Experian 2010 Annual Report Download - page 36
Download and view the complete annual report
Please find page 36 of the 2010 Experian annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report. Experian Annual Report 2010 Business review34
Risk management operates at all
levels throughout the Group, across
geographies, business lines and
operational support functions. The
Board is ultimately responsible for
risk management, which includes the
Group’s risk governance structure and
maintaining an appropriate internal
control framework. Management’s
responsibility is to manage risk on
behalf of the Board. By reporting
regularly to the Board and to the Audit
Committee, the internal audit and the
global risk management functions
provide support to the Board in
maintaining effective risk management
across the Group. The corporate
governance statement in the annual
report provides further detail on this
process.
Risks and uncertainties
Experian has a risk management framework which provides a structured and
consistent process for identifying, assessing and responding to risks. These risks
are assessed in relation to the Group’s strategy to focus on data and analytics,
drive protable growth and optimise capital efciency.
The key components of the Group’s
existing risk management framework,
which are regularly reviewed, have
operated throughout the year ended
31 March 2010, with some minor
enhancements to further embed social,
ethical and environmental risks into the
risk process in support of the Group’s
corporate responsibility strategy.
Risk area
Risk factors
Risks to Experian’s business are either specic to Experian’s business model, such as information security, or more general,
such as the impact of competition. Experian has identied the following principal risks and uncertainties.
Principal risks
Potential impact Mitigation strategies
The Group’s business requires the
appropriate and secure utilisation
of consumer and other sensitive
information by its business units or its
third party partners. Internet-based
electronic commerce requires the secure
transmission of condential information
over public networks, and several of
our products are accessed through the
Internet. Security breaches in connection
with maintaining data and the delivery of
our products and services could harm
our reputation, business and operating
results. Please refer to the business and
market overview section of this report
for further information on how data
is considered to be a key resource at
Experian.
The Group has established rigorous
information security policies, standards,
procedures, and recruitment and
training schemes, which are embedded
throughout its business operations.
The Group also screens new third party
partners carefully and conducts targeted
audits on their operations. Continued
investments are made in IT security
infrastructure, including the signicant
use of data and communications
encryption technology.
The Group’s business model is
dependent upon third parties to provide
data and certain operational services,
the loss of which could signicantly
impact the quality of and demand for
our products. Similarly, if one of our
outsource providers, including third
parties with whom we have strategic
relationships, were to experience
nancial or operational difculties, their
services to us would suffer or they may
no longer be able to provide services to
us at all, signicantly impacting delivery
of our products or services.
The Group’s legal, regulatory and
government affairs departments work
closely with senior management to adopt
strategies to help secure and maintain
access to public and private information.
The Group’s global strategic sourcing
department works closely with senior
management to select and negotiate
agreements with strategic suppliers
based on criteria such as delivery
assurance and reliability.
Loss or inappropriate
usage of data
Dependence upon third
parties to provide data and
certain operational services
Related Group strategy:
– Focus on data and analytics
Related Group strategy:
– Focus on data and analytics
– Optimise capital efciency
48
58
8
11