POLICY FOR INTIMATION THE BOARD ABOUT RISK ASSESSMENT AND MINIMIZATION RISK ASSESSMENT AND MINIMIZATION
PREAMBLE AND OBJECTIVE:
The Board of Directors of the Heranba Industries Limited in pursuance of Regulation 17(9) of the
Securities and Exchange Board of India (Listing Obligations and Disclosure Requirements)
Regulations, 2015 and other applicable provisions (including any statutory enactments / amendments
thereof), approved the policy for risk assessment and minimization procedures vide its Board meeting
held on July 10, 2018.
EFFECTIVE DATE:
The Policy shall be effective from the date of commencement of trading in Company’s shares at the
BSE Limited and the National Stock Exchange of India Limited.
Definitions
“Board” means Board of directors of the Company.
“Company” means Heranba Industries Limited
“Compliance Officer” means the Company Secretary and Compliance Officer of the Company for the
purpose of administration of the insider trading policy.
“SEBI LODR Regulations” means Securities and Exchange Board of India (Listing Obligations and
Disclosure Requirements) Regulations, 2015
RISK POLICY AND PROCEDURES:
Risk management is attempting to identify and then manage threats that could severely impact or
bring down the organization. Generally, this involves reviewing operations of the organization,
identifying potential threats to the organization and the likelihood of their occurrence, and then taking
appropriate actions to address the most likely threats.
As per the provisions of the Listing Regulations, a listed company shall lay down procedures to
inform Board members about the risk assessment and minimization
In today’s challenging and competitive environment, strategies for mitigating inherent risks in
accomplishing the growth plans of the Company are imperative. The common risks inter alia are;
regulations, competition, business environment, technology, investments, retention of talent and
expansion of facilities. As a matter of policy, these risks are assessed and steps as appropriate are
taken to mitigate the same.
The board of the company shall form a subcommittee, which in turn monitors the risk management
policy mentioned in the document from time to time and take necessary actions if required.
RISK MANAGEMENT FRAMEWORK:
We adopt systematic approach to mitigate risks associated with accomplishment of objectives,
operations, revenues and regulations. We believe that this would ensure mitigating steps proactively
and help achieve stated objectives. The entity’s objectives can be viewed in the context of four
categories- (1) Strategic, (2) Operations, (3) Reporting and (4) Compliance. We consider activities at
all levels of the organization, viz. (1) Enterprise level, (2) Division level, (3) Business Unit level and
(4) Subsidiary level, in our risk management framework. These eight components are interrelated and
2
drive the Enterprise Wide Risk Management with focus on three key elements, viz. (1) Risk
Assessment; (2) Risk Management; and (3) Risk Monitoring.
The Board is responsible for overall monitoring of the risk management processes. To support the
Board, every business function/department will depute a manager not below a Manager level as the
‘Risk Management Expert’ to ensure compliance to this policy, timely identification of risks and
development of risk mitigation plan, along with the concerned personnel.
RISK IDENTIFICATION
This involves continuous identification of events that may have negative impact on the Company’s
ability to achieve goals. Processes have been identified by the Company and their key activities have
been selected for the purpose of risk assessment. Identification of risks, risk events and their
relationship are defined on the basis of discussion with the risk owners and secondary analysis of
related data, previous internal audit reports, past occurrences of such events etc.
RISK ANALYSIS AND ASSESSMENT:
This involves determination of existing controls and analysis of risks in terms of the consequence and
likelihood in the context of those controls. We consider the range of potential consequences which
could arise from the risks and how likely those consequences are to occur. Consequence and
likelihood are combined to produce an estimated level of risk.
Risk assessment is the process of risk prioritization or profiling. Once risks are analysed, we assess
the risks as per the pre-established criterias as determined by the Company. This will enable risks to
be ranked and prioritized. This can be helpful to the Company to developed plans for managing the
risks which are identified and consequently help the Company to make effective strategies for
exploiting opportunities to meet the stated organizational objectives
Organizational Objectives:
Strategic-
• Organizational growth
• Comprehensive range of products
• Sustenance and growth of strong relationships with customers
• Expanding presence in existing markets and penetrating new geographic markets
• Continuing to enhance industry expertise
• Enhancing capabilities through technology alliances and inhouse technology developments
Operations-
• Consistent revenue growth
• Consistent profitability
• High quality productivity
• Developing culture of innovation
• Attracting and retaining human talent and augmenting their training
Reporting-
• Maintaining high standards of Corporate Governance and public disclosure.
Compliance3
• Ensuring stricter adherence to policies, procedures and laws / rules / regulations / standards.
RISK REPORTING MECHANISM
Risks as identified from time to time, their exposure and the risks mitigation plan devised by the
Company should be presented by the Risk Management Expert to the Audit Committee and Board.
The responsibility of compilation of report is entrusted with the Board. The Risk Management Expert
should submit quarterly report on the compliance of the risk assessment and management policy to the
Board.
RISK MANAGEMENT AND RISK MONITORING:
In principle, risks always result as consequence of activities or as consequence of non- activities. Risk
Management and Risk Monitoring are important in recognizing and controlling risks.
RISKS SPECIFIC TO THE COMPANY AND THE MITIGATION MEASURES ADOPTED:
1. Business dynamics – Variance in the demand and supply of the product in various areas. Based
on experience gained from the past, the Company is able to predict the demand during a particular
period and accordingly supply is planned and adjusted.
