Risk management system
Swisscom’s enterprise risk management (ERM) applies Group-wide and takes both internal and external events into account. Swisscom complies with the established COSO II and ISO 31000 risk management standards and thus has a risk management system in place that meets the requirements of its own corporate governance policy as well as those of Swiss law.
Swisscom’s risk management system is aimed at safeguarding the company’s enterprise value. This is assured by having in place a recognised and appropriate Group-wide risk management system as well as comprehensive, fit-for-purpose reporting at each level of management, suitable documentation and a risk and opportunity-aware corporate culture.
Swisscom employs special instruments in individual risk areas. In financial risk management, for example, quantitative tools (sensitivity analyses) are used to assess interest rate and currency risks. Specialised organisational units monitor the legal compliance risks and financial reporting risks (internal control system, ICS).
Information on the internal control system, compliance management and internal auditing is provided in the Corporate Governance Report, Section 4.10, Controlling instruments of the Board of Directors vis-à-vis the Group Executive Board.See report