download-pdfDownload Report

Risk Management

Our business faces several risks which may be internal or external. We have a robust framework and process in place to effectively manage them and deliver long-term value to our shareholders.

Risk Management Framework

We have established a well-defined framework and procedures for enterprise risk management, prepared under the supervision of the Executive Board. It encompasses significant risk in areas of information security, operations, delivery, and key support functions along with detailed risk management guidelines including risk dentification, analysis, response, tracking, and management discussion and mitigation. Risk registries are maintained by respective functions and project teams. These are centrally reviewed and periodically monitored by compliance and governance teams identified as the owner for the specific area of risk.

The Chief Information Security Officer (CISO), Chief Information Officer (CIO) and Engineering and Business Excellence Team (EBE) work together with the Executive Board in achieving the above. The process followed by them in identifying areas of risk includes:

  • Identification of key risk areas
  • Assessment of key risks for probability and impact
  • Prioritization
  • Formulation of response
  • Identification of owners
  • Participation by owners in outlining mitigation plans
  • Reporting on adequacy and effectiveness
  • Acceptance of residual risk

Our risk appetite reflects the broader level of risk that we can assume and successfully manage and is factored into our strategy at the time of drawing up the long-term and the annual business plan.

Key Risks and Mitigation Actions