Manage our risks so we can act confidently In 2023, our efforts in risk management, Red Book self assessments (the document control and governance helped us to which defines the rules and texts applicable become more mature and transparent. to all the Group’s entities), supports our Factors taken into account We focused on bolstering our three lines risk management approach at all levels • Organisational culture. of defence: operational activities, risk of the organisation and encourages ongoing • Systemic and emerging risks, management and control, and internal improvement. The purpose of these tools is as well as other external factors, audit. Incorporating company risk to establish a robust risk culture across SYSTRA. such as macroeconomic and management into our basic operations Going forward, risk management will not Assess key risks geopolitical factors, regulatory means not just compiling a list of just apply to our operations: it will be extended changes and compliance, In each of our Business Units, we have climate change, environmental the most critical risks and preventing to our corporate strategy, and will align put in place processes for assessing sustainability, digital growth, them: it also means identifying new with our mission statement and vision. key risks based on probability criteria, new technologies and AI. opportunities for sustainable growth. as well as impact and the level of control Our aim? Help each operations unit achieve assessed collectively. The effectiveness its strategic and commercial targets through of this specific classification is underpinned A new integrated approach efficient management of the primary risks by action plans implemented to avoid Our Integrated Management System (IMS) in the areas of ethics, security, cybersecurity, these risks. They are also reassessed on is the cornerstone of our risk management the environment, and human capital. a regular basis, since they are approach: by breaking down silos, it forever changing. improves the decision-making process in terms of governance, strategy, target-setting and day-to-day operations. In 2023, we reviewed our process mapping in order to conduct an in-depth analysis of our primary activities, identify and prioritise risks, aligning the necessary controls What are the key risks with our business targets. for our Business Units • Events likely to compromise Build a solid risk culture “2023 heralds the start of the Internal Control the capacity of our Creating libraries of controls has enabled us roadmap. It will be deployed across the whole Group Business Units to achieve to bolster our internal audit procedures. At throughout 2024. The new approach which draws their business targets. on tried and tested approaches that have been • The most important risks the same time, putting in place management used internationally, is aligned with the Group’s for long-term success, which routines, particularly SYSTRA’s annual strategic priorities, while being tailored to meet might lead to damage or the everyday needs of our Business Units.” a significant loss in value. Petra Ghanem Vice President Internal Control and Risks, Group 2023 Sustainabil ity Report | 25