Strategic Report
Risk Management
Embedding risk culture across the Group The Group Board owns the Risk Management process and ensures the risk management processes are embedded and working effectively across the Group. They also have a good understanding of the significant risks facing the Group, and consider the risk implications of the Board’s decisions. The Executive Directors are responsible to the Board for overseeing the risk management of the entire Group and they meet quarterly to discuss the risk activities within the Group to ensure that the risk culture is becoming firmly
• Production downtime • Information security • Employee morale • Management time The output from these assessments are aggregated into the ten principal risks affecting the Group, which are set out within the Statement of Principal Risks. As we continue to evolve the processes and functions we will seek to enhance and improve the process, and produce information in a more intuitive manner. Key business risks are currently identified as follows:
Principal Risks Critical
We review and measure our strategic risks determining both the likelihood and impact of key risks to business, using a wide range of measurements beyond the core financial measurement, to ensure a wide range of factors are considered as part of the assessment of risk. We concentrate on the residual risk and proportionate actions that could be taken to manage the identified risks.
• Damage to reputation
The individual entities management teams are responsible for defining and embedding the risk culture into their own operating businesses. They are also responsible for ensuring they understand the risks affecting their businesses and for ensuring their employees are suitably empowered to both identify and deal with these risks appropriately. They are also responsible for creating a culture that allows for an openness to allow wide ranging and difficult discussion to be had over the risks the businesses may face.
Major
The Group continues to embed its risk management process across all our businesses, to ensure that there is a good understanding of all the potential upside and downside of all the key factors that may affect both the individual businesses and the Group as a whole. This is to help the Group to ensure that it has suitable decision making, supported by the requisite control and processes to enable the business to achieve its strategic objectives.
• Damage to the financial performance of the business
Empowering our businesses to enhance their risk management frameworks
1
9 7
Moderate
Continuous improvement in risk management practices
We consider a wide range of factors within risk management process both from a macro strategic point of view through to operational risks assessed within each business. We assess each risk identified for both likelihood and impact against a wide range of measures, including:
The Audit Committee is responsible for overseeing there is an effective risk management process in place and reporting to the Board over its views on its adequacy.
Minor
Risk and the management of risk are fundamental to the success of our business. We encourage our teams to take risks to ensure the continued growth of the business, however the risk and choice of mitigation should be commensurate to the return envisaged. All our employees are responsible for taking an active part in appropriately assessing and managing risk, as well as highlighting crystallising risks within our businesses.
Insignificant
Risk Management philosophy
Assessment of risk
embedded across all our businesses. They review the individual business entities and the core Group activities to ensure these teams are managing their risks effectively. They also ensure that they consider risk and implications within their own decision making.
Impact
Improving Risk Management to enhance stability and growth within the business
2 Key to table 1 Strategic 2 Financial 3 People 4 Product design 5 Business continuity Rare
4
5
6 7 8 9 10
Unlikely
6
8
10
3
IT systems and cyber security Regulatory & compliance Economic & political instability Safety Pandemic Credible
Likelihood
Likely
Almost Certain
Lucy Group Ltd
21
