A key element of a portfolio company’s business strategy execution is the identification and assessment of risk and opportunity, including decisions on what levels of risk are acceptable, what risks are associated with each opportunity, how such risks can be mitigated and controlled and how to manage the business accordingly.
The components of risk management include the clear communication of the values of the portfolio company and its appetite for risk. For example, when pursuing new business opportunities, the allocation of roles and responsibilities and the design and implementation of policies and procedures relating to the identification, control and management of risk, and the measurement of and timely reporting on the impact of risk on performance.
All members of the board are ultimately responsible for, and should actively participate in, risk and opportunity identification, assessment and management across all business areas, including the review of financial and non-financial (e.g. ESG) factors. This includes ensuring that the management of the portfolio company establishes effective policies and procedures that adequately address the identification and control of risk, including legal risks.
Members of the board should actively and regularly seek assurance that risk management procedures are in place and are operating effectively.