Risk Management Policy

Similar documents
TASSAL GROUP LIMITED ABN Procedures for the Oversight and Management of Material Business Risks. (Approved by the Board 28 May 2015)

RISK INFORMATION CHURCHES CHURCH RISK MANAGEMENT

Enterprise Risk Management Focusing on the Right Risks

Park Square Capital, LLP (the Firm, Park Square ) Remuneration Policy Statement

CYBG PLC BOARD REMUNERATION COMMITTEE. Charter

EXECUTIVE SUMMARY INTERNAL AUDIT REPORT. IOM Kingston JM JULY 2017

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd

Corporate Governance Charter

School Business Manager

Risk and Audit Committee charter

AUDIT & RISK COMMITTEE CHARTER

[AGENCY NAME] Mandate and Roles Document. (Pure Advisory Committees)

Audit and Risk Management Committee Charter

RISK MANAGEMENT POLICY AND PROCEDURE

TERMS OF REFERENCE FOR THE PROVISION OF OUTSOURCED INTERNAL AUDIT SERVICE

Human Resources & Remuneration Committee Charter. Bank of Queensland

AUDIT, RISK MANAGEMENT AND COMPLIANCE COMMITTEE CHARTER

AUDIT and ASSURANCE COMMITTEE TERMS OF REFERENCE

Board Performance Review & Renewal Policy

Local Code Of Corporate Governance

Audit & Risk Committee Charter

Active Sussex. Trustee Recruitment Pack

Sempra Energy Environmental, Health, Safety and Technology Committee Charter

MiFID Supervisory Briefing Suitability

Independent Director and Audit Committee

Terms of Reference - Board of Directors (approved by the Board on 12 April 2018)

Audit Committee Charter

Sirtex Medical Limited Senior Executive Short Term Incentive Policy and Procedure

NCTJ Conflicts of Interest Policy and Procedures

CHARTER OF RESERVES, HEALTH, SAFETY, ENVIRONMENT AND SOCIAL RESPONSIBILITY COMMITTEE 2018

Risk Management and Assessment Policy and Procedure

Powerlink - Corporate Entertainment & Hospitality - Policy

THE CLOROX COMPANY AUDIT COMMITTEE CHARTER. [Effective May 8, 2017]

Are you ready for the FUTURE of your Quality Management system?

TERMS OF REFERENCE. Audit and Risk Committee (the "Committee") of Wilmcote Holdings Plc (the "Company")

Chapter 17. Environmental and Social Management System and Environmental and Social Management Plan

Work Instruction. for Change Management. Work Instruction Administrator John Doe Chief Corporeal Officer ACME

Guidelines and Recommendations Guidelines on periodic information to be submitted to ESMA by Credit Rating Agencies

PROJECT CHARTER PLAN VERSION: 1A (DRAFT) <DD-MM-YY> <SECTION NAME>

Approval Process and Arrangements for University Consultancy Work

TASSAL GROUP LIMITED ABN

EXECUTIVE SUMMARY INTERNAL AUDIT REPORT. IOM Mogadishu SO November 7 December 2018

The Committee is specifically charged with the following duties and responsibilities:

GHD Pty Ltd. Standard Operating Procedure - HSE SAFEguards HSE359

Huntington Bancshares Incorporated

HUMAN RESOURCES AND COMPENSATION COMMITTEE CHARTER

AUDIT COMMITTEE CHARTER

External auditor appointment and independence

National Management Group

Copiague Chamber of Commerce

Internal Control Requirements for Adopting New Accounting Standards

International Standard on Auditing (Ireland) 265. Communicating Deficiencies in Internal Control to Those Charged with Governance and Management

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF ON DECK CAPITAL, INC.

PSNC Briefing on the NHS Complaints procedure (from 1 April 2009)

Detailed Capital Disclosures Template (APS 330 Attachment A)

Handling Complaints at Lloyd s: Guidance for managing agents and their representatives

Health, Safety and Environment Committee Charter

Chapter 1. Introduction and Overview of Audit & Assurance

1 st Floor, Building 32 The Woodlands Office Park Woodlands Drive, Woodmead 2148, Johannesburg, South Africa

*** A DRAFT starting point *** South Central Fresno Community Steering Committee Charter

Engineering IT Application Development Governance Workflow

Group Securities Trading Policy

Corporate Governance Principles

Information concerning the constitution, goals and functions of the agency, including 1 :

