Risk Management Policy

1. Objective

The objective of the Risk Management Policy is to establish a comprehensive framework for identifying, assessing, managing, and mitigating risks at Vertotech Aerospace Ltd. (hereinafter referred to as "the Company"). The Policy aims to protect the Company’s assets, ensure business continuity, and support the achievement of strategic objectives while complying with applicable laws and regulations.

2. Scope and Applicability

This Policy applies to:

  • All business units, departments, and functions within the Company.
  • All employees, including senior management and Board members.
  • All activities and processes that could impact the Company’s strategic, operational, and financial objectives.

3. Risk Management Framework

a) Risk Identification
  • Process: Risks shall be identified through various methods including risk assessments, audits, internal reports, and feedback from stakeholders.
  • Types of Risks: Risks may include strategic, operational, financial, compliance, and reputational risks.
b) Risk Assessment
  • Analysis: Risks shall be evaluated based on their likelihood of occurrence and potential impact on the Company’s objectives.
  • Risk Matrix: A risk matrix or similar tool may be used to prioritize risks and assess their significance.
c) Risk Management
  • Mitigation Strategies: Develop and implement strategies to mitigate identified risks, including controls, procedures, and contingency plans.
  • Responsibility: Assign risk management responsibilities to relevant departments or individuals.
  • Monitoring: Regularly monitor risk management activities and assess the effectiveness of mitigation measures.
d) Risk Reporting
  • Internal Reporting: Risk management activities and issues shall be reported to senior management and the Board of Directors.
  • External Reporting: Report material risks and risk management practices as required by regulatory authorities and stakeholders.

4. Roles and Responsibilities

a) Board of Directors
  • Oversight: Provide oversight of the risk management framework and ensure that it aligns with the Company’s strategic objectives.
  • Approval: Approve the Risk Management Policy and any significant changes.
b) Risk Management Committee
  • Composition: The Risk Management Committee shall include senior executives and Board members with expertise in risk management.
  • Responsibilities: Develop and review risk management strategies, assess risk reports, and ensure that risk management practices are effective and aligned with the Company’s objectives.
c) Senior Management
  • Implementation: Implement risk management strategies and ensure that risk management practices are integrated into day-to-day operations.
  • Reporting: Report on risk management activities and escalate significant risks to the Risk Management Committee.
d) Employees
  • Compliance: Adhere to risk management policies and procedures.
  • Reporting: Report potential risks and incidents to the designated risk management authorities.

5. Risk Management Process

a) Risk Identification and Evaluation
  • Risk Register: Maintain a risk register to document and track identified risks, their assessment, and mitigation measures.
  • Assessment Criteria: Assess risks based on their likelihood, impact, and severity.
b) Risk Mitigation and Control
  • Controls: Implement controls and procedures to manage and mitigate risks.
  • Action Plans: Develop action plans to address significant risks and ensure timely implementation.
c) Monitoring and Review
  • Regular Reviews: Conduct regular reviews of risk management activities and effectiveness.
  • Audits: Perform internal audits to assess compliance with risk management policies and procedures.

6. Training and Awareness

  • Training Programs: Provide training and awareness programs on risk management for employees at all levels.
  • Updates: Keep employees informed about changes in risk management policies and practices.

7. Documentation and Records

  • Documentation: Maintain comprehensive records of risk management activities, including risk assessments, mitigation strategies, and monitoring reports.
  • Confidentiality: Ensure that all risk-related documentation is handled confidentially and securely.

8. Policy Review and Amendments

  • Periodic Review: The Risk Management Policy shall be reviewed periodically to ensure its effectiveness and relevance.
  • Amendments: Any changes to the Policy shall be approved by the Board of Directors and communicated to all employees.

9. Disclosure

The Company shall disclose its risk management practices in the Annual Report and on its website, as required by applicable laws and regulations.

10. Conclusion

Vertotech Aerospace Ltd. is committed to maintaining a robust risk management framework to safeguard its assets, support strategic objectives, and ensure business continuity. This Risk Management Policy establishes a structured approach to identifying, assessing, managing, and mitigating risks.

Date of Adoption: [Insert Date]

Approved by: Board of Directors, Vertotech Aerospace Ltd.