Risk Management
Risk management is a strategic tool for creating value. The activities of the Esprinet Group and Esprinet S.p.A. are in fact exposed to certain risk factors that may influence their economic, equity and financial situation.
Esprinet S.p.A. and the Esprinet Group identify, assess and manage risks in compliance with internationally recognised models and techniques.
Starting in 2009, the Group adopted an operational and organisational model for risk management and monitoring of adequacy over time (so-called 'ERM-Enterprise Risk Management') inspired by the methodology of the Committee of Sponsoring Organisations of the Treadway Commission (so-called 'CoSO’), which makes it possible to identify and manage risks in a uniform manner within Group companies.
This is based on a methodological framework aimed at creating an effective risk management system capable of involving, at different levels, the actors in the internal control system who are assigned different roles of responsibility for control activities.
The identification, assessment, management and monitoring system of the company’s main risks is based on a process which involves the performance of the following tasks, at least annually:
- mapping and assessment of the main business risks (‘risk assessment’ and ‘risk scoring’);
- identification of ‘risk management’ priorities;
- identification of a 'risk strategy' (acceptance, optimisation, improvement or monitoring of control measures) for each risk mapped and its declination into operational action plans.
The final aim of the process described is to identify potential events that may affect the business activity and to keep the level of risk within the acceptable threshold defined by the administrative body in order to achieve the business objectives.
The definition of the main business risks is based on the following classification:
- strategic risks;
- operational risks;
- compliance risks;
- financial risks.