Risk management programme
The ARM Risk Management and Compliance Committee has developed an Enterprise Risk Management Policy, which has codified existing practice, and a separate Enterprise Risk Management Procedural Guide to replace the previous Enterprise Risk Management Framework.
The approved Enterprise Risk Management Policy sets out the governance approach for risk management within ARM and includes the following:
- aims to provide a framework within which management can function in order to embed an informed and proactive enterprise risk management culture throughout ARM, which places significant emphasis on the integration of risk and assurance;
- enables competent management assurance of the control environment across risks/opportunities and processes throughout the Company;
- defines risk as “uncertainties that must be identified, understood and proactively managed to achieve its objectives and add value”;
- defines the governance structures around risk management from corporate to operational level;
- defines the roles and responsibilities of the governance structures and management from corporate to operational level, and emphasises that management of risk is the responsibility of management at every level in ARM;
- defines the process and integration of assurance providers with business and reporting processes performed by ARM’s external auditors, internal auditors and specialist independent assurance providers to provide comprehensive (but balanced) combined assurance on ARM’s preparedness to manage risks and challenges and to exploit opportunities;
- strives to provide guidance to inculcate an appropriate enterprise risk management culture across the Company;
- promotes the optimisation of the enterprise’s risk management efforts; and
- ensures that the risk management programme and processes are based on generally accepted risk management practices that enhance value for all stakeholders.
Click to enlarge
Ensures that the risks arising from new developments in ARM’s
operating environment are considered on an on-going basis.
ARM’s risk management department constantly monitors risk issues
that stem from new developments, such as non-compliance with
changes in corporate governance requirements or codes of practice,
to ensure that risk management within ARM remains relevant.
Risk and Control Dashboards are now consistently used at divisional
and ARM Audit Committee forums, providing a consistent and
measurable management assurance metric on the control effectiveness
of a broad spectrum of risks and processes.
For more information: Annual Integrated Report 2016 - Corporate Governance report