risk assessments / extra-budget opportunities).