Purpose and objectives of risk management
The purpose of risk management is to help DNA’s management achieve the company’s strategic objectives and provide the company’s Board of Directors with up-to-date information on company risks and their management.
In addition, risk management is used to protect DNA’s critical success factors.
Any risks that undermine DNA’s strategically significant competitive strengths must be avoided if possible, and special attention must be paid to managing such risks.
Risk refers to events or circumstances which, if they materialise, could affect DNA’s ability to achieve its strategic targets or the operative targets derived from them.
Systematic risk management is in place to ensure that:
- DNA reaches its operational goals;
- Risks are taken into account in operational decision-making;
- DNA takes the right risks in terms of its strategy;
- The company is aware of all significant risks related to its operations;
- All necessary measures are taken to prevent significant risks or to prepare for consequences thereof;
- Company management and the Board of Directors are up to date of DNA’s risks and their management.
Risk management process
The Board of Directors decides on the objectives and principles of risk management and confirms the company’s risk management policy. The Board monitors the implementation of risk management. The Board of Directors has established an Audit Committee. Its risk management duties are defined in the Audit Committee Charter, which is confirmed by the Board of Directors.
The CEO is responsible for the practical organisation of risk management and maintenance of the risk management policy.
The risk management process provides reports on risks and risk management methods to the DNA Executive Team, Audit Committee and Board of Directors. Operational plans for the management of significant risks are drafted based on risk management reports, and the Executive Team and Audit Committee monitor the implementation of these plans.
The annual risk management plan is is aligned with the annual plan of DNA’s strategy process. The ambition is to update DNA’s risk map annually and to draft 1 or 2 reports on the key risks and uncertainty factors and their management for DNA’s Executive Team, Audit Committee and Board of Directors.
DNA’s Executive Team selects the key risks and assigns persons to be responsible for them. These persons document appropriate risk management methods and development measures for their responsibility area and submit them to the CEO for approval. The responsibility for a risk is assigned to a person who, based on their role in the company, is best qualified to understand the risk and determine how its management should be developed. Several persons can share responsibility for a risk.
In addition, DNA reports on the key risks and uncertainty factors in the Annual Report and interim reports. Risk management principles related to financial reporting are described in the Corporate Governance Statement.