Risk and Policy Framework
Summary of Risk Management Policy and FrameworkRisk is present in all aspects of Incitec Pivot Limited's business. It has the potential to impact people, the environment, the community and the reputation, assets and financial performance of the Company.
Incitec Pivot Limited is committed to the effective management of risk, which is central to its continued growth and success and the achievement of the Company's corporate objective and strategy.
Incitec Pivot Limited has adopted an integrated Group Risk Framework for the oversight and management of material business risks and manages risk within a comprehensive risk management process which is based on the principles and guidelines outlined in ISO 31000 - Risk Management. A key element of this risk management process is the Board's assessment on risk, which is based on the level of risk Incitec Pivot Limited is able to sustain in achieving its corporate objective of delivering value to shareholders. Risks are identified, analysed and prioritised using common methodologies and risk controls are designed and implemented having regard to the overall corporate strategy. The risk controls adopted by Incitec Pivot Limited are administered via Group-wide processes.
The Board is responsible for reviewing and approving the overall management of risk and internal control. The Board monitors the Company's risk profile, risks and mitigating strategies primarily through the Audit and Risk Management Committee. The Audit and Risk Management Committee's duties with respect to internal control and risk management are set out in the Charter for the Audit and Risk Management Committee. The Audit and Risk Management Committee and, through it, the Board, receive regular reports from management on the effectiveness of the Company's risk management process. Management, through the Managing Director & CEO and Chief Financial Officer, is responsible for the overall design, implementation, management and coordination of the Company's risk management and internal control system.
Each business unit has responsibility for identification and management of risks specific to their business. This is managed through an annual risk workshop within each business unit. The risk workshops form part of the annual internal audit program, thereby aligning the internal audit activities with material business risks. The outcomes of the business unit risk workshops are integrated into the annual corporate risk workshop. The resultant Corporate Risk Report is presented to the Audit and Risk Management Committee on an annual basis, and management is required to present regular updates to the Committee on material business risks.
The Chief Risk Officer independently monitors the internal control framework and provides regular reports to the Audit and Risk Management Committee. The annual internal audit program is approved by the Audit and Risk Management Committee. The Chief Risk Officer provides written reports to the Committee on the effectiveness of the management of risk and internal controls, and meets regularly with the Committee without the presence of management.