The diagram summarises how we manage risk:
The Board has ultimate responsibility for our risk management policies and for ensuring we have an effective system of internal control. Our executive and operational management assess the risks facing our businesses and respectively create and implement our risk management policies. The Audit Committee ensures appropriate oversight of risk management and is supported by our internal audit function, which tests the effectiveness of our controls and identifies areas for improvement.
The table below shows the main categories of risks we face and which of our strategic objectives they could affect.
Although the Group faces more risks than those listed above, these are the risks that are currently of most concern to the business and have been debated at recent Board or Audit Committee meetings. A full description of these risks, their potential impact and how we manage them is set out in the risk management section in the Annual Report.