The purpose of risk management is to secure the profit development of the Company and the continuation of the business by implementing risk management systematically throughout the different businesses. Risk management is part of the Company’s strategic and operative planning, daily decision-making process and internal control system. In risk management business objectives, risks and risk management operations are combined as one total chain of events.
The Company adheres to the risk management policy approved by the Board of Directors. Risk management contains all actions, which are connected to setting up targets, identification of risks, measurement, review, handling, reporting, follow-up, monitoring and reacting to risks.
In connection with the strategy process and annual planning, the CEO of the Company and the Group subsidiaries review business risks which could prevent or endanger the achievement of the Group’s strategic or profit targets. The subsidiaries produce risk assessments for each business to support the strategy process. Strategic and operative risks are monitored through reporting by the businesses and considered by service area steering groups. The subsidiaries must produce assessments of risks in their own units and provide action plans to manage risks as well as to report on measures taken including the stage and effectiveness of such measures.
The Company’s CEO reports the identified risks concerning the Group as well as all planned and implemented measures to control such risks to the Company’s Board of Directors.