Risk management
Overseen by its Risk Management Board, representing senior managers from all parts of the company’s value chain, Novo Nordisk has a systematic, integrated process to continually risk assess a wide range of potential issues. Enterprise risk management increases the company’s ability to assess and understand risks separately and in relation to each other.
Each quarter, all major business areas in the company are required to report to the Risk Office their most significant risks, along with plans or processes to manage these risks. The Risk Office challenges business areas about reported risks and encourages exploration of longer-term concerns. Reported risks are then consolidated into a ranking and assessment of the company’s key risks. This information is presented to the Risk Management Board, who challenges the overall risk and control profile of Novo Nordisk.
The process is linked to the strategic planning process and considers both financial and non-financial risks.
All assessments of risk take into account the likelihood of an event and its potential impact on the business. Impacts are quantified and assessed in terms of potential financial loss and reputational damage.
Risks are assessed based both on the assumption that no mitigating actions will be implemented and at the net risk level, taking into account mitigating actions and their anticipated effect.
