<<

. 124
( 131 .)



>>

Environment Health & safety Social & ethical

1 Environmental activities/ 11 Health internal (workforce) 16 Use of corporate power
incidents 12 Health external (public) 17 Community investment
2 Air/GHG emissions from 13 Historic liabilities (health) 18 Marketing practices
production 14 Safety internal (workforce) 19 Business practices
3 Air/GHG emissions from 15 Safety external (public) 20 Bribery & corruption
transport 21 Human rights/resources
4 Water use (internal)
5 Waste water generation 22 Human rights (external)
6 Energy use 23 Natural resources usage
7 Raw materials 24 New technology
8 Waste generation
9 Historical liabilities
10 Peripheral pollution (noise,
light, visual)




Stage 2
Health of Customers (Public)
The combined risk
profile covers the 24 External Health
CSR ˜Risk Issues™ as British Gas/Scottish Gas (Centrica plc)
E.ON UK (Powergen)
seen above. The
EDF Energy plc
sample issue here is
RWE npower
the health of exter- Scottish & Southern Energy
nal stakeholders Scottish Power plc
(general public and
customers).
Appendix D “ SERM sample report methodology
688




Based on SERM™s analysis of a company™s subsector activity profile and the
˜Master Inputs™ that the Advisory Panel have assigned to the various subsectors;
SERM is able to assess the risk profile against each CSR ˜Issue™.
SERM then conducts extensive research from over 34 000 journals, govern-
ment, non-government organisations (NGOs), prosecution records and any other
pertinent publicly available information sources to define a ˜negative score™
which combined with the risk profile determines the gross (inherent) risk.
The gross (inherent) risk represents an estimate of risk to market value; prior
to taking account the company™s performance in mitigating/managing the CSR
˜Issue™.



Health of Customers (Public) Gross
External Health (inherent)
Risk
Stage 3
British Gas/Scottish Gas (Centrica plc) 0.66%
E.ON UK (Powergen) 0.67%
Analysis of gross
EDF Energy plc 0.50%
(inherent) risk.
RWE npower 0.38%
Scottish & Southern Energy 0.46%
Scottish Power plc 0.55%




Based on researched information, SERM assess the company™s ability to address
these issues and meet the expectations of its stakeholders. Using a defined set of
criteria SERM™s senior analysts then assign a ˜positive score™. This is entered into
SERM™s model and is translated to form the issues management score that ranges
from 1 (poor) to 5 (excellent).



Health of Customers (Public) Gross Risk
External Health (inherent) reduction
risk factor
Stage 4
British Gas/Scottish Gas 0.66% 2.0
(Centrica plc)
Issues management E.ON UK (Powergen) 0.67% 3.2
score (1“5). EDF Energy plc 0.50% 2.1
RWE npower 0.38% 2.0
Scottish & Southern Energy 0.46% 2.2
Scottish Power plc 0.55% 2.3
Appendix D “ SERM sample report methodology 689




The issues manage- Stage 5
ment score is then
applied as a risk Gross (inherent) risk is divided by the
reduction factor to issues management score (RRF) net
calculate the net (residual) risk.
(residual) risk.

SERM™s balanced
approach to assess-
ing risk means that
Health of Customers (Public) Gross Risk Net
materiality and External Health (inherent) reduction (residual)
performance are risk factor risk
both taken into
British Gas/Scottish Gas 0.66% 2.0 0.34%
account in the
(Centrica plc)
analysis. E.ON UK (Powergen) 0.67% 3.2 0.21%
EDF Energy plc 0.50% 2.1 0.24%
RWE npower 0.38% 2.0 0.19%
Scottish & Southern Energy 0.46% 2.2 0.21%
Scottish Power plc 0.55% 2.3 0.24%




Stage 6
The companies
can then be ranked
The results are then graphed.
in order of net
(residual) risk.

