This forms the basis for decision-making about which risks are priorities, what the appropriate response should be, and how resources should be allocated to manage the risk or opportunity in a way that best supports the organization’s strategy. Extending this process across an entire organization, looking at both “upside” and “downside” risk, ensuring that the company takes the risks that will help achieve its primary objectives while keeping all other risks under control.

Risk Governance Structure

An effective risk management structure provides a strong support for risk management processes and its implementation. The Sustainability & Risk Management Committees (SRMC), Sub-committees and Risk Champions is primarily important as these are mechanisms endorsing risk management throughout the entity that encourage the establishment of line of authority, clear-demonstrated roles and responsibilities of management and employee. The risk management report together with the risk mitigation plan is reviewed quarterly by sub-committees at the business segment and plant level. The committee reports to the Board periodically on its activities and evaluates its performance on an annual basis.

IVL Enterprise Risk Management Structure

Risk Assessment

To ensure that IVL remains resilient and responsive to challenges and opportunities with steady progress towards the organizational goal, risk management is embedded as mechanism for monitoring and managing uncertainty. It considers as significant benefits to the company to understand principal business risks, to explore new opportunities for continuous and sustainable growth and to adapt new strategies to mitigate any effects of the global economic downturn.

We assess the potential impact and likelihood of the risks associated with aspects on sustainable development and profitable growth. This covers the assessment and review of internal and external risks, including global risks and other factors that may affect the company’s operations due to increasing business and international operation.

All significant risks identified are analyzed, recorded, reported and appropriate mitigation measures are initiated. The risk is assigned to the risk owner who is responsible for assessing risks and identifying associated controls to mitigate and/or reduce risk. Moreover, monitoring is continual checking, supervising, critically observing, or determining the status in order to identify change from the performance level required or expected, to ensure risks and gaps are identified and that risk response and control activities are adequate and appropriate.

At the corporate level, we conduct a sensitivity analysis every six months to ensure sustainability, especially the environmental and social impacts to business operations. The water sensitivity analysis is conducted to identify water stress locations at all our operations globally. The risks pertaining to the human rights risks at our work places, in supply chain are also part of the risk management.

Business Continuity Management (BCM)

The company is developing business continuity management to ensure continuity in the delivery of its products and services, and perform activities that are critical to successfully continuing its operations. This is centred around the BCM, which involves identifying threats, performing a business impact analysis, designing and implementing a business continuity plan, compiling documentation, measuring and testing performance, and maintaining and improving BCM processes. Effective BCM ensures the company can provide a minimum acceptable operation in the event of a disaster, and helps preserve corporate reputation, image and revenue.

Risk Culture

We support our employees and develop strategies and communications to produce positive cultural outcomes. This is continually refined to reflect ongoing changes in our business strategy.

We encourage a positive risk culture at our corporate office and in all our operations which helps to:

  • Strengthen effective risk management.
  • Promote sound risk-taking.
  • Address immediate behavioral and other relevant issues ensuring a safer and healthier environment for our workforce.
  • Ensure that emerging risks and excessive risk-taking, including M&A activities are assessed, escalated and addressed.

Communication and education are meaningful actions in developing risk awareness. We encourage open and upward communications, sharing knowledge and best practices, continuous process improvements, and a strong commitment to ethical and responsible business behavior.

We also foster an environment that both recognizes and rewards people for paying attention to risk, both positive and negative, to reward the right kind of behavior or to penalize the wrong kind of behavior. Employee Suggestions, Incentives, and Near-miss Reporting are just some of our programs that regularly promote a positive risk culture.