RISK MANAGEMENT PILLARS
We live out our RM philosophy through these three key pillars.
Roles and Responsibilities
Risk Management Approach
Globe Telecom’s overall RM framework and policy are based on the ISO 31000:2018 framework for Risk Management. As risks continue to become more volatile, uncertain, complex, and ambiguous, Globe adopts a decentralized, 3-lines-of-defense model approach to effectively manage its risks.
Risk Owners, having first-hand experience and expertise in managing risks on a daily basis, are given the overall accountability to address risks, including the adoption of one or more specialized frameworks and best practices (e.g., Control Objectives for Information and related Technology (COBIT), Information Technology Infrastructure Library (ITIL), Commission of Sponsoring Organization of the Treadway Commission Framework (COSO), National Institute of Standards and Technology (NIST), Project Management Body Of Knowledge (PMBOK), among others) that enables sound RM practices. Risk owners report timely updates on its risks and emerging threats to management.
The CRO, enabled by the ERMD, provides oversight of critical enterprise-wide and operational risks to ensure that the individual RM practices of risk owners are designed in accordance with the overall RM framework and policy, and managed appropriately in accordance with the company’s set risk appetite and tolerance levels.
The CAE, enabled by the Internal Audit team, provides independent assurance that the RM policies and practices are both designed effectively and operating as intended.
Both the CRO and CAE reports to the board via the BROC and Audit and Related Party Transactions (ARPT) committees respectively. Through the BROC and ARPT, in conjunction with other board committees, the board discharges and maintains its oversight role on the company’s risks.