NCC Group plc Annual Report 2021

Principal risks and uncertainties continued

Principal risks and uncertainties continued

Operational continued

7. Quality of Management Information Systems (MIS) and internal business processes

VR

Link to strategy:

Win business

Support growth

Develop our people

Key controls and mitigating factors The Group finance function has developed a forward-facing Finance Functional Strategy. Enhancements were identified covering system and process standardisation. A comprehensive milestone plan is in place and progress is tracked and reported to each Audit Committee. The rollout of Workday across our global finance teams has been significantly completed and will support the standardisation of policies and procedures, in addition to improving efficiency and effectiveness. Standardised business process control standards are in place across all parts of the Group. Financial year 2021 has seen the implementation of the new control self-assessment questionnaires along with an aligned programme of internal audits.

Impact Suboptimal business decision making and performance as key financial performance data is not available or trusted.

We need to ensure that trusted and relevant MIS are available on a day-to-day basis to inform management decisions and drive performance. Accountable Executive Tim Kowalski, Chief Financial Officer

Risk movement/impact

8. Quality and Security Management Systems

Link to strategy:

Win business

Support growth

Key controls and mitigating factors We operate a comprehensive programme to ensure the retention of our core standards. This includes a portfolio of aligned policies and cascading business processes. A programme of internal audit provides assurance over the design and application of these policies and procedures. External assessors provide a further layer of review and challenge, confirming during the year the retention of our Quality and Security standards, which were renewed in April 2021.

Impact The risk of the Group failing to retain a core standard, e.g. 9001, 27001 or PCI, with a consequential loss of key customer accounts or ability to operate.

We aspire to attain and retain key internationally recognised standards, which form an important component for many of our customers. Accountable Executive Tim Kowalski, Chief Financial Officer

Risk movement/impact

9. Post-Brexit

VR

Link to strategy:

Develop our people

Key controls and mitigating factors Similar to any UK company, we list post-Brexit as a significant risk due to the continued uncertainty surrounding the final EU post-Brexit trade deals with Europe and other international countries, which are still being negotiated. As our operations around the world include business entities based in Continental Europe and the wider world, we believe NCC Group is structurally resilient to the post-Brexit trading environment. The main risks to our business post-Brexit are: • Changes to export control requirements and related tariffs being implemented which may impact on some areas of service delivery • Real or perceived differences in data protection standards, which impact our global ways of working

Impact There remains some uncertainty around the detail of EU regulatory changes as these are finalised (for example, finalisation of trade negotiations with the wider world), which may impact on some of the services delivered by the Group, which fall under export control regulations.

Failure to comply with changing EU regulations as a result of Brexit may cause disruption to our business. Any disruption could have an adverse effect on our business operations. Accountable Executive Tim Kowalski, Chief Financial Officer

Risk movement/impact

Risk movement:

Risk impact:

Decreased

Unchanged

High

Medium Low

Increased

Viability risk: VR New risk: NR

46

NCC Group plc — Annual report and accounts for the year ended 31 May 2021

Made with FlippingBook Converter PDF to HTML5