Input and Risk Identification

The ERM system is integrated into the Group’s business planning and performance monitoring processes, regardless of the risk category concerned. As part of the annual business plan process, each level of the organization prepares an ERM business plan. 

The ERM business plan includes risk assessment, controls, risk management activities and action plans. It determines the main focus and priorities for operational risk management at the country, division and the Group level for the coming year. Securitas’ ERM business plan risk assessment tool is used to facilitate the risk assessment process, as well as action planning, depending on the level of risk and controls that are in place.

Key risk determination

The yearly risk assessment process is coordinated by the Group risk organization, which is also responsible for maintaining the risk register. The risk register contains about 50 risks and is updated annually, primarily based on the country ERM business plans, but also other sources of input such as audits, self-assessment results and management input. Out of the 50 risks, about 15 are selected as top risks that will be subject to monitoring activities. Out of these, six risks are currently considered Group key risks and have been assigned primary focus for the coming year. For an example of these risks and how they are managed click here. The ultimate prioritization of key risks for each year is decided by Group Management and presented to the Audit Committee.

Six key risks 2017

  • Customer contract risk
  • Assignment execution risk
  • Compliance (regulatory and other) risk
  • Business continuity risk including IT failure risk
  • Price risk
  • Securitas’ Values and Ethics compliance risk

For examples of input and risk identification activities, refer to page 40 of the Annual Report 2017

Contact us for more information

Your personal data will be processed in accordance with our Privacy Policy. Click here to read our Privacy Policy. By submitting the form you consent to our processing, and our transfer of your personal data to Securitas entities located outside the EU/EEA, in accordance with our Privacy Policy.