Enterprise Risk Management
Risk Management is the identification, assessment and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. Risks can come from uncertainty in financial markets, project failures (at any phase in design, development, production, or sustainment life-cycles), legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attack from an adversary, or events of uncertain or unpredictable root-cause.
The strategies to manage risk typically include transferring the risk to another party, avoiding the risk, reducing the negative effect or probability of the risk, or even accepting some or all of the potential or actual consequences of a particular risk. Certain aspects of many of the risk management standards have come under criticism for having no measurable improvement on risk, whether the confidence in estimates and decisions seem to increase.
Risk Management Structure
Board of Directors
The BOD is mainly responsible for the overall risk management approach and for the approval of risk strategies and principles of the Group. It has also the overall responsibility for the development of risk strategies, principles, frameworks, policies and limits. It establishes a forum of discussion of the Group’s approach to risk issues in order to make relevant decisions.
Risk Management Committee
Risk management committee is responsible for the comprehensive monitoring, evaluating and analyzing of the Group’s risks in line with the policies and limits set by the BOD.
The Group’s management reviews and approves policies for managing each of these risks as often as possible or yearly.
RISK POLICY AND CONTROL SET UP
Give a general description of the company’s risk management policy, setting out and assessing the risk/s covered by the system (ranked according to priority), along with the objective behind the policy for each kind of risk:
The Company recognizes the importance of managing risk in the business to sustain growth.
The purpose of this policy is to ensure that:
(i) appropriate systems are in place to identify the material risks facing the Company;
(ii) the potential financial impact of identified risks is ascertained;
(iii) appropriate controls and strategies are adopted to manage exposure to those risks;
(iv) appropriate responsibilities are delegated to control identified risks effectively;
(v) any material changes to the Company’s risk profile are disclosed in accordance with the Company’s continuous disclosure policy.