Management of opportunities and risks
Telstra faces a variety of risks due to the complexity of its business and the dynamic business environment in which it operates. The effective management of risks enhances Telstra’s ability to achieve its financial, customer and people goals and to meet its corporate responsibilities, thereby protecting and enhancing shareholder value. Telstra’s commitment is to manage those risks that arise in the course of Telstra’s business to an acceptable level, so as to maximise opportunities and minimise negative outcomes. Recognising this, Telstra continues to improve its approach for managing, monitoring and reporting risks related to the successful pursuit of its business objectives. Risks are monitored and reported regularly throughout the year by management and the Board as part of the strategic planning, business planning, budgeting and performance management processes.
This approach is supported by Telstra’s Risk Management framework which includes the Telstra Risk Management Policy and Risk Management methodology and tools. The framework aligns with ISO 31000 Risk Management – Principles and Guidelines, the global standard for risk management, and is also supported by Telstra’s Business Principles and a number of other policies that directly or indirectly seek to manage risks including: Credit Management Transactions; Regulatory Risk Management and Strategy Policy; Tax Risk Management and Assurance Policy; and Treasury Transactions.
Telstra regularly reviews its Risk Management framework to ensure that it continues to effectively promote and enable the identification, management and monitoring of risks across the Company.
Risk management roles and responsibilities
Risk management occurs at all levels of the Company. The Board has ultimate responsibility for the risk management framework, including the processes for regular review and update of Telstra’s material business risk profile and the policies, systems and processes that are used to manage risk.
The Audit Committee supports the Board in fulfilling these responsibilities by overseeing the design and implementation of Telstra’s risk management framework, especially as it relates to operational, financial and compliance risks.
Telstra management has primary responsibility for assessing, managing and monitoring of risks related to the achievement of their business objectives. Management is responsible for ensuring that an effective risk management and internal control framework is implemented within their business. Each employee is empowered and expected to understand and manage the risks within their areas of authority when making decisions and undertaking day to day activities.
In addition, Telstra has groups which manage and report in specialised areas such as Compliance, Climate Change, Treasury, Insurance, Credit, and Regulatory risks.
Telstra’s Risk Management and Assurance group provide tools and advice to the business to support them with their risk management accountabilities. They also support management, the Audit Committee and the Board by providing independent assurance on the effectiveness of selected business processes, risk mitigation and internal controls, as per the agreed annual Coordinated Assurance and Advisory Plan.
