STRATEGIC REPORT RISK AND VIABILITY REPORT SS TRTR AA Risk Management TETE GG II CC R R EE PP OO RR RISK GOVERNANCE THE KEY ELEMENTS AND ACTIVITIES SUPPORTING TT We deploy our Enterprise Risk Management Framework and System OUR ERMFS INCLUDE: (‘ERMFS’) to manage risks and provide the Board, the Audit and Risk – annual review and approval of the ERMFS and Risk Management GG Committee and the Executive Committee with a robust assessment of OO Policy; VEVE our principal and emerging risks. The Board is ultimately responsible – bi-annual review of principal risks to assess the gross, net and RR for oversight of our risk management and internal control systems target risks for potential impact and likelihood; NANNAN and determines our risk appetite. – maintenance of corporate and functional risk registers; CC The Board has delegated its responsibility for monitoring the – undertaking top-down/bottom-up risk assessments including EE horizon scanning to identify emerging risks; effectiveness of the Group’s risk management and internal control – creating formal risk mitigation plans for all principal risks; and FF systems to the Audit and Risk Committee. The Committee fulfils this – provision of independent and objective assurance by the Internal II responsibility by directing and reviewing the work of executive NANNAN Audit team over the effectiveness of principal risk mitigation plans management and the key governance functions within the Group, to the Audit and Risk Committee. CC including the Internal Audit & Risk Management team (‘IA&RM’) IALIAL and the Risk Management Committee. The Chair of the Audit and CHANGES TO ASTON MARTIN’S RISK PROFILE S S TT Risk Committee updates the Board on the Committee’s activities in The most significant changes to the Group’s principal and emerging AA TT this regard as appropriate. risks in the year were: EE MM EE NN HOW WE MANAGE RISK – Talent acquisition and retention – risk reducing due to the positive TT Our IA&RM team maintains the ERMFS and coordinates risk impact of investment in the talent acquisition team and improved SS management activities across the Group, leveraging a network of employee engagement driving lower levels of employee churn. FF functional Risk Champions embedded within management (our first – Programme Delivery – risk increasing reflecting the volume of UU RR line of defence). Each principal risk has a risk mitigation plan programme activity planned for 2024 and the importance of TT HH incorporating management’s assessment of gross, net and target launching programmes on time and within budget. EE RR risk together with an assessment of the effectiveness of mitigating – Macroeconomic uncertainty and political instability – risk INF INF controls and activities currently implemented, and those which need increasing reflecting growing societal and political polarisation, to be implemented in order to reduce the risk to the target level ongoing conflicts, cost of living crisis and remaining inflationary OROR commensurate with the Group’s risk appetite. These plans are updated challenges. MM AA routinely throughout the year with any changes being incorporated – Inadequate protection against cybersecurity threats – risk TT II into the corporate risk register. increasing due to increasing technological content in connected ONON cars, presenting greater opportunities for attack which need to be appropriately mitigated against. Our Internal Audit & Risk Management team maintains the ERMFS and coordinates risk management activities across the Group, leveraging a network of functional Risk Champions embedded within management.” ASTON MARTIN LAGONDA ANNUAL REPORT AND ACCOUNTS 2023 64