NCC Group plc Annual Report 2022

Principal risks and uncertainties continued

Principal risks and uncertainties continued

Operational continued

VR

7. Quality of Management Information Systems (MIS) and internal business processes

Link to strategy:

Win business

Support growth

Develop our people

Key controls and mitigating factors The Group finance function has developed a forward-facing Finance Functional Strategy. Enhancements were identified covering system and process standardisation. A comprehensive milestone plan is in place and progress is tracked and reported to each Audit Committee. The rollout of Workday across our global finance teams has been completed and will support the standardisation of policies and procedures, in addition to improving efficiency and effectiveness. Standardised business process control standards are in place across all parts of the Group. A control self-assessment questionnaire was launched in 2021 and these standards are included in a programme of internal audits.

Impact Suboptimal business decision making and performance as key financial performance data is not available or trusted. Risk movement/impact System standardisation is consistent across the Group. However, we are continually reconciling management information needs against reporting capability of systems.

We need to ensure that trusted and relevant MIS are available on a day-to-day basis to inform management decisions and drive performance. Accountable Executive Tim Kowalski, Chief Financial Officer

8. Quality and Security Management Systems

Link to strategy:

Win business

Support growth

Key controls and mitigating factors We operate a comprehensive programme to ensure the retention of our core standards. This includes a portfolio of aligned policies and cascading business processes. A programme of internal audit provides assurance over the design and application of these policies and procedures. External assessors provide a further layer of review and challenge, confirming during the year the retention of our Quality and Security standards, which were renewed in April 2021.

Impact The risk of the Group failing to retain a core standard, e.g. 9001, 27001 or PCI, with a consequential loss of key customer accounts or ability to operate. Risk movement/impact We continue to maintain our ISO standards and PCI certification.

We aspire to attain and retain key internationally recognised standards, which form an important component for many of our customers. Accountable Executive Tim Kowalski, Chief Financial Officer

9. International trade (formerly post-Brexit)

Link to strategy:

Develop our people

Key controls and mitigating factors Similar to any UK company, we list post-Brexit as a significant risk due to the continued uncertainty surrounding the final EU post-Brexit trade deals with Europe and other international countries, which continue to be negotiated by the UK government. As our operations around the world include business entities based in continental Europe and the wider world, we believe NCC Group is structurally resilient to the post-Brexit trading environment. The main risks to our business from post-Brexit are: • Changes to export control requirements and related tariffs being implemented, which may impact some areas of service delivery • Real or perceived differences in data protection standards, which impact our global ways of working

Impact There still remains some uncertainty around the detail of EU regulatory changes as these are finalised and specifically the finalisation of trade negotiations and the wider world, which may impact some of the services delivered by the Group, which fall under export control regulations. Risk movement/impact There has been little movement in relation to international trade agreements post-Brexit.

Failure to comply with changing EU regulations as a result of Brexit and related negotiated international trade deals between the UK and other international trading jurisdictions may cause disruption to our business. Any disruption could have an adverse effect on our business operations.

Accountable Executive Tim Kowalski, Chief Financial Officer

Risk movement:

Risk impact:

Decreased

Unchanged

High

Medium Low

Increased

Viability risk: VR New risk: NR

70

NCC Group plc — Annual report and accounts for the year ended 31 May 2022

Made with FlippingBook Online newsletter maker