Risk management
At the Grupa Azoty Group, we have adopted an integrated approach to enterprise risk management based on ISO 31000:2018 ‘Risk Management – Guidelines’.
The adopted process underlies some of our corporate governance arrangements. Its effective implementation ensures that our management bodies, supervisory bodies, and shareholders receive timely, reliable, and well-structured information on risks associated with the Group’s business. Our risk management practices are an integral part of the corporate management process, aiming to mitigate uncertainty and establish enduring safeguards for the Group’s value.
To codify the rules of conduct, we have devised a model for the enterprise risk management system, which incorporates process models, system procedures, and instructions. The key framework for the enterprise risk management system is provided by a corporate procedure entitled Enterprise Risk Management at the Grupa Azoty Group, which sets out the scope of responsibilities and procedures for each entity participating in the process. Direct supervision over the implementation and contents of the document is exercised by the Head of the Enterprise Risk Management Department at Grupa Azoty S.A., while the Vice President of the Grupa Azoty S.A. Management Board is responsible for monitoring its implementation.
Enterprise risk management is a continuous, iterative process at Grupa Azoty S.A. It is a dynamic cycle of ongoing identification and analysis of risks, with subsequent steps that involve monitoring, control, and mitigation of the identified risks. The process incorporates periodic evaluations of enterprise risks, leading to their verification, potential updates, and prioritisation.
At the Grupa Azoty Group, our ERM system employs a two-tier risk classification across six categories, encompassing:
- strategy, organisation and management,
- financial and credit risks,
- core business risks,
- social and environmental risks,
- safety and security risks,
- market and policy risks.