43
The goal of the process of assessing financial risks is to establish and maintain an effective process for identifying, analysing and managing the
risks relevant to the preparation of financial statements.
At NH the risk management process consists of three levels of participation:
• The Board of Directors reviews the Audit and Control Committee’s supervision of risk management policies, processes, personnel and control
systems.
• The Internal Audit Department regularly reviews the corporate risk model.
• The Chief Officers or acting managers of each area, including the Chief Executive Officer or Managing Director and other professionals directly
involved in the risk management process within their area of responsibility.
The types of risk are classified as follows:
Technological risks
Technological risks relate to the management of information systems to ensure the completeness, availability and reliability of financial
information and avoid exposure of the company’s significant assets to potential loss, damage or misuse.
These risks relate to the following areas:
• Access security
• Availability
• Completeness
• Supervision of
Accounting Risks
These are risks which affect the reliability of financial information in terms of accounting records and breaches of accounting principles, and
refer to the following three categories of assertions:
• Types of transactions:
- Occurrence
- Completeness
- Accuracy
- Cut-off
- Classification
• Accounts’ balances:
- Existence
- Rights and obligations
- Completeness
- Valuation and allocation
• Presentation and breakdown:
- Occurrence and rights and obligations
- Completeness
- Classification and clarity
- Accuracy and valuation
Organisational and resource management risks
These risks include problems in the planning, management and monitoring of financial, material and human resources, and difficulties in
interdepartmental communications and decision-making, including possible quality problems and other threats in the course of the Company’s
activities.
These risks relate to the following areas:
- Budget Control
- Credit Management
- Receivables Management
- Payables Management
- Personnel Management
- Fraud
Data processing risks
These risks include problems in data processing in information systems, mainly in the following areas:
- Human Error
- Completeness of Invoicing
- Completeness of Master Files
- Review
Presentation and process risks
These risks can lead to ineffectiveness and inefficiency within the group structure when drawing up financial reports in terms of quality, time
and costs, and include the following aspects:
- Timeliness of the information
- Compliance with internal standards and policies
Business environment risks
Business environment risks arise due to external factors which can lead to significant changes in the basis underlying internal control of the
objectives of financial reporting and the Company’s strategies. Business environment risks are related to the following matters:
- Failure to comply with commitments undertaken
- Fiscal contingencies
ANNUAL CORPORATE GOVERNANCE REPORT
