Arabtec Group (“Group”) and its operating subsidiaries (“OPCOs”) are acutely aware of the importance of Risk Management that has been highlighted as an important pillar to support the three-year strategic plan introduced by the Group CEO in January 2017.
The Group is committed to adopting sound Enterprise Risk Management principles and, building upon the expertise brought to the Group by the appointment of its Director of Risk & Assurance in 2016, has chosen to base its process on the commonly accepted ISO 31000 Risk Management standard, in accordance with the best practices of the industry.
Risk Management for the Group follows the principles and methodology presented in the ISO 31000 standard, depicted in the summary chart below:
This process allows Arabtec to further secure its strategic, operational and financial objectives, by providing a risk based structured framework for sound commercial and contractual decision making.
The main purpose of the development and implementation by Arabtec of a state of the art approach towards risks, across the whole organisation, is to secure its objectives towards:
in addition to ensuring that the Group pursues and materialises the best opportunities in line with its operational and strategic objectives.
Thanks to its Enterprise Risk Management framework, embedded into all its operational and strategic processes, the Group seeks to effectively and successfully address the risks inherent to its activities, namely:
The Enterprise Risk Management top-down approach has been complemented by a bottom-up approach that allows the Group to manage risks as close as possible to the business and its operations. This process includes Risk Management at both tender and project execution stages.
Arabtec has put in place a formal Risk Management process on all the projects it is awarded, that form the main part of its business.
The objectives of this approach are to:
Through dedicated training and coaching sessions, all project teams have been familiarised with this approach that has been documented through a standard Project Risk Management plan that is now part of the standard Project Management procedures.
Risk identification and risk evaluation sessions for all projects allow the projects to develop their risk register and to decide on mitigation actions geared at putting risks under control and diminishing their potential impacts on the cost, schedule or quality of the project to be delivered.
Risk review sessions are regularly organised to follow-up on the risk profile of the projects and the progress of decided actions.
Risks are part of the standard project reports to the Management and are on the agenda of the performance reviews that are regularly conducted.
Arabtec implements a formalised 4-Gate Tender Approval process that aims at better controlling the risks related to its commercial and contractual commitments, and by extension to projects execution.
This mandatory process allows Arabtec to optimise the commercial costs of the organisation, to support a tender decision-making process based on objective risk information and to ensure that contractual commitments are in line with the organisation’s objectives and its defined risk appetite.
At each stage, a decision is taken whether or not to pursue the commercial opportunity based on a thorough risk analysis that supports the decision-making process through objective risk criteria.