Safeguards Phase 2 Section 600/Non-assurance Services (NAS) Part 4A International Independence Standards for Audits and Reviews

CONSTRUCTSAFE TIER 3 COMPETENCY FRAMEWORK

CITIGROUP INC. AUDIT COMMITTEE CHARTER As of January 18, 2018

HSBC USA INC. HSBC BANK USA, N.A. CHARTER OF THE COMPLIANCE COMMITTEE

GENERAL MOTORS COMPANY AUDIT COMMITTEE CHARTER. Amended and Restated: December 13, 2017

Board Committee Charters

Guidelines for submission to the NSW Population and Health Services Research Ethics Committee. Version June 2015

Flexible Working Policy

NANOSTRING TECHNOLOGIES, INC. COMPENSATION COMMITTEE CHARTER. (Adopted as of October 16, 2012 and amended as of April 26, 2017)

CORPORATE GOVERNANCE POLICY

VIVINT SOLAR, INC. COMPENSATION COMMITTEE CHARTER. (Adopted as of May 9, 2014)

SUMMARY FOR THIRD PARTY SUPPLIERS

BERMUDA MONETARY AUTHORITY

Detailed Capital Disclosures Template (APS 330 Attachment A)

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF PLURALSIGHT, INC. Adopted May 3, 2018

International Standard on Auditing (UK) 265

APPLIED INDUSTRIAL TECHNOLOGIES, INC. EXECUTIVE ORGANIZATION & COMPENSATION COMMITTEE CHARTER

Critical Incident Policy

Audit Committee Charter

AUDIT & RISK COMMITTEE (ARC)

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF DROPBOX, INC.

Quality Management_300_Quality Proccess Audit Procedure

Understanding Self Managed Superannuation Funds

Employee Hardship Assistance Policy

Nominations and Remuneration Committee Terms of Reference

Nova Scotia Power Integrated Resource Plan Terms of Reference

Academic and Administrative and Other Related Staff Annual Review

Work Health and Safety Performance Measurement and Reporting

UCEA/ECU Age Discrimination Working Group Guidance. Age Discrimination Legislation Guidance Note 1: Pay and Benefits A UCEA Publication

Disciplinary Policy. WHO is this policy for?

Agenda item Data Quality Group. Terms of Reference and Operating Arrangements

BOARD OF DIRECTORS. Trust Quality Governance Structure Review

REA Space Unit guidelines for Individual Evaluation Report Coordination & support actions. DT-SPACE-07-BIZ-2018: Space hubs for Copernicus

UNITED NATIONS OFFICE FOR PROJECT SERVICES (UNOPS) IN CAMBODIA (PRINCIPAL RECIPIENT) INTERNAL AUDIT REPORT. 14 July 2017

2015 Withholding Tax Guidance Note

Responsible Investment Policy

Transcription:

Risk Management Plicy 1. Purpse The purpse f this plicy is t prvide clear guidelines fr the management f risk. Risk is defined as the effect f uncertainty n bjectives. 1 Risk Management is the discipline f: identifying and assessing risk designing and implementing a risk mitigatin plan actins t avid, reduce, share r accept risk mnitring risk within acceptable appetite levels. The Bard requires that apprpriate Risk Management prcedures are in place and in use t identify the principal risks f the business and that apprpriate systems are implemented t manage these risks. 2. Scpe The plicy frms a part f POAL s gvernance plicies. The plicy applies t all cmpanies in the POAL grup and cvers all aspects f Risk Management. 3. Plicy All staff are required t apply the methdlgies and prcesses established in this dcument in rder t: Prvide assurance that risks are being: Identified and effectively cntrlled where they arise in the rganisatin; and Escalated thrugh the line management reprting structure t a level where they can be either effectively cntrlled r accepted Allw POAL t recgnise, priritise and respnd t risks arising frm change; and Optimise allcatin f resurces t risk management. 4. Risk Management Framewrk 4.1 Risk Ownership Every emplyee has a duty fr the management f risks in the area in which they wrk. When staff take up new rles their line manager has a respnsibility t instruct them n the risks they face, the 1 Definitin frm ISO 31000 Prts f Auckland I Risk Management Plicy 1

