Input and Risk Identification

The ERM system is integrated into the Group’s business planning and performance monitoring processes, regardless of the risk category concerned. As part of the annual business plan process, each level of the organization prepares an ERM business plan. 

The ERM business plan includes risk assessment, controls, risk management activities and action plans. It determines the main focus and priorities for operational risk management at the country, division and the Group level for the coming year. Securitas’ ERM business plan risk assessment tool is used to facilitate the risk assessment process, as well as action planning, depending on the level of risk and controls that are in place.

Key risk determination

The yearly risk assessment process is coordinated by the Group risk organization, which is also responsible for maintaining the risk register. The risk register contains about 50 risks and is updated annually, primarily based on the country ERM business plans, but also other sources of input such as audits, self-assessment results and management input. Out of the 50 risks, about 15 are selected as top risks that will be subject to monitoring activities. Out of these, seven risks are currently considered Group key risks and have been assigned primary focus for the coming year. For an example of these risks and how they are managed click here. The ultimate prioritization of key risks for each year is decided by Group Management and presented to the Audit Committee.

Seven key risks 2015

  • Customer Contract Risk
  • Acquisition Risk
  • Assignment Execution Risk
  • Compliance (regulatory and other) Risk
  • IT Failure Risk
  • Price Risk
  • Securitas’ Values and Ethics Compliance Risk

For examples of activities during 2015 refer to page 40 of the Annual Report 2015.

Contact us for more information

* Required field