Risk Management [GRI 1.2]
With the adoption of a methodology and Policy for Full Risk Management (GIR), CTEEP is able to identify the risks and, as a consequence, minimize the impact of variables on the management of the business and on the performance of its operations, handling it before it is established.
The model is based on using a tool called Enterprise Risk Management (ERM), which integrates all the Company´s information to identify inherent risks to the business and propose actions pursuing the management of the risks in all processes (the so called administrative measures), in a continued cycle.
This process is examined and followed up from time to time by the Full Risk Management acting as an articulator of the procedures and methodologies related to risk management, through risk managers. As an example, there are meetings with employees to discuss, evaluate and update the Risk Map, which currently contemplates 38 scenarios and their respective administrative measures.
One of the aspects followed up by GIR is the risk of favoring employees and/or contractors for unethical or illegal activities, reason why it is clear the need for confidentiality of the information. That is, at CTEEP, people in a situation of conflict of interest are not allowed to access information regarded as confidential and/or related to conflict of interests. The pure and residual likelihood of such risk is rather low, since, historically, there is no record on corruption incidents at CTEEP. [GRI SO2]
The controls (administrative measures) considered for residual valuation of such scenario are:
- Creation and dissemination of the Code of Ethics to all groups of interest of the Company.
- Term of adhesion signed by those employees with access to confidential information.
- Requirement for clauses of confidentiality for specific agreements.
- Crisis Management Plan to reduce event severity.
The Company bets on the concept of internal control as a fundamental strategic element to assure accomplishment of the results and guarantees the effective control of its operations. To such end, it holds an Internal Control Policy addressing the processes adopted to assure the effective control of its operations.
Such supervision mechanisms are based on risk assessment and on the four elements comprising the international methodology of Coso (Committee Of Sponsoring Organizations of the Treadway Commission), in five scopes: monitoring, information and communication, control activities, risk management and control environment.
