Sopra Steria - 2020 Universal registration document

First page Table of contents Previous page 12 Next page Last page

INTEGRATED PRESENTATION OF SOPRA STERIA RISK MANAGEMENT

Risk Management

Participants in internal control and risk management

Board of Directors / Audit Committee

External audit

Executive Management

1st line of control

2nd line of control

3rd line of control

Operational management All entities All geographies All business activities

Operational management Financial Industrial Human Resources Legal Sustainable Development & Corporate Responsibility Internal Control

Internal Audit

Identification of the Group’s main risks

The most significant risks specific to Sopra Steria are set out below by category and in decreasing order of criticality (based on the crossover between probability of occurrence and the estimated extent of their impact), taking account of mitigation measures implemented. This presentation of net risks is not intended to show all Sopra Steria’s risks.

The table below shows the results of this assessment in terms of net importance on a scale of three levels, from least important (+) to most important (+++).

Risks related to strategy and external factors

Materiality

+++

• Adaptation of services to digital transformation, innovation • Significant reduction in client/vertical activity • Acquisitions • Attacks on reputation

The internal control system and risk management policies implemented by the Group aim to lower the probability of occurrence of these main risk factors and their potential impact on the Group. Each of these risk management policies is laid down in detail in the “Risk factors and internal control chapter” of this document.

++ ++ ++

Risks related to operational activities

+++ +++

• Cyberattacks, systems security, data protection • Extreme events and response to major crises • Marketing and execution of managed/operated projects and services

+

Risks related to human resources

++

• Development of skills and managerial practises - SNFP * • Attracting and retaining employees - SNFP *

+

Risks related to regulatory requirements

+

• Compliance with regulations - SNFP *

* SNFP This risk also relates to concerns addressed by the regulatory changes set out in Articles L. 225-102-1 III and R. 225-105 of the French Commercial Code, which cover the Company’s Statement of Non-Financial Performance

See Chapter 2 for more information

12

SOPRA STERIA UNIVERSAL REGISTRATION DOCUMENT 2020

Made with FlippingBook - Online catalogs