RISK MANAGEMENT POLICY

1. RISK OVERSIGHT
The Board is responsible for risk management strategy and policy. The management of operational risk and the implementation of mitigation measures is the responsibility of management.

To assist the Board in discharging its responsibility in relation to risk management, the Board has delegated certain activities to the Audit and Risk Committee. The responsibilities of the Committee are contained in the Committee's charter. The Board has also delegated various authorities to the Managing Director and subsidiary Boards and Committees to enable the setting of the policy and procedures to assist with the management of the Adtrans Group (ADG) risk profile.

On an annual basis the Audit and Risk Committee considers the significant business risks applicable to the business and ongoing operations.

The Audit and Risk Committee's primary function is to assist the Board in its responsibility to exercise due care, diligence and skill in relation to ADG in the areas of:
  • Integrity of ADG's financial and external reporting
  • Internal and external auditors' activities, scope and independence
  • Management processes for the identification of significant business risks and exposures and reviewing and assessing the adequacy of management information and internal control structures
  • Whether ADG is adequately managing risk relating to corporate governance and is maintaining appropriate controls against conflicts of interest and fraud
2. RISK PROFILE AND MANAGEMENT OF RISKS
ADG regards business risks as "threats to the achievement of ADG's group commitment" which is:
  • To be a customer focused company that is passionate about the achievement of complete customer satisfaction
  • To provide a healthy environment that encourages and rewards initiative and develops the skills and ideas of our staff
  • To represent and support our manufacturers' products vigorously and achieve outstanding results
  • To generate profits that provide an appropriate return to shareholders, ensuring growth in our corporate and employment future
  • To exemplify the highest standards of personal and professional ethics in all aspects of our business
ADG regularly reviews, identifies and ranks all significant business risks arising from current operations and new business initiatives and identifies and implements procedures or policies to minimise risk. This risk review is reported through to the Audit Committee on an annual basis.

3. COMPLIANCE AND CONTROL/ASSESSMENT OF EFFECTIVENESS
The Audit and Risk Committee has responsibility for overviewing management's processes and results in identifying, assessing and monitoring risks associated with ADG business operations and the implementation and maintenance of policies and control procedures to give adequate protection against key risks.

In doing so, the Committee considers and assesses the appropriateness and effectiveness of management information and other systems of internal control, encompassing review of the external auditors' and internal auditor's reports to management on internal controls (including information technology controls), and action taken or proposed resulting from those reports.

The Committee is assisted by internal audit which is an independent assurance function established by ADG management.

Internal audit's principal objective is to assist the Managing Director/Chief Executive Officer in the discharge of his responsibilities to the ADG Board in the area of risk management and internal control by providing independent appraisals of the adequacy and effectiveness of the risk management and internal control systems within ADG and all controlled entities that comprise ADG.

In performing this role, internal audit may also provide assistance to other members of senior management and to the Board (through the ADG Audit Committee) in the discharge of their respective responsibilities.

Internal audit has full, free and unrestricted access to all records, documentation and physical property of ADG as may be required to fulfil its responsibilities.

Internal audit also has the authority to seek any information it requires to fulfil its responsibilities from any officer, employee, consultant or contractor of ADG or of any related entity of ADG.

The risk management and internal control systems within ADG encompass all policies, processes, practices and procedures established by management and/or the Board to provide reasonable assurance that:
  • Established corporate and business strategies and objectives are achieved
  • Risk exposure is identified and adequately monitored and managed
  • Resources are acquired economically, adequately protected and managed efficiently and effectively in carrying out ADG's business
  • Significant financial, managerial and operating information is accurate, relevant, timely and reliable
  • There is an adequate level of compliance with policies, standards, procedures and applicable laws and regulations