Corporate governance
Risk Management
The Risk Management and Compliance area maps the risks that may affect the Company or our operating segment in the strategic, operational, regulatory, financial, political, technological and environmental areas. To improve our risk management practices, aligned with ESG issues, we reviewed all risk control practices in 2022.
Throughout the year, we established action plans, which include monitoring controls and procedures, preventing occurrences and minimizing impacts.
Our Risk Management Policy covers all processes and all areas, as well as all employees. The risk management structure follows the Three Lines Model from the Institute of Internal Audit (IIA), namely:
1st Line
Includes managers responsible for managing the risks in their areas and must own them.
2nd Line
Supports the first line of defense for them to fulfill their responsibilities, monitors risks and provides adequate knowledge and tools for this process.
3rd Line
Has an objective and independent assessment of the Company's risk management, controls and governance. The process is based on international methodologies, such as ISO 31000:2018, COSO ERM and IIA.