Uniform Risk Analysis Across the Group
Within the scope of risk assessment, we consider the
probability of occurrence as well as the loss associated
with risks. We employ both qualitative and quantitative assessment
methods that are uniformly structured across
the Group and thereby foster the comparability of the risk
analyses conducted across the various business units. In
accordance with the results yielded by analyzing the probability
of occurrence and potential loss, we assess a risk
as “high,” “medium,” or “low” on the Group-wide uniform
risk-assessment matrix. In addition, we apply stochastic risk-analysis methods such as value at risk (VaR) calculations
to continuously determine our foreign exchange, litigation,
and escalation exposures. Simulation techniques
such as Monte Carlo analyses are used within the context
of calculating contingencies for the pricing of project proposals.
In other areas where a quantitative assessment is more difficult, we employ qualitative assessment techniques based on the uniform risk-assessment matrix indicated above. We estimate the probability of occurrence and impact of individual risks using a common assessment horizon of three years to give us a risk prioritization. We only use insurance for risk control where the economic benefit appears worthwhile to us.
SAP Runs SAP Software
We have developed our own risk management software to create transparency across all risks that exist within our corporate alliance as well as to facilitate risk management and the associated reporting system. We record and address all identified risks in our own operational risk management application. Every quarter, we consolidate, aggregate, and present to the Executive Board the risk management information held in the risk management application. In addition, an ad-hoc risk-reporting requirement to the Executive Board and the chairperson of the Supervisory Board has been established where a risk with an expected loss exceeding €100 million is identified. We define a risk to our ability to continue as a going concern to mean a risk associated with an expected loss exceeding €150 million.
We review our risk management policy and process model
annually and revise them if necessary. Our global internal
audit service conducts targeted reviews to check compliance
with our risk management policy. Our global internal
audit service regularly reviews the reliability of the risk
management structure and the efficiency of the risk management
and reports the results to the Executive Board.
Apart from these measures, our auditor performs an annual
assessment of the suitability of our risk management
structures for the purpose of identifying risks that would
threaten our ability to continue as a going concern, as
required by the German Stock Corporation Act, section
91 (2). Key risk factors identified and tracked using the enterprise
risk management program are summarized below, broken
down by the same risk categories as we use in our internal
risk management reporting structure.
|
Want to learn more? Contact the SAP sales office nearest you. |
|
