Risk management
Like all businesses, Spirent is exposed to a number of risks and uncertainties. These risks may arise from internal factors, but some will be a result of external factors over which the Group has little or no direct control. It is the effective management of these risks that supports Spirent in delivering on its strategic objectives, safeguards the Group’s assets and, over time, will enhance shareholder value.
The process to identify and manage the principal risks and uncertainties of the Group is an integral component of the internal control system.
The risk assessment process starts in the businesses, where up-to-date risk registers are maintained and updated as part of the normal operating and control procedures, and is facilitated by the Head of Risk & Internal Audit. Each business identifies its key risks and mitigating factors and nominates a risk owner. The impact and the likelihood of occurrence of each risk is ranked, which assists the Group Executive Committee in assessing the likely impact in aggregate of each risk to the Group as a whole. The individual businesses are required to update their risk registers regularly to reflect new or emerging risks as they are identified.
The approach includes a process to identify, clarify and communicate emerging risks for Board discussion and assessment, along with agreed mitigating action plans.
It is not possible to identify every risk that could affect the business and the actions described below to mitigate those risks cannot provide absolute assurance that the risk will not occur or adversely affect the operating or financial performance of the Group.
The Board has classified the principal risks by the impact the risk would be expected to have on the Group should it occur, and the anticipated likelihood that that risk may occur using
the following classifications:
Risk | Impact |
|---|---|
Impact | High |
Likelihood of occurrence | Likely |
The Board takes the view that a high-impact risk could lead to a 10 per cent or more reduction in revenue, a medium impact risk a 5 to 10 per cent reduction in revenue and a low impact risk a reduction of up to 5 per cent in revenue.
The Audit Committee reviews and monitors the Group’s risk processes and reports to the Board on their effectiveness. Risk is considered by the Audit Committee at least twice each year, at which time the risk registers are reviewed. The Audit Committee challenges and debates the risks with reference to risk tolerance and appetite, as set by the Board. Progress made and any further actions to be taken regarding mitigation plans, as well as any changes to the risk profile, are discussed in detail.
The Board has identified the following principal risks, each of which is discussed on pages 61 to 64:
Risk | Impact | Likelihood | Change |
|---|---|---|---|
A. Macro-economic change | High | Likely | No change |
B. Technology change | High | Likely | No change |
C. Business continuity | High | Likely | No change |
D. Customer dependence/customer investment plans | High | Likely | No change |
E. Competition | Medium | Possible | No change |
F. Acquisitions | Medium | Likely | No change |
G. Employee skill base | Medium | Possible | No change |