The objective of Optomed’s risk management is to ensure the implementation of Optomed’s strategy and to support in achieving company strategic, operational and financial targets. The purpose of the risk management is to systematically identify the uncertainties, risks and opportunities related to the targets and to effectively assess and manage the identified risks. Therefore, risk management is an integral part of Optomed management system.
The implementation of risk management process is continuously monitored by the management team and reported to the board of directors of Optomed. The Board of Directors has approved the risk management policy and oversees the effectiveness of risk management. CEO ensures risk management policy and process are implemented and performed accordingly in all business areas and functions. Segment and support function leaders are accountable for identifying, assessing, managing, monitoring and reporting risks related to their respective areas of responsibility.
Optomed has identified the following risk categories:
- Strategic risks are risks that either affect or are created by Optomed business strategy decisions. The target for assessing strategic risks and opportunities is to identify the measures that are to be taken in order to achieve objectives by taking controllable risks.
- Operational risks are major risks that affect Optomed ability to execute its strategic plan. The target is to avoid or reduce operational risks to an extent, where the cost of measures is in a reasonable proportion to the significance of the risk.
- Financial risks include areas such as financial reporting, valuation, market, liquidity, foreign exchange and credit risks. The management of financial risks is based on Optomed Treasury policy.
- Compliance risks relate to legal and regulatory compliance.
The objective of Optomed’s internal control framework is to provide reasonable assurance regarding
- effectiveness and efficiency of Optomed’s operations
- achievement of operational and financial performance goals, and safeguarding assets against loss
- reliability, timeliness and transparency of internal and external financial and non-financial reporting
- adherence to laws and regulations to which Optomed is subject
Optomed’s internal control system is based on Committee of Sponsoring Organizations of the Treadway Commission’s internal control framework (COSO Internal Control, 2013). The COSO Internal Control is a widely accepted framework used to assess the effectiveness of internal controls over financial reporting.
Optomed’s Board of directors is responsible for approving the internal control policy and overseeing the effectiveness of internal control framework of Optomed. The CEO and the management team are responsible for building and implementing the internal control framework throughout the company. Segment and support function leaders are responsible for overseeing the internal control framework in their respective areas of responsibility.
Optomed’s internal audit provides independent and objective assurance by evaluating the effectiveness of the risk management framework. The purpose of Optomed’s internal audit activity is to provide independent, objective assurance and consulting services designed to add value and improve Optomed’s operations. The internal audit activity helps Optomed accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of governance, risk management, and control processes.
The scope of internal audit activities encompasses, but is not limited to, objective examinations of evidence for the purpose of providing independent assessments to the Audit Committee, management, and outside parties on the adequacy and effectiveness of governance, risk management, and control processes for Optomed.
The Audit Committee has the responsibility to monitor the efficiency of the internal audit.