At Basware, risk management is part of the Group’s management. Risk management at BasWare is guided by legal requirements, business requirements set by the owners of the company as well as expectations of the customers, personnel and other important stakeholders.
The goal of risk management is to systematically and extensively identify and acknowledge the risk involved in the operations as well as to make sure that the risks are appropriately managed when making business decisions. The company’s risk management supports the attainment of strategic goals and ensures the continuity of business operations.
Basware takes risks that are a natural part of the strategy and objectives. These risks are managed and reduced in various ways. The company is not ready to take risks that might endanger the continuity of operations or that are uncontrollable or that would significantly harm the company’s operations.
In the process of risk management, the goal is to identify and evaluate the risks, after which a risk-specific plan is drawn up and concrete action is taken. These actions may include, for example, avoidance of the risk, diminishment of the risk by different means or transference of the risk by insurance or agreements.
The Board of Directors receives annually a report of the most significant risks discovered during risk mapping. At the same time, the Board reviews the risks from the shareholder value’s perspective. Risk management does not have a separate organization within the Company but its responsibilities follow the distribution of liability throughout the organization and operations.
Basware has divided the risks into six categories: risks related to business operations, products, personnel as well as legal, financial and data security risks. Each group has a designated person in charge. The essential risks have been recognized and measures for preparing for them undertaken. In 2007, the Board monitored the progress regularly.