Orano - Annual Activity Report 2024 65 RISKS, CONTROL AND DUTY OF VIGILANCE PLAN 3 Methodology: risk mapping and risk management 3.2 Methodology: risk mapping and risk management 3.2.1 Risk management policy and methodology The group has created a risk management system consistent with the recommendations of the Autorité des marchés financiers (AMF), the professional standards of the Committee of Sponsoring Organizations of the Treadway Commission (COSO), and the changes in law and regulations concerning the CSRD (Corporate Sustainability Reporting Directive) and the duty of vigilance. The system is also implemented in accordance with the requirements of the Sapin II law, concerning the risks of corruption and influence peddling. A risk-assessment campaign is undertaken annually to take into account the potential impact of events on the achievement of the group’s strategic and operational objectives. Its main objectives are: ● the formal identification of every type of risk; ● the analysis and assessment of these risks in order to prioritize them; and ● the definition and monitoring of the implementation of action plans to control them. The Risk Management Division of the Risk, Compliance and Internal Audit Department reporting to group Executive Management, develops the methodological tools shared throughout the group. Risks are identified using a Business Risk Model (BRM). The BRM categorizes all foreseeable or unforeseen, internal and external situations or events into 38 risk families. Thus, it includes: ● macro and external risks such as climate change or geopolitical risks; ● strategic risks related, for example, to competition or partnerships; ● financial risks; ● operational risks; ● risks related to the group’s social, societal and environmental responsibility; and ● risks related to ethics, governance, compliance and integrity in business practices. The BRM is designed to evolve over time by incorporating best practices and feedback from users, and changes made to regulations. ORANO GROUP RISK MAPPING PROCESS Arbitration and validation after review of the "Top risks" by the Executive Committee %JKGH 'ZGEWVKXG 1HƓEGT Coordination and follow-up Guidelines "Top risks" proposal Risk Committee TOP DOWN BOTTOM UP Consideration of any changes in the methodology Comments and feedback concerning risk management Audit and Ethics Committee Management entities 1TCPQ ITQWR Business Units 1TCPQ ITQWR Functional FGRCTVOGPVU Source: Orano 4KUM %QORNKCPEG +PVGTPCN #WFKV &GRCTVOGPV Process management and summary
RkJQdWJsaXNoZXIy NzMxNTcx