cntrls they are respnsible fr and any treatments they must actin. Specific risk respnsibilities are listed in sectin 4. 4.2 Risk Appetite Risk appetite is the amunt and type f risk that the business is willing t pursue r retain - because an acceptance f a level f risk is necessary t achieve business bjectives. The Bard is respnsible fr determining POAL s risk appetite. The Bard must be made aware f risks that may have a critical cnsequence (e.g. lss f life r serius injury, cessatin f prt peratins fr an extended perid, significant envirnmental damage, significant reputatinal damage, and material financial lss) in rder t prvide guidance n what level f risk is acceptable. Refer t Appendix 2 fr the Risk Appetite Table. This table infrms the quantitative and qualitative measures fr risk evaluatin. 4.3 Risk Identificatin & Assessment Awareness f risk is an nging, daily activity fr every member f staff r cntractr that extends beynd their immediate wrk envirnment. Everyne needs t be mindful f the risks they encunter and pint ut risks t thers that may nt be bvius. At least annually each business unit must review their internal and external envirnment t identify new risks that their business unit faces. During annual planning each business unit must identify risks that are material t the achievement f their bjectives and incrprate risk mitigatin strategies int their plans. Treatment wners and target dates fr cmpletin must be agreed and incrprated int individual and team KPI s. Sufficient capital and peratinal budget must be requested t cver the cst f treatment plans. Befre decisins are made the risks f each ptential curse f actin must be identified and assessed and used as an input int the decisin making prcess. Internal incidents and relevant external events must be reviewed in a timely manner t determine whether they identify new risks r impact n previusly identified risks. Business units are respnsible fr assessing their wn risks by using the POAL Risk Matrix (attached as Appendix 1). 4.4 Risk Mitigatin Risk mitigatins include cntrls (prcedures r plicies that prvide assurance) and treatments (planned actins t lwer risk). Each cntrl shuld have a cntrl wner and, where reasnably pssible, a plan fr checking the effectiveness f the cntrl. Each treatment shuld have a treatment wner and an agreed target date fr cmpletin f the treatment. Risk wners remain accuntable fr the effectiveness f cntrls and the successful implementatin f treatments. The residual risk is the risk which remains after all the risk mitigatins are in place and is therefre the risk that the business is making a decisin t accept. It is imprtant that this decisin is made at an apprpriate level (as specified in the POAL Risk Matrix) and with cnsideratin f POAL s Risk Appetite. The Bard will prvide guidance n accepting residual risk fr Key Risks (see sectin 3.6). 4.5 Risk Registers The risk register recrds each material risk tgether with its risk mitigatin plan. General Managers are respnsible fr ensuring their business unit(s) has a risk register and that the risk register is kept current. Prts f Auckland I Risk Management Plicy 2

Risk registers must include: Business unit name Risk register wner Date f last risk meeting List f all material risks currently faced Each listed risk must include: Risk descriptin Risk wner Date risk was last reviewed Residual risk assessment (after risk mitigatins), cmprising f: Ptential cnsequence (wrst case) Ptential likelihd (f that wrst case ccurring) Risk scre (accrding t POAL Risk Matrix) List f cntrls in place, with each cntrl having a: Cntrl wner Cntrl assurance prcess (if assurance prcess exists) Date assurance prcess was last perfrmed r reviewed List f treatments planned, with each treatment having a: Treatment wner Planned treatment cmpletin date 4.6 PrtSafe PrtSafe is a prt-wide health and safety applicatin. All health and safety risks must be included in PrtSafe. Risks recrded in PrtSafe d nt need t be repeated in the business units risk register. 4.7 Escalatin f High Risks and Extreme Risks Managers are respnsible fr the reprting t their General Manager all newly assessed risks with a residual risk level (after cntrls) f Extreme r High. The General Manager is respnsible fr reprting these risks t the Executive and Bard (via the mnthly CEO Reprt). 4.8 Key Risks Key Risks are thse risks with an Assessed Risk Level f High r Extreme plus ther risks that the Executive Team believes warrant their inclusin as a Key Risk. A separate Key Risk Register will be maintained by Gvernance and Risk Manager cmprising f all Key Risks. Nte similar risks frm multiple business unit risk registers may be cmbined int a single high-level risk n the Key Risk Register. The Key Risk Register will be reviewed by the Executive team n an annual basis. 4.9 Bard Risk Reprting The full Key Risk Register will be presented t the Bard fr review n an annual basis. New Key Risks, and any material change t an existing Key Risk, will be reprted t the Bard at the next Prts f Auckland I Risk Management Plicy 3

