Managing risks
All organizations face a variety of internal and external risks at both strategic and operational levels, some of which may be beyond their immediate control. Each risk has a certain likelihood of occurrence and a greater or lesser impact, so for any particular risk there may be impacts on people, equipment/property, the environment, image and/or business. Novartis aims to systematically identify and assess these risks.
We manage all known risks proactively by implementing appropriate preventive and contingency measures. This risk management process is designed to reduce the residual risk of an event – in terms of its likelihood of occurrence and the severity of its consequences – to an acceptable level. The two most important tools for HSE risk performance management are risk portfolios and audits. In addition, for business related risks, a Business Continuity Management (BCM) process is implemented as an integral part of the Novartis risk management framework.
Learn more about the Business Continuity Management (BCM)
Risk portfolios
The HSE & BCM risk portfolios are based on a bottom-up approach. Since 1997, Novartis sites have elaborated annual local risk portfolios that are consolidated at Business Unit/Division level, and finally at Group level, into corporate HSE & BCM risk portfolios. They are presented to the Group Executive Committee (ECN) annually. Good progress is being made – as demonstrated by the fact that a significant number of risks could be removed from the 2007 Group Risk Portfolio. Action plans for the remaining risks have been developed and are currently being implemented.
HSE audits
Beyond having a control function, HSE audits serve to provide consultancy and support to Novartis sites being audited. The sites develop action programs based on the audits, and their implementation is controlled by the Divisions and Business Units, and reviewed annually at corporate level.
