Risk management process

The key risk management activities are establishing and monitoring the context, assessing risks, handling risks, monitoring the implementation of measures, and reporting. Defining and monitoring the context assists in classifying Swisscom’s strategic and operational focus. Changes in the market environment are identified and analysed. The identification and analysis of risks and the choice of risk strategy are determined in the assessment, ensuring that the risks are systematically identified across the Swisscom Group with a bottom-up and top-down approach and analysed with respect to potential impacts on the company.

The graphic visualizes the risk management process.

Risks are divided into four main risk categories: strategy, compliance, operations and finance. Quantitative impacts are reported in financial terms. Qualitative impacts are reported with possible consequences for reputation, compliance or operations, including the potential for business interruptions. Measures are defined and implementation monitored in line with the risk strategy. A key step of the process is systematically recording risks in a central system that provides the Board of Directors and Group Executive Committee with regular, comprehensive risk profile updates for better oversight and decision-making.

Swisscom’s structured risk management process supports the effective management of the company and the achievement of its corporate goals. To facilitate improvements to company management, risks are reported at various levels.

  • Group Risk Management reports all material risks to the Group Executive Committee, the Board of Directors Audit Committee and the Board of Directors of Swisscom Ltd each quarter.
  • The strategic subsidiaries report material risks to Group Risk Management twice a year and to their Board of Directors at least once a year.
  • All other subsidiaries report their material risks to Group Risk Management once a year and to their Board of Directors at least once a year.
  • The Head of Group Risk Management has exclusive and unhindered access to the Board of Directors Audit Committee of Swisscom Ltd once a year.