Established by the Board, Skanska’s Enterprise Risk Management Policy (ERMP) sets out the framework and responsibilities for risk management across the organization. The overall purpose is to ensure that risk is managed systematically and as efficiently as possible, and is assigned the correct priorities to assist Skanska in achieving its business objectives and goals.
Enterprise risk management
Skanska applies a top-down and bottom-up approach, using established risk identification and analysis techniques and the COSO (Committee of Sponsoring Organizations of the Treadway Commission) framework for guidance. This approach reflects an integrated and robust approach to enterprise risk management (ERM). The Skanska Group Leadership Team is ultimately responsible for risk management and for the implementation of the ERMP. Business units are responsible for managing risk in their respective business operations within the framework set up by the ERMP. They also report to the Group Leadership Team on relevant risk management matters.
Enterprise-wide risk management approach
Enterprise risks are classified as strategic, operational, financial and regulatory. All risks in the business units’ enterprise risk registers are categorized using the Skanska Risk Universe. This allows us to work more consistently on enterprise risk. We can quickly and easily collate, analyze and respond to the current main risks in a more dynamic and proactive way and ultimately enables a more integrated system of governance, risk and control.