ERM business plan and y early assess - ment of Group k e y risks The Group risk organi­ z ation per f orms a y early as se s sment o f k ey risks based on av ailable input from the busine s s plan, ERM busine s s plan, self ­ as se s sment s, audit s and o ther sourc e s during Oct ober . Audit Commit tee reportin g Re sult s from monit oring activitie s are report ed at the No v ember A udit Commit t ee mee ting. M onitorin g: self assessment , dia gnos tic s, audit , etc K ey risks are monit ored ( through self as se s s ­ ment , diagno s tic s or o ther means) and / or sub ject t o risk manage­ ment activitie s through ­ out the y ear . K e y risk determination K ey risks as se s sed b y the Group risk organiz ation are discus sed and appro v ed b y Group Management . Appro v al of re visions to policies, risk mana g e - ment activities and monitorin g plan Group k ey risks and the plans f or risk management activitie s and monit oring are revie w ed b y the A udit Com­ m i t t e e a n d rec ommended f or decision b y t h e B o a r d , t oge ther with a y early appro v al o f revised Group policie s and guideline s at their May mee ting. ERM at Securit as The corner s tones of enterprise risk mana g ement (ERM) are the Group policies and guidelines that es t ablish the fr amew ork for all policies and compliance monitorin g in the Group . The ultimate responsibilit y for g o v ernance of risk mana g ement lies with the Boar d of Director s, but the w ork in v olv ed in minimizin g risks t ak es place throug h a s tructured process of assignin g responsi- bilit y to all le v els of the or ganization. Securit as is e xposed to v arious t ypes of risks in its daily business. When pro vidin g securit y ser vices, Securit as mana g es not only its o wn risks, but also risks on behalf of its cus tomer s. Minimizin g the risk of a loss occurrin g, and thereb y protectin g our cus tomer s and emplo y ees, is the mos t import ant objectiv e . Securit as ’ risks ha v e been classifed into three main cate g ories: contract and acqui- sition, operational as signment and fnancial risks. The cate g ories are based on the natur al fo w of the business – enterin g into a contr act , e x ecution of the assignment and the fnancial result . Similar risk cate g ories are also rele v ant for acquisitions, but are then classifed as acquisition risks, oper ational inte gr ation risks and fnancial inte gr ation risks. All of the risks in these cate g ories can impact the Group ’ s fnancial per formance and position if the y are not mana g ed in a s tructured w a y . G iv en that oper ational assignment risks and contr act risks arise in local oper ations, these are bes t mana g ed throug h a decentr aliz ed approach. Cus tomer contr act mana g ement and loss pre v ention measures are essential for minimizin g these risks. F or e xamples of risk and mitigations refer to follo win g pa g es. Group M ana g ement sets the risk mana g ement policies for the entire Group . Ultimately , the responsibilit y for claims set tlement and for purchasin g s tr ate g ic insur ance progr ams also lies at Group le v el. In addition, the Group conducts at leas t one business risk e v aluation seminar each y ear , with participants from the divisions, countries or re g ions. The purpose of these seminar s is to increase a w areness and under s t andin g of the risks to which the compan y are e xposed. The ERM sys tem is inte gr ated into the Group ’ s business plannin g and per formance monitorin g processes, re gar d- less of the risk cate g or y concerned. As part of the annual bud g et process, each le v el of the or ganization prepares an ERM business plan, which sets the main focus and priorities for oper ational risk mana g e- ment within countries, divisions and the Group for the comin g y ear . M obile and M onitorin g and the new mark et or ganizations use shared risk mana g ement resources. Securit y Ser vices North America re gularly monitor s risk e xposure throug h a coor dinated efort bet w een the risk mana g ement and le gal or ganizations in con junction with North American Divisional M ana g ement . Securit y Ser vices Europe , A viation and Securit y Ser vice Ibero- America ha v e their o wn risk commit tees, which meet on a re gular basis to monitor and follo w up risk e xposure . The y early risk assessment process is coor dinated b y the Group risk or ganization, which is also responsible for maintenance of the risk re g is ter . Enterprise risk mana g ement process R i s k - b a s e d I n p u t a n d r i s k P o l i c y m o n i t o r i n g i d e n t i f c a t i o n d e v e l o p m e n t a c t i v i t i e s R i s k m a n a g e m e n t Cont act and acquisition Oper ational Financial 41 Securit as Annual R eport 2012 G o v ernance and mana g ement Boar d of Director s ’ report on corpor ate g o v ernance and internal control