Experian 2010 Annual Report Download - page 36

Download and view the complete annual report

Please find page 36 of the 2010 Experian annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 164

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164

Experian Annual Report 2010 Business review34
Risk management operates at all
levels throughout the Group, across
geographies, business lines and
operational support functions. The
Board is ultimately responsible for
risk management, which includes the
Groups risk governance structure and
maintaining an appropriate internal
control framework. Management’s
responsibility is to manage risk on
behalf of the Board. By reporting
regularly to the Board and to the Audit
Committee, the internal audit and the
global risk management functions
provide support to the Board in
maintaining effective risk management
across the Group. The corporate
governance statement in the annual
report provides further detail on this
process.
Risks and uncertainties
Experian has a risk management framework which provides a structured and
consistent process for identifying, assessing and responding to risks. These risks
are assessed in relation to the Groups strategy to focus on data and analytics,
drive protable growth and optimise capital efciency.
The key components of the Groups
existing risk management framework,
which are regularly reviewed, have
operated throughout the year ended
31 March 2010, with some minor
enhancements to further embed social,
ethical and environmental risks into the
risk process in support of the Group’s
corporate responsibility strategy.
Risk area
Risk factors
Risks to Experian’s business are either specic to Experian’s business model, such as information security, or more general,
such as the impact of competition. Experian has identied the following principal risks and uncertainties.
Principal risks
Potential impact Mitigation strategies
The Groups business requires the
appropriate and secure utilisation
of consumer and other sensitive
information by its business units or its
third party partners. Internet-based
electronic commerce requires the secure
transmission of condential information
over public networks, and several of
our products are accessed through the
Internet. Security breaches in connection
with maintaining data and the delivery of
our products and services could harm
our reputation, business and operating
results. Please refer to the business and
market overview section of this report
for further information on how data
is considered to be a key resource at
Experian.
The Group has established rigorous
information security policies, standards,
procedures, and recruitment and
training schemes, which are embedded
throughout its business operations.
The Group also screens new third party
partners carefully and conducts targeted
audits on their operations. Continued
investments are made in IT security
infrastructure, including the signicant
use of data and communications
encryption technology.
The Groups business model is
dependent upon third parties to provide
data and certain operational services,
the loss of which could signicantly
impact the quality of and demand for
our products. Similarly, if one of our
outsource providers, including third
parties with whom we have strategic
relationships, were to experience
nancial or operational difculties, their
services to us would suffer or they may
no longer be able to provide services to
us at all, signicantly impacting delivery
of our products or services.
The Groups legal, regulatory and
government affairs departments work
closely with senior management to adopt
strategies to help secure and maintain
access to public and private information.
The Group’s global strategic sourcing
department works closely with senior
management to select and negotiate
agreements with strategic suppliers
based on criteria such as delivery
assurance and reliability.
Loss or inappropriate
usage of data
Dependence upon third
parties to provide data and
certain operational services
Related Group strategy:
Focus on data and analytics
Related Group strategy:
Focus on data and analytics
Optimise capital efciency
48
58
8
11