Risk governance

Our risk governance system is based on a number of committees and management processes which bring together reports on the management of risk at various levels.

The risk governance process is supported by regular risk assessments and reviews of existing and new opportunities, by considering the risk exposure and appetite of each division, service line, and function.

The diagram below sets out the risk governance structure in operation, showing the interaction between the various risk review and management committees.

The Group Risk Committee is responsible for the assurance of the Enterprise Risk Management Framework agreed by the board, and reviews all material new business opportunities and projects. It is responsible for providing direction on the management and mitigation of risk exposure.

Any proposal to be presented to the Group Risk Committee is first reviewed and supported at the Divisional Risk Review Committee.

The Executive Committee discuss safety, compliance, operational, commercial and financial matters weekly, identifying and addressing emerging risks and opportunities.

Terms of reference are in place for each of the key committees.