Risk management in CAP
In line with international best practices, the CAP Group has embarked on a path aimed at building an integrated and structured risk analysis, management and monitoring system. The Group has therefore adopted an Enterprise Risk Management model aimed at identifying and prioritising the main risks that could compromise the Group’s achievement of both its business and sustainability objectives, with the ultimate goal of supporting decision-making processes, creating awareness in the organisation and improving the ability to create value for stakeholders.
Inspired by the CoSO framework methodology, the model considers different types of risk, with particular attention to ESG factors, business processes, activities, operators and services.
The ERM is aimed at ensuring effective oversight of the entire universe of the main risks to which CAP is exposed due to the nature of its business and the strategies adopted, ensuring management of the Group’s overall exposure in line with the objectives of the Industrial Plan and Sustainability Plan.
Aware that sustainability risk management is necessary in order to ensure the Group’s resilience in the medium-long term, the company is urged to pay greater attention to the environmental, social and governance risks to which the Group is subject. This is why the Group chose to orient its sustainability strategy to 2033 through the definition of the Sustainability Plan, anticipating the evolution of future scenarios and the impacts of major social, environmental and economic trends.
An integrated work
The ERM model and the update of ESG risks for the purposes of the Sustainability Plan are to be considered part of a single framework: although they are characterised by distinct perimeters, they foster and complement each other.
Integrated management system: control of business processes and activities through the establishment of management procedures and operating instructions shared with all Departments, through an articulated system of ISO Standards
Health and safety: adoption of an occupational risk assessment and control document, identified and evaluated in the company’s Risk Assessment Document (DVR)
Investment analysis: the planning of Group activities and investments considers the results emerged from the ERM model (e.g., budget preparation, Industrial Plan)
Compliance: adoption of the Organisation, management and control model for the purposes of Italian Legislative Decree no. 231/2001 and compliance with national and international sector directives which the Group must abide by
Prevention of corruption: envisages the identification of business areas at risk of corruption through our Three-year corruption prevention and transparency plan (pursuant to Italian Law 190/2012).