Risk Management

Basic Policy

Consistent with the "Our Vision" management principles, NSG Group aims to enhance corporate value by way of sustained growth in line with the Medium Term Plan RP24. That said, the business environment enveloping the Group has become increasingly complex after the global pandemic and is continuing to dynamically transform. We see risks in the uncertainties that stem from internal and external factors, which threaten to affect the Group's ability to achieve its business targets. We therefore position risk management, which is tasked with identifying, assessing, and properly managing major risks, as an important part of our management foundation in order to minimize the negative effects and maximize positive results. By systematically and methodically implementing appropriate risk management across the entire Group, we can not only achieve our short term business targets, but also reliably execute business strategies.

NSG Group's risk management is carried out in accordance with our Basic Policy on Internal Control Systems, which was resolved by the Board of Directors pursuant to the provisions of the Companies Act. Specific measures for addressing risks that arise in connection with our corporate activities are prescribed in our NSG Group Risk Management Policy and are consistent with ISO 31000 (principles and guidelines on risk management) as well as the COSO Enterprise Risk Management model.

Looking to the future, the Group has reviewed its risk management system against the requirements of the revised Corporate Governance Code, and we are confident that the principles are fully met. Nevertheless, we are looking to continuously improve our systems in line with developing standards and the evolving risk landscape.


NSG's risk management systems are established so that they are fully embedded within the Group's day to day operations and operate as “three lines of defence”. The first line of defence is established within the business SBU's and Group Functions who operate controls and mitigations to identify, assess and manage risks across all the activities of the Group as part of its the day to day operations. The second line of defence is made up of the Group Functions and management forums who not only set the operating and risk management policies and standards for the operations, but also monitor the effective operation of the controls. The third line of defence is provided by the Group Internal Audit Function who make an independent evaluation of the effectiveness of the controls and the risk management processes.

At the heart of its enterprise risk management system, NSG Group employs a two tiered risk management framework comprising the Strategic Risk Committee (SRC) and the Enterprise Risk Management (ERM) Team, both of which are under the supervision of the Management Committee, and report onwards to the Board of Directors.

The SRC is chaired by the Chief Risk Officer (CRO) and its members are mostly executive officers including the CEO. The SRC determines the companywide risk management policy and framework, based upon which it identifies and classifies: (a) high level risks thought to have a serious impacton the Group; and (b) operational risks that ought to be managed by SBUs or Group functions. It then monitors how those risks are being addressed and requests that additional measures be taken if required. For high level risks, the SRC appoints "risk owners" to manage the collection of risk information and the progress of countermeasures.

The CRO presides over all SRC meetings and as representative of the committee, periodically reports to and receives feedback from the Management Committee and the Audit Committee regarding the effectiveness of the Group's basic internal control system and risk management structure.

In 22/3, the SRC convened three meetings and reported once each to the Management Committee and the Audit Committee.

The ERM Team is chaired by the CFO and its members comprise SBU general managers and heads of functions such as accounting, finance, and human resources. Every year this team identifies, assesses, and prioritizes the key risks pertaining to business execution and endeavors to improve the effectiveness of risk management by formulating necessary measures to mitigate risks. The ERM Team periodically, or whenever requested, reports on its activities to the SRC.

The Internal Audit Department's role is to provide assurance from an independent standpoint, regarding the companywide efficiency of risk management, and the effectiveness of specific risk mitigations.

To transfer or share risks, we have established an NSG Group Insurance Program. The program identifies the key insurable risks, including property losses caused by natural disasters, and endeavors to transfer them by placing cost effective insurance. Every year, under the supervision of the SRC, we review the Group's comprehensive insurance coverage under the global insurance program.

Major Risks for NSG Group

In 22/3 the SRC identified, assessed and monitored the following risks, listed in order of priority. For each risk, an owner has been appointed from among the executive officers, to take responsibility for appropriately managing it.

For each of the key risks being monitored, the SRC has determined that sufficient mitigations are in place, or are being progressed, to manage the risk within the Group's appetite.

1. Business continuity risk
2. Supply chain non-performance
3. Cyber risk
4. Loss of competitiveness to key customers
5. Economic risk
6. Financial risk
7. Product quality risk
8. Climate change risks
9. Political and fiscal risks
10. Labor/talent shortage
11. Ascertaining and responding to technological innovation
12. Business strategy risk
13. Compliance risk
14. New or amended laws and regulations
15. Intellectual property risk
16. Organizational culture transformation failure

We value your privacy

We use cookies on this website for analytics, remarketing, social media (optional) and content (essential) purposes.

By clicking ‘Accept All’ you consent to the use of cookies for non-essential functions and the related processing of personal data. Alternatively you can reject non-essential cookies by clicking ‘Essential Only’. You can adjust your preferences at any time by visiting our Cookie Policy and access the settings on that page.

For more information please read our