1 minute read
RISK ASSESSMENT CRITERIA
The Group’s Risk Impact and Likelihood Scale
The Group’s Residual Risk Score
Risk Culture And Governance
Core to a risk intelligent enterprise is the element of Risk Culture. The Group believes in fostering a positive risk culture. One that approaches risks holistically and embodies risk management practices in its symbols, management systems, and behavioural norms. Risk culture is representative of the mindset, awareness, attitudes, and behaviours of the Group’s employees toward risk. It also influences the way risk is managed and therefore is an indicator of the effectiveness of the risk management policies and practices. It is important that it sets a standard for making the right risk related decisions and exhibits appropriate risk management behaviours. One that escalates risk and doesn’t reward reckless corner-cutting. Positive risk management behaviour is rewarded and recognized publicly through the Group’s performance management and innovation processes.
Key characteristics of a Risk Intelligent Culture:
• Same purpose, values, and ethics meaning people’s individual interests, values, and ethics are aligned with those of the Group's risk strategy, appetite, tolerance, and approach.
• Consistent application of risk management is considered in all activities, from strategic planning to day-to-day operations, in every area of the Group
• The Group embeds a learning organisation and continuous process improvement approach.
• Open, transparent, relevant and honest communications where people are comfortable speaking frankly about risk using a common risk vocabulary that promotes shared understanding.
• There are risk champions and risk coordinators that understand the value of effective risk management and promote and articulate the benefits it brings to the Group.
• There is individual and collective responsibility for the identification and management of risk. The Parent Board of Directors must set the tone at the top but senior management and other identified individuals are responsible for driving the risk culture through initiatives and processes. Feedback loops should be active and become a funnel for further risk identification, ideation of detective / preventative controls and collation of lessons learnt.
• There is a balanced and unbiased view of both attributes of risk, threat and opportunity.
• Precise articulation of desirable and undesirable behaviour that is reflected in employee performance management systems.
