Management of risks
Telstra faces a variety of risks due to the complexity of its business and the dynamic business environment in which it operates. The effective management of risks enhances Telstra’s ability to achieve its financial, customer and people goals and to meet its legal and compliance responsibilities, thereby protecting and enhancing shareholder value. Telstra’s commitment is to manage those risks that arise in the course of Telstra’s business to an acceptable level, so as to maximise opportunities and minimise negative outcomes. Recognising this, Telstra continues to improve its approach for managing, monitoring and reporting risks related to the successful pursuit of its business objectives. Risks are monitored and reported on regularly throughout the year by management and the Board as part of the strategic planning, business planning, budgeting and performance management processes.
This approach is supported by Telstra’s Risk Management framework which includes the Telstra Risk Management Policy and Risk Management methodology and tools. The framework aligns with ISO 31000 Risk Management – Principles and Guidelines, the global standard for risk management, and is also supported by Telstra’s Business Principles and a number of other policies that seek to manage risks including: Credit Management Transactions; Regulatory Risk Management and Strategy Policy; Tax Risk Management and Assurance Policy; and Treasury Transactions.
Telstra regularly reviews its Risk Management framework to ensure that it continues to effectively promote and enable the identification, management and monitoring of risks across the Company.
Risk management roles and responsibilities
Risk management occurs at all levels of the Company. The Board has ultimate responsibility for reviewing Telstra’s actual and potential material business risks, approving the risk management framework policy and overseeing Telstra’s strategic risk management and internal control framework and reporting system.
The Audit Committee assists the Board in discharging these responsibilities by monitoring and advising on matters relating to risk management including:
- overseeing management’s design and implementation of Telstra’s risk management systems; and
- reviewing and monitoring the adequacy and effectiveness of management’s reporting and risk management responses and internal control systems.
The CEO, supported by the CEO Leadership Team, is accountable for ensuring that Telstra management implements an effective risk management and internal control framework to identify, manage and monitor the company’s risks and reports to the Board on whether those risks are being managed effectively.
For the financial year ended 30 June 2012, the CEO and CFO have provided the Board with the certifications required by the Corporations Act and the ASX Principles and Recommendations. Specifically, the Board has received:
- reports from management as to the effectiveness of the Company’s management of its material business risks;
- the declaration from the CEO and CFO required in accordance with section 295A of the Corporations Act; and
- assurance from the CEO and CFO that the section 295A declaration was founded on a sound system of risk management and internal control and that the system is operating effectively in all material respects in relation to financial reporting risks.