Sopra Steria - 2019 Universal registration document


Risk management

internal control and risk management system stakeholders

Board of Directors / Audit Committee

Executive Management

1 st line of control

2 nd line of control

3 rd line of control

External Audit

Operational Management All entities All geographies All activities

Departments Finance Industrial Human Resources Legal Sustainable Development and Corporate Responsibility Internal Control

Internal Audit

Identification of the Group’s main risks

Apart from the risks associated with the Covid-19 pandemic described on page 37 of this document, Sopra Steria’s main risk factors are presented below. They are listed initially in order of importance by each category of risk, with regard to their probability of occurrence and the magnitude of their potential adverse impact, for each category of risk in the following summary table.

Main risks related to strategy and market developments •  Adaptation to market developments and digital transformation •  Loss of a major client or contract •  Impact of Brexit

Main risks related to regulatory requirements

•  Non-compliance, breaches of ethics per SNFP* •  Risks associated with retirement benefit obligations

Main risks related to operational activities •  Difficulties in attracting, developing or retaining talent and/or loss of personnel in key roles per SNFP* •  Loss, corruption or unauthorised disclosure of data •  Performance deficiency in the management of client projects (during the pre-sales or production phases) •  Unavailability of IT services and infrastructure and/‌or interruption of activities at sites

The aims of the internal control system and the risk management policies put in place by the Group are to reduce the probability of occurrence of these main risks as well as their potential impact on the Group. The Risk factors and internal control chapter of this document includes a detailed description of each of these risks, including the ways in which they are addressed by the Group’s risk management policies.

*SNFP: Statement of Non-Financial Performance This risk also relates to the anticipated regulatory changes provided for in Articles L.225-102-1 III and R.225-105 of the French Commercial Code concerning the Statement of Non-Financial Performance

See Chapter 2 for more information



Made with FlippingBook - Online catalogs