EasyJet 2014 Annual Report Download - page 36

Download and view the complete annual report

Please find page 36 of the 2014 EasyJet annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 140

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140

REPUTATIONAL RISKS CONTINUED
Risk description and potential impact Current mitigation
Ineffective or non-delivery of projects
supporting the business strategy
During the year, the business has initiated a
number of key projects and programmes to
deliver key elements of the strategy.
If these projects and programmes do not deliver
the benefits and cost savings planned, easyJet
could fall short of its planned financial results.
A portfolio management office and experienced project teams
are in place to oversee delivery of a portfolio of projects and
programmes, and track budgets and benefits realisation.
A steering group, consisting of the Executive Management Team
and key senior management, provides challenge to project teams,
monitors progress and ensures that decisions are made at the
appropriate level.
Strong cost control is a key behaviour across the Company.
easyJet lean initiatives drive cost reduction and efficiency in
targeted areas.
Cyber threats and information security
easyJet receives most of its revenue through credit
card transactions and operates as an e-commerce
business. It faces both external cyber threats and
internal risks to its data and systems.
A security breach could result in an adverse impact
for the business and reputational damage.
easyJet continues to focus on the protection of information.
Controls are in place to ensure customer, employee and other
potentially sensitive information is collected, held and processed
securely, including:
monitoring of secure systems against unauthorised access;
quarterly review of the security of internal systems and easyJet.com
through penetration testing;
enhanced physical security at head office buildings;
periodic mandatory employee security training to maintain
staff awareness;
consideration of information security risks within procurement
processes; and
monitoring and control of scanning software for fraudulent
customer activity by the Revenue Protection team.
There is an Information Security Steering Group, chaired by
the General Counsel, which oversees any developments in
data threats and controls.
Bribery Act
Non-compliance with the Bribery Act 2010 could
adversely affect easyJet financially and reputationally.
easyJet has a zero tolerance approach to bribery which
is reinforced by a strong ethical tone from the top.
The adoption of appropriate anti-bribery controls has been
a key point of focus for the legal compliance programme
at easyJet. These include:
completion of risk assessments to determine specific
compliance needs;
specific policies, including ethics, anti-bribery and
corruption policy, and gift and hospitality policy;
online training module and mandatory training for all
managers and administrative employees in the UK and
across the easyJet network;
targeted face-to-face training for employee groups
perceived as higher risk;
the adoption of anti-bribery due diligence and standard
anti-bribery clauses for inclusion in supplier contracts; and
maintaining awareness of a whistleblowing helpline.
Risk continued
34 easyJet plc Annual report and accounts 2014