Assystem - 2018 Register document

RISK GOVERNANCE AND MANAGEMENT RISK GOVERNANCE AND MANAGEMENT

the Group as a whole, such as investments, cash management, the monitoring of trade receivables, etc., are dealt with in a consistent manner. Lastly, subsidiaries are responsible for setting up and maintaining management information systems that are compatible with the Group’s objectives in terms of reporting financial information and managing projects. At this stage, the Group has not opted to implement a shared management information system for all of its subsidiaries. It does, however, take care to ensure that the descriptions and content of its key performance indicators are harmonised for comparable activities in order to enable cross-business analyses (in particular project profitability analyses) to be carried out based on the same data, and to facilitate the exchange of skills between business units and countries. 2.1.2.3 Identifying, analysing and managing risks The Group attaches critical importance to effectively managing its risks. It regularly conducts project reviews to help identify the risks involved in ongoing projects and to decide on any actions to be taken to reduce them. These reviews – which mainly relate to fixed-fee projects – are carried out using check-lists and enable the following areas to be dealt with: ● recognition of revenue in line with the financial progress of the contract;

● margin on completion;

● contractual risks and related reserves and provisions;

● cash flows. Each business unit also carries out their own project reviews, which cover the main projects in progress. The assessment of the risks to which the Group is exposed as well as the probability of these risks occurring and their potential impacts is based on discussions carried out between the Group’s executive management team and managers from its principal operations and corporate departments. On the basis of these discussions, risks are classified into the following main categories (see Section 2.1.4 below for corruption risks):

2

business/operations;

● contract and project management; ● HR/people and skills management;

● finance. For each of the above categories, the main risks have been identified, defined and assessed in terms of their impact and probability of occurrence. The criteria used to assess the impact of identified risks and the probability of their occurrence are described below.

IMPACT For risks whose consequences can be measured in monetary terms, their impact on consolidated operating profit is determined in accordance with the following scale.

Magnitude

Monetary impact on operating profit

Very low

Less than €0.5m

Low

Between €0.5m and €1m Between €1m and €2m Between €2m and €5m

Medium

High

Very high

Over €5m

PROBABILITY The probability of risks occurring is measured by reference to the past occurrence of comparable and/or similar events, according to the following scale:

Extent

Occurrence of comparable and/or similar events in the past

Improbable (less than 5%)

Never occurred in the past 5 years

Unlikely (between 5% and 15%)

Occurred once or twice in the past 5 years

Possible (between 15% and 30%)

Occurred once a year in the past 5 years

Very possible (between 30% and 90%)

Occurred more than once a year in the past 5 years

Certain (over 90%)

The risk is the result of non-compliance

action plan is in place and that the resulting measures taken effectively reduce the level of risk; ● high probability/low to medium impact: risks requiring that the Board of Directors is regularly informed in order to provide it with a reasonable assurance of the proper functioning of controls aimed at reducing the possibility of the risks occurring;

The various risks thus assessed are positioned on two axes (impact and probability), which is then used to rank them as follows: ● high probability/significant impact: priority risks which require attention and monitoring by the Board of Directors. These risks are placed under the direct responsibility of one or more members of the Board of Directors, who are tasked with ensuring that a related

23

ASSYSTEM

REGISTRATION DOCUMENT 2018

Made with FlippingBook - Online Brochure Maker