The creation of sustainable value for stakeholders cannot exclude taking risks, which is a fundamental component of doing business.
The SEA Group, in its capacity of airport operator, is exposed to a broad spectrum of potential risks impacting on the achievement of the business strategies.
In order to reduce exposure to such events, the Group adopted specific processes and procedures to safeguard airport safety and the quality of services offered, for the protection of tangible and intangible assets of interest to stakeholders and to ensure the long-term creation of value. To better support and integrate the systems mentioned, in 2016 the SEA Group introduced an Enterprise Risk Management (ERM) model for the identification, homogeneous and transversal assessment of risks linked to the development of corporate activity, and their ongoing monitoring, to support management strategic choices and decision-making processes and stakeholder assurances.
The SEA Risk Model consists of four event categories:
- external risks
- operating and business risks
- financial risks
- legal and compliance risks.
Within these macro-areas there are some risk events which could impact on employee health and safety with varying degrees of severity, and which, more broadly, might impact on people transiting through the airport, on the environment, in terms of pollution, and the degradation of resources, or which might have a social impact i.e. community relations as well as elements relating to employee management.
Each risk event identified is assessed on the basis of a five-year occurrence probability (the same period as the group's Strategic plan), and its impact is based on four elements which include HSE (health safety and the environment), reputational impacts, as well as the level of maturity in managing the risk itself. There are 5 levels of risk assessment.
To integrate the mapping and evaluation of the ERM risks (Enterprise Risk Management), the SEA Group consolidated ad hoc functions responsible for specific management systems in compliance with the industry regulations. The risks monitored by these functions cover the environment, energy and Occupational Health and Safety and corruption. In fact, within the scope of each certification process (ISO 14001, ISO 50001, OHSAS 18001 and ISO 37001), the Group is engaged in specific activities to identify, assess and manage risks, which in conjunction with the activities of continuous improvement and the policies implemented, allow the Company to effectively manage non-financial risks also.