To preserve and maintain an excellent management of our business resources, and ensuring business continuity, ISA has a comprehensive management approach against possible risks and opportunities.
To this end, ISA has implemented a process of identification, analysis, evaluation, monitoring, and communication of the risks to which we it is exposed. The aim is to minimize the impact on financial resources and reputation as well as to take advantage of the opportunities that may arise.
Find out how these actions are incorporated into ISA’s risk policy:
ISA se compromete de manera responsable, transparente y ética a gestionar los riesgos y las oportunidades; con el fin de crear valor para sus grupos de interés, mantener su ventaja competitiva y contribuir al desarrollo de las sociedades donde tiene presencia.
The approval and periodic review of the policy, manual, prioritization criteria (appetite and tolerance) and monitoring indicators are noteworthy. In addition to the review and evaluation of the integrity and adequacy of the risk management operation.
Risk-based decision making is encouraged in the organization; workshops, forums, training, and the use of new tools are promoted with senior management, leaders, and collaborators to strengthen the culture of risk management and reporting.
The main risks, their current and future management measures, the information reported to the different stakeholders, and work plans associated with the recommendations of the supervisory authorities and control entities are monitored.
The model and review of emerging risks, as well as the most critical business risks and their management measures, work plans, the business continuity plan, analysis of materialized risks, crisis management and compliance risks, insurable risks, cybersecurity, and those associated with nature are promoted.
The risk management cycle is based on the ISO 31000 standard and aligned with best practices, and the implementation is supported under values and standards that guide the comprehensive risk management cycle at all levels and enable the organization to manage the effects of uncertainty on objectives, and they are:
They allow risks to be associated with common issues and are applicable to all companies. Both typology and the categories make it possible to conduct specific analyses and to produce executive reports and correlations.
For the location of the risks, an association is made with the relevant causes of the risks, rather than with the consequences.
La valoración de los riesgos dependerá de la naturaleza de cada categoría de riesgos; actualmente ISA y sus empresas cuenta con tres recursos (financiero, reputacional y personas) que permiten priorizar los riesgos identificados.
La valoración de los riesgos dependerá de la naturaleza de cada categoría de riesgos; actualmente ISA y sus empresas cuenta con tres recursos (financiero, reputacional y personas) que permiten priorizar los riesgos identificados.
