Risk Management is a constant and evolving process, which continuously covers all Company activities and contributes to its safe and efficient operation.
Risk Management is carried out by the Risk Manager and mainly aims at monitoring and improving the Company’s operations and policies on Risk Management, adopting a systematic and disciplined approach for identifying, recording, assessing and managing risks.
The Risk Manager reports to the Company’s Managing Director and his work is supervised by the Audit Committee. He can be an exclusive full time employee, with suitable and relative professional experience for carrying out his duties, or this service can be assigned to third parties.
The risks faced by the Company and its operations may result from inner and outer factors.
The term “Risk” means an unforeseen event that can lead to Company damage, including lost opportunities, resulting from lack of action. The concept of risk includes risks both inside and outside the Company, namely those that can be properly foreseen and addressed by the management (inner risks), as well as those not totally under its control (outer risks).
Business risks are classified depending on how important their impact can be on the Company, as long as they occur and, on the other hand, how likely they are to occur, and they are shown on a relative heat map.
Risk management is monitored through a recorded Risk Management Action Plan, the implementation of which is periodically checked, and the progress of implementation monitored based on the documentation of the actions carried out by the competent parties.
The Company manages all types of risk integrated in its activities, in compliance with the applicable Legal Framework, and classified in risk categories such as those analyzed in the Company’s Risk Management Policy.
The Company can also specify an acceptable level of risk undertaking, where it undertakes the risk and does not proceed to actions for its management. The definition of an acceptable level is usually determined at the level where the cost of management actions exceeds the potential benefit from risk management, or the estimated damage.