2. Enterprise Risk Management
The Company has developed an Enterprise Risk Management (ERM) System that supports Management in its strategic decisions, through the identification, evaluation, communication and management of enterprise risks.
In this context, the ERM System defines the strategy for monitoring, response and management of enterprise risks, in order to:
- Ensure that existing Company risks are systematically identified, analyzed and evaluated and that information relevant to risks and corresponding opportunities is promptly communicated to the competent decision-making bodies.
- Record Company’s response to identified risks as well as to evaluate mitigating alternatives (such as transfer the risk to third parties, e.g. insurance companies).
- Establish tolerance limits (thresholds) for each level of risk assessment and evaluation. In case these limits are exceeded, relevant reporting takes place.
- Implement a common methodology across the OTE Group for the identification, evaluation and management of enterprise risks.
The ERM System is based on the COSO ERM standard and the ISO 31000:2018 "Risk Management - Guidelines" standard, while its main objective is to safeguard the smooth operation and the future corporate success of the Company.
Risk Assessment is a structured process for risk identification, analysis, evaluation and management of enterprise risks, in order to ensure better decision making by the company's competent bodies and that appropriate mitigation has been developed to address these risks and monitor the implementation of relevant measures.
In this context, a common Risk Assessment methodology is being applied to all risk assessments that are being performed by business units, with specific criteria for risk evaluation and assessment, in accordance with the requirements of the Standard ISO 31000 and based on the unified ERM OTE Group methodology. The same methodology is also being used in order to determine the risk impact and severance of each material topic, concerning the evaluation and analysis of material sustainability issues (Materiality Analysis) for the Group. The results of all individual risk assessments performed by business units and Group subsidiaries are included in the OTE Group Corporate Risk Register, for the systematic analysis and monitoring of enterprise risks, facilitating and supporting the implementation of effective risk management practices.
The OTE Group Enterprise Risk Management Framework is illustrated in the following figure:
For the implementation of the ERM System, a Risk Manager have been designated at the Company. The tasks of the Risk Manager include the reporting and monitoring of the risks managed by the Company, in compliance with the OTE Group ERM methodology.
Enterprise Risk Management Policies
In the context of implementation of the Company's Enterprise Risk Management System, the following Policy applies:
Enterprise Risk and Insurance Management Policy
This policy describes the current requirements for enterprise risk and insurance management of the Company and the associated responsibilities.