scheduled Bard meeting within the mnthly CEO reprt, in either the Current Issues r Risk and Cmpliance sectins. The Bard will receive, n a regular basis, a Bard paper n a pre-selected Key Risk prepared by the risk wner. Key Risks that are f a strategic nature will be discussed during the curse f the Bard s regular strategy discussins. 4.10 Risk Management Assurance The risk management functin will wrk clsely with the Insurance and Internal Audit areas and ther relevant external parties (e.g. Maritime NZ, NZ Custms) t ensure there is a cmmn understanding f the purpse and effectiveness f cntrls that mitigate risks and ensure thse risks which remain are acceptable. 5. Respnsibilities 5.1 Gvernance Structure Bard Bard f Directrs Audit Cmmittee Management Chief Executive Officer Executive Team Gvernance & Risk Manager Internal Audit functin 5.2 Bard f Directrs The Bard f Directrs are respnsible fr: apprval f the Risk Management Plicy setting the tne and culture fr risk management establishing POAL s risk appetite btaining assurance n: the effectiveness f the management f risks the level f cmpliance with the Risk Management Plicy Prts f Auckland I Risk Management Plicy 4

5.3 Chief Executive Officer The CEO is respnsible fr: develping and maintaining the Risk Management Plicy and ensuring it is implemented and effective setting the tne and culture fr risk management delegating adequate authrity and resurces t staff t enable them t effectively identify and manage risks within the cmpany s risk appetite prviding apprpriate, timely and accurate risk infrmatin t the Bard n High and Extreme risks. 5.4 General Managers Each General Manager is respnsible fr: supprting the effective implementatin and peratin f the Risk Management Plicy champining initiatives t imprve the management f risks reviewing risks that have been assessed with a residual risk level (after cntrls) f Extreme r High, and reprting these t the Executive team and the Gvernance and Risk Manager 5.5 Managers Each Manager is respnsible fr: taking respnsibility fr managing risk, safety, health and cmpliance in their wn area f respnsibility identifying the risks relating t wn area (peratinal, financial, plitical etc.) and ensuring that there are adequate mitigatin strategies in place t effectively manage thse risks maintaining knwledge abut the key risks keeping their business unit risk register current and ensuring their General Manager is infrmed n their risks and risk mitigatin strategies. 5.6 All staff All staff are respnsible fr: identifying ptential risks within their business area identifying perceived shrtcmings in risk cntrls the timely cmpletin f risk treatments cmplying with the Risk Management Plicy 5.7 Gvernance and Risk Manager The Gvernance and Risk Manager is respnsible fr: prviding the tls and advice t enable managers t implement the Risk Management Plicy mnitring the applicatin and effectiveness f the Risk Management Plicy maintaining and reprting the Key Risks Register t the Executive Team and the Bard Prts f Auckland I Risk Management Plicy 5

tracking the cmpletin f risk treatments fr Key Risks crdinating cmpany-wide initiatives t imprve prcesses that identify and manage risks advising, caching and training staff n risk management techniques assisting the internal audit functin t prvide assurance n risk management. 5.8 Audit Cmmittee The Audit Cmmittee is respnsible fr ensuring the annual internal audit plan takes accunt f the key areas f risk. 2 Bard Apprval: 19 March 2018 Plicy Owner: Plicy Review: Gvernance and Risk Manager Biennially 2 POAL Audit Cmmittee Charter April 2017 Prts f Auckland I Risk Management Plicy 6