2. Business Operations Risks – These risks relate broadly to the company’s organization and
management, such as planning, monitoring and reporting systems in the day-to- day management
process namely –
• Organisation and management risks
• Production, process and productivity risks
• Business interruption risks
• Profitability risks
Risk mitigation measures –
• The Company functions under a well-defined organization structure
• Flow of information is well defined to avoid any conflict or communication gap between two
or more Departments
• Second level positions are created in each Department to continue the work without any
interruption in case of non-availability of functional heads
• Sufficient stock of raw materials is kept to ensure continuous production. Effective steps are
being taken to reduce cost of production
• Back-up Captive power generating capacity for uninterrupted production
• Strong HR Department to maintain excellent and cordial relations at all levels of employment
3. Liquidity Risks –
• Financial Solvency and liquidity risks
• Borrowing limits
• Cash management risks
Risk mitigation measures –
• Proper financial planning is put in place
4
• Annual and Quarterly Budgets and Variance Analyses are prepared to have better financial
planning
• Daily, monthly cash flows are prepared
• Cash management services are availed from Bank to avoid any loss of interest on collections
Exposure to Foreign Exchange transactions are supported by LCs and Bank Guarantee and
suitable hedging policy
4. Credit Risks –
• Risks in settlement of dues by clients
• Provision for bad and doubtful debts
Risk mitigation measures –
• Systems put in place for assessment of creditworthiness of Customers
• Provision for bad and doubtful debts made to arrive at correct financial position of the
Company
• Appropriate recovery management and follow up
5. Logistic Risks –
• Use of outside transport services
Risk mitigation measures –
• Sourcing committed and dedicated service providers
• Exploring possibility of an in-house logistic mechanism if the situation demands
• Possibilities to optimize the operations, by having a combination of transportation through
road / rail and sea / air are explored
• Comprehensive transit risk insurance coverage for all incoming and outgoing goods across
the organization
6. Market Risks / Industry Risks –
• Demand and Supply Risks
• Quantities, Qualities, Suppliers, lead time, interest rate risks
• Raw material rates
• Interruption in the supply of Raw material
Risk mitigation measures –
• Raw materials are procured from different sources at competitive prices.
• Alternative sources are developed for uninterrupted supply of raw materials Demand and
supply are external factors on which company has no control, but however the Company
plans its production and sales from the experience gained in the past.
• The Company tries to reduce the gap between demand and supply.
• Proper inventory control systems have been put in place.
7. Human Resource Risks –
• Employee Turnover Risks, involving replacement risks, training risks, skill risks, etc.
• Unrest Risks due to Strikes and Lockouts
5
Risk mitigation measures –
• Company has proper recruitment policy for recruitment of personnel at various level in the
organization.
• Proper appraisal system to give yearly increment is in place.
• Employees are trained at regular intervals to upgrade their skills.
• Labour problems are obviated by negotiations and conciliation.
• Activities relating to the welfare of employees are undertaken.
8. Disaster Risks –
• Natural risks like fire, Floods, Earthquakes, etc.
Risk mitigation measures –
• The property of the Company is insured against natural risks, like fire, flood, earthquakes, etc.
• Fire Hydrants have been installed at all manufacturing locations. Other apparatus like
extinguishers filled with chemical, foam etc. have been placed at fire sensitive locations and
regular fire safety drills are carried out.
• First aid training is given to watch and ward staff and safety personnel. Workmen of the
company are covered under ESI, EPF, etc., to serve the welfare of the workmen.
• Engaging professional Risks Assessing Advisors who conduct periodical audit / review and
suggest risks improvement measures from time to time.
9. System Risks –
• System capability System reliability Data integrity risks Coordinating and interfacing risks
Risk mitigation measures –
• Systems Administrator monitors and upgrades the systems on a continuous basis.
• Password protection is provided at different levels to ensure data integrity.
• Licensed software is being used in the systems.
• The Company ensures “Data Security”, by having access control/restrictions.
10. Legal Risks –
These risks relate to the following –
• Contract Risks, Contractual Liability, Frauds, Judicial Risks Insurance Risks, Patent, Design
and Copyright Infringement Risks.
• Legal risk is the risk in which the Company is exposed to legal action.
• As the Company is governed by various laws and the Company has to do its business within
four walls of law, where the Company is exposed to legal risk exposure.
• The Company engages professionals, advisors who focus on evaluating the risks involved in a
contract, ascertaining our responsibilities under the applicable law of the contract, restricting
our liabilities under the contract, and covering the risks involved, to meet the general and
specific requirements so that they can ensure adherence to all contractual obligations and
commitments.
• The Company has established a compliance management system in the organization and
Secretary of the Company ensures the submission of the quarterly compliance reports by
functional heads for placing the same before the Board supported by periodical Secretarial
Audit Reports by Practicing Company Secretaries.
6
POLICY REVIEW, ETC.:
The Board or any duly authorized committee thereof, subject to applicable laws, may amend, suspend
or rescind this Policy at any time. Any difficulties or ambiguities in the Policy will be resolved by the
Board or such committee in line with the broad intent of the Policy. The Board or such committee
may also establish further rules and procedures, from time to time, to give effect to the intent of this
Policy.
In the event of any conflict between the provisions of this policy and of the applicable law dealing
with the related party transactions, such applicable law in force from time to time shall prevail over
this policy.
AVAILABILITY OF DISCLOSURES
This Policy shall be posted on the web-site of the Company.