Vodafone 2016 Annual Report Download - page 24

Download and view the complete annual report

Please find page 24 of the 2016 Vodafone annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 208

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208

Strengthening our approach to risk management
To support the implementation of this framework, the following actions have been put in place during the 2016 nancial year.
a Created a Group Risk function reporting to the Group Risk & Compliance Director
a Brought together a global risk community from local markets and specialist risk areas to support the delivery of the framework and share
best practices
a Completed an Integrated assurance mapping project to identify and enable oversight into the mitigations and level of assurance in place for the
key risks in all local markets and entities
a Assigned Executive Committee owners and Senior Leadership champions for each principal risk
Further enhancements are planned during the 2017 nancial year, including the implementation of a Risk & Integrated Assurance platform that can
bring the framework to life and support the ongoing development of integrated assurance across the “three lines of defence”1.
Identifying and managing
our risks
We have a clear framework for identifying and managing risk, both
at an operational and strategic level. Our risk identication and mitigation
processes have been designed to be responsive to the ever-changing
environments in which we operate.
Risk management
Our risk management framework
Vodafone needs to take risks and assume exposures to achieve its
strategy. Risk, within agreed and dened parameters, is essential to the
success of Vodafone. Equally, failure to suitably manage risk may have
an adverse impact upon Vodafone’s strategic goals and objectives.
Vodafone has recently introduced an enhanced global framework
designed to identify risks; set risk appetite: put in place appropriate
measures to ensure risks are properly managed and monitored;
and facilitate informed decision making. The framework, as set out
in the diagram, ensures we have one, company-wide approach to risk
management, with local oversight and approvals.
Identify
a Risks identied
in each Vodafone
local market
and entity
a Strategic risk
reviews with
Senior Leadership
a Group principal risks
reviewed and agreed
with the Board
Measure
a Risk appetites set
by the Board for all
principal risks and
cascaded down
a Standardised scoring
and categorisation
allows consolidation
and escalation
across Group
Manage
a Controls and
mitigating
actions identied
and measured
a Risk action plans
created to control
risks outside
of appetite
Monitor
a Integrated assurance
mapping identies all
levels of control and
oversight in place
a Effectiveness
of control and
oversight is tested
across the “three
lines of defence”1
Report
a Inform the Board
and Executive
Committee on how
effectively risks are
being managed
versus appetite
a Group-wide,
consolidated
views shared with
risk managers
Note:
1 A term used to describe the systematic approach to how we manage risk and provide assurance to the Board that risks are managed effectively. The rst line of defence typically sits in the
business operations (e.g. Technology), the second line of defence has oversight over the rst line of defence (e.g. Compliance or Risk Management), and the third line of defence are the
independent assurance providers (e.g. Internal Audit).
Vodafone Group Plc
Annual Report 2016
22