Informa manages risk by deploying structures, policies, processes and systems that identify, evaluate and manage the Group’s risk exposure.
Informa’s approach to risk management is one of continuous progress and improvement. The Group aims to uphold a risk culture through which consistent, enterprise-wide risk management is embedded in the organisation, in a way that supports the Company’s growth strategies and can dynamically adapt to changing environments.
Informa manages risk by deploying structures, policies, processes and systems that identify, evaluate and manage the Group’s risk exposure
Risk Management Enhancements during 2015
During 2015 Informa strengthened its existing risk management processes, structure and supporting activities.
A new Risk Management Framework was developed to reflect the Group Operating Model established in 2014. This framework has embedded standardised tools and processes by which risks are identified, assessed, reported and managed. Responsibilities for risk management have been formalised within the Operating Divisions and Global Support.
A Director of Risk and Compliance was appointed to lead the function and to oversee the operation of the Risk Management Framework:
The Group implemented a new risk taxonomy. This provides a standard way for each Operating Division plus Global Support functions to identify, describe, classify and understand the risks that could impact their operations and the Group. It has created a way to describe risks across Informa in a consistent manner, so they can be easily compared and consolidated.
The Group deployed a new and unified risk management tool and scoring methodology, which offers more efficient risk assessment and reporting capabilities.
Governance and Oversight
In accordance with the UK Corporate Governance Code, Informa’s Board is responsible for determining the nature and extent of the principal risks it is willing to take to achieve the Group’s strategic objectives. It has reviewed and assessed those risks, outlined overleaf, which are defined as those that would threaten Informa’s business model.
Informa’s Board provides direction on risk management through the Group Audit Committee, with the Group Risk Committee responsible for how risk management functions throughout the Company.
The Group Risk Committee oversees the Group Risk Management Framework. It is chaired by the Group Finance Director and comprises Divisional Chief Financial Officers and representatives of key Global Support functions. The Committee articulates, implements and enforces Group policy to manage and mitigate relevant risks, and has a remit to report significant risks to the Audit Committee and the Board. During 2015, the Group Financial Planning and Accounting Director and the Group Director of Talent & Transformation also joined the Committee.
The Internal Audit Team provides independent assurance through planned audit activities that assess whether controls are adequately designed and implemented. This Team also makes recommendations for improving controls.
Some assurance activities take place independently of Internal Audit, such as regular testing for technology vulnerabilities. They are reported through defined governance channels, the results considered and any changes to the control environment made. A whistleblowing facility is available to employees and third parties to report control failures or behaviours, informing the Group on potential changes or improvements to risk mitigation activities.
Identifying Divisional and Group Risk
Under Informa’s Risk Management Framework, risks are identified at a Group and Divisional level, recorded in risk registers and mitigating activities are defined. Those that are more likely to occur and/or have the potential to significantly impact business activities and the Group’s objectives are identified as principal risks. The principal risks are therefore a consolidation of Group and Divisional risks, with all factors represented and, where appropriate, quantified according to their effect on business activities.