Assystem - Registration Document 2016

8

REPORTS OF THE BOARD OF DIRECTORS

REPORT BY THE CHAIRMAN OF THE BOARD OF DIRECTORS

carried out using check-lists and enable the following areas to be dealt with: ● recognition of revenue in line with the financial progress of the contract;

finance;

●

● legal and fiscal compliance; ● results and performance;

● image and reputation. For each of the above categories, the main risks have been identified, defined and assessed in terms of their impact and probability of occurrence. The criteria used to assess the impact of identified risks and the probability of their occurrence are described below. Impact For risks whose consequences can be measured in monetary terms, their impact on consolidated operating profit is determined in accordance with the following scale.

● margin on completion;

● contractual risks and related reserves and provisions;

● cash flows. Each business unit also carries out monthly project reviews, which cover the vast majority of ongoing projects. The executive management team, the Operations Departments and the Human Resources Departments are responsible for assessing employee- related risks. These risks mainly stem from the high levels of staff turnover that are a characteristic feature of the engineering and consultancy industries. A member of the executive management team is in charge of developing human resources within the Group. Working closely with all the relevant parties, he defines the key aspects of the Group’s human resources policy and the main priorities of annual recruitment campaigns. The various human resources teams also work closely together in order to effectively manage the risks relating to periods between contracts and the transfer of skills from one sector to another. Because the Group has a diversified client base and works in different business sectors it is able to satisfactorily balance the risks relating to the markets in which it operates. The executive management team meets regularly to discuss any actual or potential changes in the Group’s economic and commercial environment and determine any measures that need to be put in place as a result of such changes. Management and operational IT systems are vital for the Group to carry out its activities In order to effectively deal with the risks relating to these systems, the Group has established a series of procedures intended to guarantee the security of systems and information as well as data integrity and the continuity of operations. These key procedures include a business continuity plan. The risk mapping procedure implemented by the Group covers the different categories of major risks to which the Group is exposed and measures these risks in terms of impact and vulnerability ( i.e. net exposure to risks after taking existing controls and risk reduction measures into account). Assystem has opted for a “top-down” approach to allow the Group’s management to obtain an overall view of the risks to which the Group is exposed. This overall view emerges as a result of discussions with members of the executive management team and with Assystem’s key operations and corporate support managers. The discussions are based on an inventory of the main risk factors and an assessment of their potential impact and probability of occurrence, and they cover the following main themes:

Magnitude

Monetary impact on operating profit

Very low

Less than €1m

Low

Between €1m and €3m Between €3m and €5m Between €5m and €8m

Medium

High

Very high

Over €8m

The consequences of risks that affect the Group’s image and reputation cannot be measured in monetary terms and are therefore assessed based on potential fallout in terms of media coverage and/or crisis management.

Non-monetary impact in terms of media coverage and/or crisis management

Magnitude

Very low

No specific media coverage

Local media coverage; crisis unit limited to local managers

Low

Regional media coverage; crisis unit involving local managers and BU/divisional directors National media coverage; crisis unit involving the Group’s management bodies International media coverage; crisis unit involving the Group’s management bodies and direct referral to the Board of Directors

Medium

High

Very high

Probability The probability of risks occurring is measured by reference to the past occurrence of comparable and/or similar events, according to the following scale:

Occurrence of comparable/similar events in the past Never occurred in the past 5 years

Extent

Improbable (less than 5%)

Occurred once or twice in the past 5 years Occurred once a year in the past 5 years

Unlikely (between 5% and 15%)

business/operations;

Possible (between 15% and 30%)

●

Occurred more than once a year in the past 5 years The risk is the result of non-compliance

● contract and project management; ● HR/people and skills management;

Very possible (between 30% and 90%)

Certain (over 90%)

170

ASSYSTEM

REGISTRATION DOCUMENT 2016