Risk management
Risk management in CAP
In line with the international best practices, Gruppo CAP has developed an integrated and structured system of risk management: the group has indeed adopted an Enterprise Risk Management (ERM) model, the mission of which is arranging an organized and synergic approach aimed at identifying, evaluating, managing and monitoring the main risks that could compromise the group’s objectives, both in terms of business and sustainability.
Methodology
Inspired by the CoSO framework methodology, the ERM model considers different risk typologies, with a particular focus on ESG factors, business processes, activities, operators, and services. The model ensures an effective presidium of the entire universe of the main risks to which CAP is exposed. The group’s overall exposure is managed coherently to the objectives of the Industrial Plan and the Sustainability Plan.
Moreover, the ERM model of Gruppo CAP is dynamic and integrated: it values the systems of risk management peculiar to the single business processes, especially those related to fraud and corruption prevention, health and safety at work, and the safeguard of the quality.
The Sustainability Plan
The awareness of the importance of managing sustainability risks to ensure the group’s resilience in the medium-long run has led the company to pay greater attention to the environmental, social, and governance (ESG) risks to which the group is subject. Based on this, the group has chosen to orient its sustainability strategy to 2033 through the definition of the Sustainability Plan, anticipating the evolution of future scenarios and the impacts of contemporary social, environmental and economic trends.
The monitoring of the ESG risks and the ERM model are part of a single framework: although they have distinct perimeters, they complement and reinforce each other.
An integrated work
The ERM model and the update of ESG risks for the purposes of the Sustainability Plan are to be considered part of a single framework: although they are characterised by distinct perimeters, they foster and complement each other.
Integrated management system: control of business processes and activities through the establishment of management procedures and operating instructions shared with all Departments, through an articulated system of ISO Standards
Health and safety: adoption of an occupational risk assessment and control document, identified and evaluated in the company’s Risk Assessment Document (DVR)
Investment analysis: the planning of Group activities and investments considers the results emerged from the ERM model (e.g., budget preparation, Industrial Plan)
Compliance: adoption of the Organisation, management and control model for the purposes of Italian Legislative Decree no. 231/2001 and compliance with national and international sector directives which the Group must abide by
Prevention of corruption: envisages the identification of business areas at risk of corruption through our Three-year corruption prevention and transparency plan (pursuant to Italian Law 190/2012).