The lower the net
(residual) risk the Health External (public) “ external
higher the ranking.
British Gas/Scottish Gas
(Centrica plc)

E.ON UK (Powergen)

EDF Energy plc


RWE npower

Scottish & Southern Energy


Scottish Power plc

0.0% 0.2% 0.4% 0.6% 0.8%
Residual risk Inherent risk
This page intentionally left blank
APPENDIX
E


Sectors ranked by risk
E Sectors ranked by risk



Sectors Risk level Ranking

Industrial Metals High 1
Mining High 2
Tobacco High 3
Industrial Transportation High 4
Aerospace & Defence High 5
Pharmaceuticals & Biotechnology High 6
Oil & Gas Producers High 7
Banks High 8
Oil Equipment, Services & Distribution High 9
Food Producers High 10
Beverages High 11
Forestry & Paper High 12
Chemicals High 13
Mobile Telecommunications High 14
Gas, Water & Multi-utilities High 15
Construction & Materials Medium 16
General Industrials Medium 17
Food & Drug Retailers Medium 18
Electricity Medium 19
Travel & Leisure Medium 20
Household Goods Medium 21
Automobiles & Parts Medium 22
General Retailers Medium 23
Electronic & Electrical Equipment Medium 24
Health Care Equipment & Services Medium 25
Leisure Goods Medium 26
Personal Goods Medium 27
Fixed Line Telecommunications Medium 28
Industrial Engineering Low 29
Real Estate Low 30
Technology Hardware & Equipment Low 31
Support Services Low 32
Equity Investment Instruments Low 33
Media Low 34
Non-equity Investment Instruments Low 35
Software & Computer Services Low 36
Life Insurance Low 37
General Financial Low 38
Non-life Insurance Low 39
APPENDIX
F


Institute of Risk Management “
Business Continuity and Crisis
Management syllabus
Institute of Risk
F Management “ Business
Continuity and Crisis
Management syllabus

Understanding the risks
Track the development of risk management and business continuity from its
roots of origin to modern practice;
Provide risk and continuity-related definitions;
Provide a link between risk management and business continuity manage-
ment as part of a risk management framework; and
Develop the theme of risk management and business continuity management
as part of good governance and business management.

Stakeholders and their role
Begin the process of understanding the operational risks to the organisation
and above all the potentially destructive impact of some risks;
Recognise the wide range of stakeholders in the organisation; and understand
their importance, roles and needs;
Ensure a sensitivity to these stakeholders™ roles when undertaking risk
assessments, business impact assessments and any subsequent risk manage-
ment activity;
Understand both the role of the stakeholder who plays a part before an inci-
dent; and the potential additional impact of new stakeholders™ who emerge
as an incident is unfolding; and
Set the wider scene for risk assessments, the business impact analyses and
the recovery planning subjects.

Governance, good practice, standards, regulation
and the law
Consider the position of governance, good practice, standards, regulation and
the law in the risk management framework;
Examine the relationship between governance, good practice, standards, regu-
lation and the law;
Explore each subject heading in sufficient detail to appreciate the position of
these in terms of business continuity management; and
Appendix F “ Institute of Risk Management “ Business Continuity and Crisis Management syllabus 695



Analyse the global response of organisations to business continuity manage-
ment regarding each of the governance and standards issues.

Culture, strategy, performance, risk and business
continuity
Explore how risk management and business continuity management can be
embedded as part of good management practice;
Consider the position of risk management and business continuity manage-
ment in the strategic and operational planning process;
Review the risk environment in the context of what is at risk and what impact
discontinuity might have on an organisation and its vision, values, culture
and risk tolerance;
Consider business continuity at all levels both internally and externally to
the business environment, in context of enterprise risk management and
enterprise business continuity management; and
Examine how the board is engaged and attention sustained through demon-
strating how value can be added to the organisation.

The business continuity management cycle
Consider how to engage the board in appreciating the need for business con-
tinuity management;
Discuss the communication and embedding of business continuity manage-
ment throughout an organisation;
Recognise the wide range of stakeholders in the organisation; and understand
their importance, roles, needs and engagement;
Introduce the business continuity management cycle; and

<<

. 124
( 131 .)



>>