In 2014, the Parent continued to implement the risk management system. The “Grupa Azoty Corporate Risk Management Policy” was adopted along with a range of procedures related to risk identification and assessment.
In accordance with the Policy, corporate risk management consists of the following stages:
- risk identification and assessment;
- definition and deployment of risk response measures and incident management plans;
- monitoring and reporting of risk levels;
- use of information on risks in decision-making processes,
- reporting and communication,
- monitoring and evaluation of the risk management system.
A new position of Risk Manager was established at the Parent, and the Risk Management Steering Committee was established.
The Parent’s risk register is verified periodically. Risk identification is based on the adopted risk model and risk assessment is performed by entities affected by a given risk using a scale of impact and likelihood of occurrence applied in a given year. Risks are prioritised and key risks in a given period are identified.
As a result, a list of key risks is adopted along with the Parent’s risk map and register.
The Parent’s operational risks are identified and steps are taken to mitigate their adverse effect. Internal audits of its management systems are among the tools applied by the Parent to asses measures taken to mitigate risks in individual processes carried out at the Parent.