Business Planning and Risk Management Program
On July 15, 2011, SMIC senior management undertook the following:
- Launch of the 2012 business planning and budget process with focus on reviewing and aligning departmental goals and targets with the vision and mission of SM, alongside the conglomerate's overall business strategies and directions. The meeting was attended by group and department heads, while discussion was facilitated by Ms. Corazon Guidote, VP for Investor Relations;
- Roll out of the company's Enterprise Risk Management framework across all departments as approved by the Board. The ERM Committee, which is chaired by the CFO, EVP Jose T. Sio, was launched by Gil Gonzales, VP for Corporate Governance and Risk Management. As an initial step, priorities were set, while risk profiling and risk strategy formulation will be conducted after a SWOT analysis is completed as part of the business planning (i.e. specifically in identifying weaknesses and threats as baseline risks
SM Risk Management Initiatives
SMIC focused its risk management efforts on providing competent leadership and support in the development of a risk management framework and policies implemented across the organization. These were in line with the initial action plan identified during the preliminary enterprise-wide risk management (ERM) workshop undertaken by the SM Group in November 2008. In this workshop, the Group recognized the need for (I) competent management in unfilled key SM functions, (ii) providing risk-based skills to Internal auditors, (iii) aligning business unit goals, technologies, people and resources with over-all business objectives, and (iv) developing an appropriate risk management framework that would be implemented across the organization.
Risk Management Training
SMIC sponsored a four-part, in-house, 12-day risk-based IT audit and computer-assisted audit training workshop for forty (40) internal auditors and thirty (30) selected finance and IT personnel from SMIC and its subsidiaries (namely, SM Land Inc., SM Retail, SM Prime Holdings, Inc., SM Management Services, and SM Development Corporation). This internal skills building event increased the awareness of the organization on risk and control. Specifically, the participants were trained to evaluate processes and ensure that more effective controls are in place to safeguard company information. They were also provided with practical guidelines in using the analytical tool, ACL. The workshop also provided a venue to discuss the scope and role of internal and IT auditors in supporting the company's risk management efforts. The participants discussed the various components of the SM group's information system, namely, organization, technologies, policies and practices. As part of the action plan resulting from the workshop, the participants agreed to efficiently collaborate to implement a common approach to the risk mitigation processes. SMIC also took part in a conference- workshop on International Organization for Standardization (ISO) 31000 Risk Management Principles and Guidelines on Implementation. This conference-workshop provided the participants with practical inputs, templates, standard checklists and approaches to the implementation of ERM. For the SM Group, ERM will be initiated through the development of an ERM framework, taking into account the annual business plan of all the operating units in the conglomerate's core businesses.