Risk management and the parties involved
The following parties are involved in risk management activities, both those undertaken within the framework of operational and decision-making processes, as well as those being part of the process of identifying, assessing and monitoring the most significant risks from the point of view of PSE:
- the Audit Committee/Supervisory Board,
- the Management Board,
- managers of the company’s organisational units,
- risk coordinators in the company’s organisational units,
- all employees of the company,
- the Risk Management Office.
Presented below is essential information on the role of each of those parties.
Audit Committee/Supervisory Board
The Audit Committee supports the Supervisory Board in supervising the operation of risk identification and management systems.
In particular, the Audit Committee can:
- assess the appropriateness of the business risk identification, monitoring and mitigation systems used by the Management Board,
- assess the compliance of the internal control system with the internal rules and regulations and procedures that ensure the effective operation of the system,
- indicate internal control system areas that need improvement,
- assess the performance of systems reducing the risk of irregularities occurring in the company,
- submit internal audit plan proposals for a particular year.
The Audit Committee may demand that the Management Board submit information on the approach to risk management, as well as risks relevant to the company and the PPS.
The Management Board is responsible for the establishment of a system-based approach to risk management in the company. Approves the Risk Management Policy. In addition, the Management Board studies periodic reports on PSE’s business risks as well as measures taken as part of risk management.
Managers of the company’s organisational units
Each manager of the company’s organisational unit is responsible for the management of the business area assigned to that unit. Management activities include the identification of risks and the development and implementation of an approach to the management of risks that may affect the functioning of the area concerned and the achievement of its objectives.
In order to ensure terminological and methodological consistency in risk identification and assessment, and to ensure the adequate reflection of risks related to a given business area in register of risks of key significance for PSE, organisational unit managers cooperate with the Risk Management Office (RMO). The manager of an organisational unit acts as the risk owner for risks falling within their area of responsibility, which are included in the risk register.
Risk coordinators in the Company’s organisational units
Risk coordinators in the Company’s organisational units are individuals designated by the managers of those units. They are responsible for operational cooperation with the RMO, mainly for ensuring the current risk information flow between the unit concerned and the RMO. They support managers of organisational units in performing their role as risk owners.
All employees of the Company
PSE’s employees are a significant component of a system-based approach to risk management at the company – they engage in activities falling in line with the approach to the management of respective risks and support unit managers in the risk identification process. In addition, all employees are required to familiarise themselves with the Risk Management Policy and the risk management rules described in it.
Risk Management Office
The RMO is an organisational unit responsible for providing the Management Board with a comprehensive picture of the most significant risks for the operation of the PPS and the company. The unit ensures a system-based approach to the identification and assessment of those risks. In addition, the RMO develops recommendations for measures promoting risk management, pursued by the company’s individual organisational units (this applies to areas such as investment, ICT, anti-corruption, or employee health and safety). The Office ensures terminological and methodological consistency with regard to risk identification and assessment, as well as risk monitoring and reporting to the Management Board.