Risk management and internal control
Savox’s risk management is an activity that aims to develop the ompany’s common processes to identify, assess, manage, and monitor risks related to the company’s operations, achieving objectives and ensuring continuity of operations. The company’s Board of Directors steers and monitors the planning and execution of the risk management. The CEO and the management of the company are responsible for the practical organisation, development, co-ordination, monitoring, and reporting to the Board of Directors.
Risk management
Savox’s governance and risk management are implemented through a structured framework that includes internal control, risk management, external audit, and audits related to systematic product quality, certifications, and regulatory compliance. The framework used by the company is designed to ensure consistent decision-making, risk awareness and compliance across all business areas. The operational risks of the company’s business are managed through the company’s internal risk management matrix, which documents each operational risk, potential consequences, risk owners and risk management plans. In addition, the company’s operations are guided by a separate risk management document focusing on the risk identification strategy.
To manage the risk associated with the approval of projects and tenders, Savox applies a predefined sales and tendering process, which is applied in connection with each project and tender, including defence sector projects and tenders. The company’s internal decision-making authorities relating to projects and tenders are determined based on the nature, size, risk profile, and strategic significance of the project. The company’s sales and tendering process seeks to ensure, in particular, that the company’s management and Board of Directors have sufficient visibility and oversight over larger, more complex, or high-risk-profile defence sector projects.
Some of Savox’s products are subject to export controls. The company manages the export control and sanctions risk associated with its dual-use products through product classification, screening of customers and end-users, licensing and internal compliance processes.