Appendix 1 POAL Risk Matrix Likelihd Cnsequence Insignificant Minr Mderate Majr Critical Almst certain 9 12 20 23 25 Likely 4 11 17 21 24 Pssible 3 10 16 18 22 Unlikely 2 6 13 14 19 Rare 1 5 7 8 15 Assessed Risk Level Lw (1-8) Medium (9-15) High (16-22) Extreme (23-25) Likelihd Almst certain Likely Pssible Unlikely Rare Descriptin f Likelihd Almst certain t ccur within the freseeable future. Greater than 80% prbability that the risk will ccur within next 12 mnths (and likely t have multiple ccurrences). Likely t ccur within the freseeable future. 50% - 80% prbability that the risk will ccur within next 12 mnths May ccur within the freseeable future. 20% - 50% prbability that the risk will ccur within next 12 mnths (between a 1 in 2 and a 1 in 5 year ccurrence). Nt likely t ccur within the freseeable future. 2% - 20% prbability that the risk will ccur within next 12 mnths (between a 1 in 5 and a 1 in 50 year ccurrence). Will nly ccur in exceptinal circumstances. Less than 2% prbability that the risk will ccur within next 12 mnths (less than 1 in 50 year ccurrence). Cnsequence Insignificant Minr Mderate Majr Critical Safety and Wellbeing Very minr injury if first aid required is selfadministered immediately back t wrk with n impact n perfrmance Minr injury r illness requiring first aid treatment n site back t wrk with n LTI Injury r illness requiring ff-site medical treatment and/r LTI Ntifiable injury r illness (as defined by WrkSafe) Fatality r near miss that culd result in a fatality Emplyee engagement Minr impact n ne emplyee Minr impact n limited number f emplyees r prspective emplyees Minr widespread impact r majr impact n a limited number f emplyees Small drp in verall mrale, a few emplyees leaving, negative impact n recruitment utcmes Large drp in mrale, many emplyees leaving, remuneratin increases required t keep existing and recruit new staff Public reputatin Islated minr cmplaint frm member f public. Multiple cmplaints frm a stakehlder grup that are easily reslved. Multiple cmplaints frm a stakehlder grup that are nt easily reslved. Small drp in verall public perceptin r substantial drp in a stakehlder grup. Negative news stries r prtests. Substantial drp in public perceptin resulting in negative impacts n business strategy. Material impact n ur licence t perate. Prts f Auckland I Risk Management Plicy 7

Cnsequence Insignificant Minr Mderate Majr Critical Envirnmental N effect n envirnment. Insignificant fleeting effect n envirnment. Minr shrt-term effect n the envirnment. Mderate shrtterm r minr lng-term effect n envirnment. Significant shrtterm r mderate lng-term effect n envirnment. Material impact n ur licence t perate. Operatinal Disruptin f a nn-critical prcess fr less than 4 hurs Disruptin f a nn-critical prcess fr 4-48 hurs. Disruptin f a nn-critical prcess fr mre than 48 hurs. Disruptin f a critical prcess fr mre than 24 hurs. Disruptin f a critical prcess fr mre than 1 week. Disruptin f a critical prcess fr less than 4 hurs. Disruptin f a critical prcess fr 4-24 hurs. Cmplete prt shut-dwn fr less than 4 hurs. Cmplete prt shut-dwn fr 4-12 hurs. Cmplete prt shut-dwn fr mre than 12 hurs. Market Minr custmer incnvenience - quickly frgtten Dissatisfied custmer with frmal cmplaint requiring actin Dissatisfied custmer resulting in reductin in ttal revenue f less than 1% Lss f a belw tp 10 custmer r reductin in ttal revenue f 1%-5% Lss f a tp 10 custmer r reductin in ttal revenue f mre than 5% Financial One-ff financial lss f less than $1,000 One-ff financial lss $1,000 - $20,000 One-ff financial lss $20,000 - $500,000 One-ff financial lss $500,000 - $5M One-ff financial lss exceeding $5M Level f Authrity Assessed Risk Level Lw (1-8) Medium (9-15) High (16-22) Extreme (23-25) Apprval t undertake risk activity (includes apprving the risk assessment and risk mitigatin strategy) Supervisr r Team Leader Business Unit Manager r Direct Reprt t a GM General Manager Executive Team r CEO Prts f Auckland I Risk Management Plicy 8

Appendix 2 POAL Risk Appetite Table The fllwing table indicates the amunt f risk POAL is prepared t assume in pursuit f its strategic bjectives. Use the table when reviewing risk t guide the decisin n whether the risk cntrls and treatments are sufficient. Risk dmain Risk averse Balanced Risk tlerant Safety and wellbeing Emplyee reputatin Public reputatin Envirnmental prtectin Operatinal cntinuity Market reputatin Financial perfrmance Regulatry cmpliance Risk dmain is the categry the risk being assessed best fits shuld the risk eventuate. The risk dmains used align with the cnsequences frm the Risk Matrix specified in Appendix 1, with the additin f regulatry cmpliance. Risk averse indicates dmains where POAL will take all reasnable practical steps t avid and/r mitigate the risk. Balanced indicates dmains where POAL has flexibility in its apprach t the risk, t ensure an apprpriate balance between risk and reward. Risk tlerant indicates dmains where POAL is willing t take n mre risk in the search fr greater reward. Prts f Auckland I Risk Management Plicy 9

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback