MUSTER AG RISK MANAGEMENT

Similar documents
ENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework

TONGA NATIONAL QUALIFICATIONS AND ACCREDITATION BOARD

Risk Management at Central Bank of Nepal

GENERAL RISK CONTROL AND MANAGEMENT POLICY

UNITED NATIONS JOINT STAFF PENSION FUND. Enterprise-wide Risk Management Policy

Procedure: Risk management

M_o_R (2011) Foundation EN exam prep questions

RISK MANAGEMENT POLICY October 2015

Fraud Risk Management

AN INTRODUCTION TO RISK CONSIDERATION

ENTERPRISE RISK MANAGEMENT POLICY FRAMEWORK

Ahsan Jamal. Case Study IDENTIFYING AND MANAGING KEY RISKS IN CONSTRUCTION PROJECTS

ก ก Tools and Techniques for Enterprise Risk Management (ERM)

0470_022817_03_chap01.fm Page 11 Wednesday, September 8, :29 PM. Part I The basics of project risk management

Version: th November 2010 RISK MANAGEMENT POLICY

Introduction. The Assessment consists of: Evaluation questions that assess best practices. A rating system to rank your board s current practices.

PST Board Assurance Framework

STRATEGIC PLANNING PROCESS (2017) 1.1 The Association s strategic planning framework consists of the preparation of the following documents;

Section Defining Risk Management. 11. Principles of Risk Management

Risk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY

Thirty-Second Board Meeting Risk Management Policy

Perpetual s Risk Management Framework

Best Practices in ENTERPRISE RISK MANAGEMENT. [ Managing Risks Holistically ]

Risk Management Relevance to PAS 55 (ISO 55000) Deciding on processes to implement risk management

Enterprise Risk Management

Building a Nation: Sint Maarten National Development Plan and Institutional Strengthening. (1st January 31st March 2013) First-Quarter Report

1st Capacity Building Seminar on Enterprise Risk Management

Kidsafe NSW Risk Management Plan. August 2014

Risk Management Guidelines

2014 Own Risk and Solvency Assessment (ORSA) Feedback Pilot Project Observations of the Group Solvency Issues (E) Working Group

Risk Management: Principles, Methodologies and Techniques. Peter Getugi Internal Audit Manager ILRI

PRINCE2 Sample Papers

ENTERPRISE RISK MANAGEMENT (ERM) POLICY

Risk Assessment Mitigation Phase Risk Mitigation Plan Lessons Learned (RAMP B) November 30, 2016

PRINCE2. Number: PRINCE2 Passing Score: 800 Time Limit: 120 min File Version:

Risk Management Policy

Solvency Assessment and Management: Stress Testing Task Group Discussion Document 96 (v 3) General Stress Testing Guidance for Insurance Companies

Risk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic

RISK MANAGEMENT POLICY

INTERNAL AUDIT PLAN OF ACTIVITIES

SOLID GROUP INC. ENTERPRISE RISK MANAGEMENT POLICY

Post-Class Quiz: Information Security and Risk Management Domain

The PRINCE2 Practitioner Examination. Sample Paper TR. Answers and rationales

Operational Risk Management. By: A V Vedpuriswar

PRINCE2 Sample Papers

Master Class: Construction Health and Safety: ISO 31000, Risk and Hazard Management - Standards

An Overview of the Enterprise Risk Management Process

GOV : Enterprise Risk Management Policy

INTEGRATING RISK MANAGEMENT AND BUSINESS CONTINUITY

Breaking down OpRisk Value-at-Risk for management purposes

Office of the City Auditor 2018 Annual Work Plan and Long Term Audit Plan

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

Managing And Mitigating Risk In PT Pertamina (Persero) to balance Aggressive Growth Strategies with Prudent Risk Management Frameworks

Risks and risk management

Introduction. The Assessment consists of: A checklist of best, good and leading practices A rating system to rank your company s current practices.

ANNUAL GOVERNANCE STATEMENT FOR THE POLICE AND CRIME COMMISSIONER FOR NORFOLK AND THE CHIEF CONSTABLE FOR NORFOLK

Chapter 3. Introduction to Risk Management. After studying this chapter, the student has to able to answer the following questions:

Risk Management Framework

West Coast District Municipality. Risk Management Policy

ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

Oshkosh Corporation Tax Strategy

Audit Committee report THE AUDIT COMMITTEE. Tim Weller Audit Committee Chairman

Risk Management: Assessing and Controlling Risk

Risk Management Policy. September 2015

An Update On Association Policies, Health Checks & Guidelines To A Safer Hockey Association. Lauren Woods Member Engagement & Operations

Boston Chapter AGA 2018 Regional Professional Development Conference. Brandeis University Professor Erich Schumann May 2018

INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS GUIDELINE. Nepal Rastra Bank Bank Supervision Department. August 2012 (updated July 2013)

Goodman Group. Risk Management Policy. Risk Management Policy

Risk Management at the Deutsche Bundesbank March 2011

ANTI-FRAUD CODE CONTENTS INTRODUCTION GOAL CORPORATE REFERENCE FRAMEWORK CONCEPTUAL FRAMEWORK ACTION FRAMEWORK GOVERNANCE STRUCTURE

PROJECT CYCLE MANAGEMENT & LOGICAL FRAMEWORK MATRIX TRAINING CYPRIOT CIVIL SOCIETY IN ACTION V INNOVATION AND CHANGES IN EDUCATION VI

Section 2. Introduction and Purpose of the LMS

ENTERPRISE RISK MANAGEMENT (ERM) GOVERNANCE POLICY PEDERNALES ELECTRIC COOPERATIVE, INC.

CORPORATE RISK MANAGEMENT POLICY

Executive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B

Financing for Energy & Sustainability

INTERNAL AUDIT AND OPERATIONAL RISK T A C K L I N G T O D A Y S E M E R G I N G R I S K S T O G E T H E R

MAIN BOARD LISTING RULES. Chapter 13

ASIC s Regulatory Guide 247 Effective Disclosure in an Operating and Financial Review and the International Integrated Reporting Framework

Project Management in ICT. Prof. Dr. Harald Wehnes

Risk Management Plan PURPOSE: SCOPE:

Principal risks and uncertainties

Risk Management in Italy: State of the art and perspectives. PMI Rome Italy Chapter

Statement of Compliance with IOSCO Principles. Citigroup Global Markets Limited

Applying COSO s Enterprise Risk Management Integrated Framework. September 29, 2004

Day 2: Session 2 Tax governance, risk and control

Approved by: Diocesan Council 17 December 2015

Volume 29/2010 Journal of the NBS Decree of NBS No. 13/ DECREE of Národná banka Slovenska of 31 August 2010

Water risk identification

Understanding Enterprise Risk Management: An Overview

machine design, Vol.7(2015) No.4, ISSN pp

Intro Public-Private Partnership (P3) Finance Course

HEALTH RESEARCH CAPACITY STRENGTHENING INITIATIVE. Program Risk Management Policy. September Imperial : +265 (0)

MANAGERIAL ACCOUNTABILITY AND RISK MANAGEMENT

September Preparing a Government Debt Management Reform Plan

JFSC Risk Overview: Our approach to risk-based supervision

RISK MANAGEMENT POLICY

Comparison of Risk Analysis Methods: Mehari, Magerit, NIST and Microsoft s Security Management Guide

SMART PLANNING FOR SMART PEOPLE. guide to investing

T. Rowe Price International Ltd. Pillar 3 & Remuneration Code Disclosure. 31 st December 2017

Transcription:

MUSTER AG RISK MANAGEMENT Risk Management Policy Risk Management Process Risk Management Guidelines Version 1.0 as of 9. October 2011

TABLE OF CONTENTS 1. PRINCIPLES OF RISK MANAGEMENT... 3 1.1. Concept... 3 1.2. Purpose... 3 1.3. Strategy... 3 1.4. Annual briefings... 4 1.5. Risk Management Organization... 4 1.6. Roles and responsibilities... 4 2. RISK MANAGEMENT PROCESS... 5 2.1. Process phases... 5 2.2. Overview of the process... 6 3. RISK MANAGEMENT GUIDELINES... 6 3.1. Phase 0: Preparation... 6 3.2. Phase 1: Risk Analysis... 7 3.3. Phase 2: Risk mapping... 7 3.3.1. Step 1: Risk Consolidation and Classification... 7 3.3.2. Step 2: Risk prioritization... 8 3.3.3. Step 3: Formulation of the 10 most important risks (TOP 10)... 9 3.3.4. Step 4: Risk Mapping... 9 3.4. Phase 3: Risk measures... 10 3.5. Phase 4: Risk re-mapping... 10 3.6. Phase 5: Reporting... 10 MUSTER AG Risk Policy 2/11

1. PRINCIPLES OF RISK MANAGEMENT 1.1. Concept Risk Management (RM) of Muster AG is a task of the management and is monitored by the board of directors, forming an enterprise-wide strategic framework. It is designed to identify potential events that could have a substantial negative impact on the company. Its aim is to control risks and to ensure adequate level of certainty in relation to achievement of corporate goals. The RM of Muster AG is embedded into the existing management processes of the company and should not be a parallel organization in itself. 1.2. Purpose The Muster AG undertakes the "Risk Management" project on the request of the board of directors. The main purpose of the project is to provide the board and the executive management with a management summary of enterprise-wide risk. The main objectives include: Coordination of strategy, risk management and internal controls Optimization of decisions in response to risks Improving the reliability of forecasts Identification and control of enterprise-wide risks Improve risk awareness throughout the company Standardization of procedures and risk management language at the corporate level Annual preparation of a Top 10 Risks list, which is then applied across corresponding projects Provision of adequate insurance coverage 1.3. Strategy Risk factors that may impact the ability of the company to reach strategic objectives are detected and analyzed. At MUSTER AG we believe that risks are always associated with opportunities. A calculated risk-taking is essential for the growth of our company. Each employee should be aware of the strategic direction of MUSTER AG and work to achieve these goals by taking reasonable steps, outlined blow, in order to effectively manage risks and opportunities. "MUSTER AG is a universal provider of insulation tools and solutions" The strategy of MUSTER AG is based on the following vision: 1) Take advantage of the growth opportunities in Switzerland through well-chosen market segements and industry solutions 2) Market leadership in the insulation market sector in Switzerland with the label Swiss Made 3) Expansion of the pure insulation business by offering tools and solutions for heat and cold insulation outside the construction industry MUSTER AG Risk Policy 3/11

1.4. Annual briefings The board is to discuss with the executive management the risk environment and the related risk susceptibility of the MUSTER AG at least once per annum. The findings are included in the Top Ten Risks list and measures to address them are presented. 1.5. Risk Management Organization At the Muster AG, the board of directors has the overall responsibility for risk management. The board may seek advice from an advisory board, if such is established In line with laws and based on the Articles of Incorporation, the board delegates the implementation of risk management to the executive management, which in turn may appoint a risk manager. Board of Directors poss. Advisory Board Executive Management Risk Manager strategic risks operational risks finanancial risks 1.6. Roles and responsibilities Board of Directors (BoD) Risk Management Organization/Risk Management Process/Definition of Risk Management Policy The board of directors has the ultimate overall responsibility over risk management Ensuring that the established risk management organization, risk management policy and risk management process operate as planned MUSTER AG Risk Policy 4/11

Executive management (EM) Management of all risk factors within the strategic and financial framework in order to mitigate and reduce risk problems of MUSTER AG Provision of timely and accurate information about the risks the company is facing, as well as taking steps to ensure the effectiveness of risk management Risk Manager Responsibility for the operation and coordination Coordination of information flow and documentation related to the management and operation Carry out tests/checks in order to make sure that all risks are captured, analyzed, and where necessary included in the Master Risks list Risk Management is the responsibility of everyone in the company, including management and employees, and is therefore explicitly or implicitly part of the job description of every member of the company. 2. RISK MANAGEMENT PROCESS 2.1. Process phases The overall process of risk analysis, risk mapping, risk measures and risk re-allocation in the strategic environment should be carried out annually. In case of unforeseen and extraordinary events, these processes can occur more frequently. Six Phases of Risk Management Process: Phase 0: Preparation Phase 1: Risk analysis Phase 2: Risk mapping Phase 3: Risk measures Phase 4: Risk re-allocation Phase 5: Reporting MUSTER AG Risk Policy 5/11

2.2. Overview of the process ACT 0 Preparation 5 Reporting 4 Risk re-mapping Risk Management Phases 1 Risk analysis 2 Risk mapping P L A N CHECK 3 Risk measures DO The RM process is a standardized across the whole company. The executive management undertakes all the necessary efforts to raise the awareness of risk management by employees on every level. 3. RISK MANAGEMENT GUIDELINES 3.1. Phase 0: Preparation Risk Management Organization Risk Management Process Risk Management Policy Risk Management Guidelines The preparation phase is a long-term process and is not performed on an annual basis. It takes place over a longer period of time, and is modified and amended with changes in strategy, in cases of extraordinary events or when new information becomes available. This phase includes the following tasks Set up Risk Management Organization Establishment of Risk Management Process Establishment of Risk Management Policy MUSTER AG Risk Policy 6/11

Milestone 0: Set up Risk Management Organization, approve Risk Management Policy, give impetus to Risk Management Process and adopt Risk Management Guidelines. 3.2. Phase 1: Risk Analysis In this phase, all risks that confront MUSTER AG are identified. A risk is an incident or event that arises from either internal or external source and could have an impact on the implementation of a strategy or the achievement of objectives. Risks can have either positive or negative effects; however, the focus of risk management activities of MUSTER AG is on negative events. At this stage, the executive management identifies and monitors all potential events, if the potential impact on the achievement of important objectives is high, even if these events have a low probability of occurrence MUSTER AG pursues a bottom-up approach for the identification of risks. The bottom-up approach requires the contribution from everyone in the company to complete the enterprise risk environment map. A questionnaire is sent to as many employees in the company as possible in order to get a complete picture of company risks. Risks identified by the use of this questionnaire are grouped together by team support function. Milestone 1: Identify all possible risks that MUSTER AG faces by involving as many employees as possible. 3.3. Phase 2: Risk mapping In this phase, all identified risks are prioritized based on their importance. To achieve this, the following steps are undertaken: Risk consolidation and classification Risk prioritization Development of the 10 most important risks (TOP 10) Creation of the Risk Map 3.3.1. Step 1: Risk Consolidation and Classification All responses received across the enterprise concerning risks are summarized and classified by the team support function. The risks are classified into the following three categories: strategic risks, operational risks and financial risks. Strategic risks: all risks that endanger the existence or continuation of the company or which may result the company to go into liquidation/receivership are classified as strategic risks. In general, these risks relate to the long-term success and viability of the company. These include: Risks which arise from disasters or force majeure situations including manufacturing or service disruptions caused by natural disasters, uncertainties, product liabilities, etc. MUSTER AG Risk Policy 7/11

Environmental risks: Strong competitors negatively affect the business. Incorrect, untimely or unavailable information about competitors/rivals and their products could have an adverse impact on the business. Management risks: In addition to having an appropriate organization, management style is one of the crucial preconditions for the success or failure of a company. Lack of leadership (unclear instructions, unclear responsibilities) may represent a risk to a company, such as overdependence on leading executives. Risks related to stakeholders: Ensure that the company is focused on the needs and aspirations of all stakeholders, including shareholders and business partners, authorities, suppliers and society in general. Operational risks: Operational risks are those risks that that threaten strategic goals due to inappropriate or lack of internal processes, people or systems. In general, these risks are short or mediumterm risks and they include the following: Process risks: Risks that relate to the product development process in the company. Physical assets: The assets required for business operations are not available. People and cultural risks: Risk that arise as a result of years of corporate culture development and people that live and work in this culture. There are several categories of such risks, and they may take the form of resources, know-how and skills, motivation, integrity, compensation, performance, relationship with trade unions and legal problems. Legal risks: Potential for losses arising from the uncertainty in legal processes such as bankruptcy or trial. Financial risks: Risks that have purely financial implications for the company (short or long term) fall in this category, for example: Market risks: The possibility of losses arising from adverse changes in market prices and rates, including commodity prices, interest rates and exchange rates. Liquidity and credit risks: Liquidity risk describes a situation in which one party is not able to meet liabilities and service its debt at a certain point in time. This may concern collection, managing of liquid assets, hedging and financing. Taxes, regulations and accounting: The accounts are subject to a thorough examination and provide may be subject to substantial risk in light of existential lawsuits and legal measures. Capital structure: the company does not have sufficient/optimal capital, resulting in higher capital costs, lower profitability and a reduction in cash flow and liquidity. 3.3.2. Step 2: Risk pioritization A workshop should be organized in order to prioritize risks in the Master Risks List. Members of executive management, a sales representative, a representative from risk management in Vienna and an external advisor all take part in this workshop. The idea is to encourage an open dialogue about risk. MUSTER AG Risk Policy 8/11

All identified risks are assigned a risk priority number (RPN). The RPN is based on the following three criteria and is weighted based on the scale of 1 to 10. Impact of the event (I) Liklihood of occurence (O) Possibility of surprise (S) or the degree of preparedness should the risk occur Risk potential (RPN) = I x O x S The RPN can have a value in a rage of 1-1000; those risks that have the highest RPN should be addeded to the Top 10 Risks list. The mean effect of the Impact of an Event, in financial terms is: Less than 0.5% of EBITDA >>> Low impact >>> 1-3 Points Between 0.5 and 3.0% of EBITDA >>> Moderate impact >>> 4-6 Points More than 3.0% of EBITDA >>> High impact >>> 7-10 Points Liklihood of occurrence is the expected frequency of occurrence of these risks: Once in 5-10 years >>> Low probability >>> 1-3 Points Once in 1-5 years >>> Medium probability >>> 4-6 Points Several times per year >>> High probability >>> 7-10 Points Probability of surprise is the degree of lack of preparedness towards a specific risk; risk is only discovered once it occurs. Poor preparation presents greater risk. Easy to detect (e.g. Currency fluctuations) >>> 1-3 Points Difficult to detect (e.g. changes in government policy) >>> 3-6 Points Discovery is unlikely (e.g. disasters, terrorist attacks) >>> 7-10 Points 3.3.3. Step 3: Development of the 10 most important risks (TOP 10) The 10 most important risks are those risks that have the highest priority in the Master Risk list of MUSTER AG. We focus on the top 10 risks because: In order to shape the project s focus on the selected risks and address these risks. In order to efficiently allocate the available time, human capital and financial resources. It is important that the 10 most important risks are treated as highly confidential. 3.3.4. Step 4: Risk Mapping The 10 most important risks are identified based on the three criteria likelihood of occurrence, impact and probability of surprise. This mapping of risks forms the basis of all future monitoring of risks and ensures that effective measures are developed to control the most important risks. Milestone 2: Identification, development and mapping of the 10 most important risks. MUSTER AG Risk Policy 9/11

3.4. Phase 3: Risk measures For each of risk out of 10 most important risks list, a person responsible for analysis of this risk in detail is appointed. The detailed analysis includes: The complete scenario of risk occurance Drivers of the risk The connection of this risk to other risks Quantification of risk (intelligent estimate) Possible solutions with associated costs (including time, human capital and financial) The detailed analysis must then be discussed with the executive management. Each risk is monitored by the risk manager along the following points: Clear and achievable goals and benchmarks Detailed planning process, including clear deadlines, important milestones and cost-benefit analysis Definition of Key Performance Indicators (KPIs) or Standards A clearly defined methodology Clear allocation of resources Milestone 3: The measures for handling risks are defined, the action plan is prepared and persons responsible for each one of the top most important risks is appointed. 3.5. Phase 4: Risk re-mapping The action plan for responding to a particular risk is set in a project. The risk maps shall be updated in the second quarter of each year, along with trends in risks in the Top 10 Risks List and the effectiveness of responses to these risks. The re-mapping is important for the following reasons: To keep in mind the development of risk scenarios The review effectiveness of measures for handling risks To control risk management process A possibility to replace risks in the Top 10 Risks list according to changes in risk prioritization; re-allocate risks to the Top 10 category which were originally not on that list. Milestone 4: Set and implement the elements of the action plan. 3.6. Phase 5: Reporting The monitoring of the risk management process is documented as follows: Periodic reporting by risk manager to EM Periodic reporting by EM to the BoD and Advisory Board/Council Annual update of all documents related to risk management MUSTER AG Risk Policy 10/11

In order to be able to update the risk management and reporting to the latest developments, the risk manager is attending relevant training in consultation with the EM. Milestone 5: Regular updates and reports on the follow up process, the effectiveness of risk responses and proposals for the next cycle. ********* This risk policy is approved by the board of directors on the 9th of October 2011 and comes into force with immediate effect. St.Gallen, 9 October 2011 Chairman of the board of directors: Board secretary: Dr. Max Muster Christian Meier, CFO MUSTER AG Risk Policy 11/11

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback