Risk Management

Risk is an inherent part of doing business. ATI’s approach is to identify and assess all significant risks which could adversely affect the Company’s ability to achieve its business objectives and to identify management actions and internal controls which can mitigate those risks to an acceptable level.

Cognizant of this, the Company regularly undertakes a Business Risk Profile review where risks are identified by priority based on a systematic assessment of probability and impact.

The Chairman of the Board and senior management review and sign off its annual Risk Management and Internal Control Self-Certification Statement based on the following parameters:

  • Identification of risk assessment of new risks.
  • Prioritization of risks based on agreed impact and likelihood tables.
  • Determination of risk treatment strategies for significant risks.
  • Confirmation that all significant risks and related action plans have been notified to the Regional Management.
  • Risk assessment workshops maybe held at the level below the BU Board using a combination of business stream, functional and geographical participants.
  • The risk management process applies to all critical projects and business processes as required.

Control strategies are identified and action points established with the designated accountable persons. Results and developments are monitored during reviews at least annually.

ATI’s Board establishes the control environment, sets the risk appetite, and approves the policies and delegates responsibilities under our risk management framework.