2007 Interactive Registration Document - Renault
2007 Interactive Registration Document - Renault
2007 Interactive Registration Document - Renault
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
02 RISK<br />
MANAGEMENT REPORT<br />
MANAGEMENT<br />
2.3.1.6 INSURING OPERATIONAL RISKS<br />
At the <strong>Renault</strong> group, insurance for operational risks has three facets:<br />
n<br />
n<br />
n<br />
high-impact low-probability risks are transferred to the insurance and<br />
reinsurance markets;<br />
common risks that are statistically known and fi nancially coverable are<br />
provisioned by the Group, unless there is a legal requirement to insure<br />
them;<br />
the Group negotiates global insurance policies that provide Group-wide<br />
cover.<br />
The majority of the Group’s entities are covered by these global insurance<br />
policies. Their ceilings are high – up to €1.5 billion. Deductibles – which must<br />
be paid by the Group before the insurance companies pay for any loss – are<br />
also high. The highest deductible amount is €24 million per claim. Some risks,<br />
such as defects covered by the manufacturer’s warranty and recall campaigns,<br />
are not covered by insurance.<br />
The reason for keeping deductibles high include the Group’s consistent policy<br />
of prevention, the fact that there have been no major claims in recent years,<br />
and a desire to make each risk-bearing sector more accountable. No major<br />
change to <strong>Renault</strong>’s insurance strategy is planned for 2008.<br />
2.3.1.7 IT RISK<br />
RISK FACTORS<br />
<strong>Renault</strong> depends on the orderly operation of its IT systems. Most of the Group’s<br />
functions and processes rely on the software tools and technical infrastructure<br />
connecting its sites.<br />
The main risks dealt with by the Group are:<br />
n<br />
n<br />
interruption of IT services, regardless of the cause;<br />
confi dentiality and integrity of data.<br />
Within <strong>Renault</strong>’s Information Systems Department (DSIR), the Networks and<br />
Telecoms Security Department is leading the program to reduce IT risks and<br />
implement the IT security policy.<br />
MANAGEMENT PROCEDURES<br />
Risks are controlled through:<br />
n<br />
n<br />
committees and management charts that serve to check application of IT<br />
security procedures in line with international best practices (policies and<br />
standards such as ISO 27001);<br />
security approval for the Group’s main projects, interconnections and<br />
technical upgrades to ensure that appropriate security mechanisms are<br />
adopted (classifi cation of security needs, standardization of solutions);<br />
a monitoring plan whose results are presented and submitted for approval<br />
to representatives of senior management, the departments using IT, the<br />
Audit Department and the Group Risk Management Department. Depending<br />
on the subject, audit assignments and IT surveys are conducted in-house<br />
by the IT Department with the Group Protection and Safety Department, or<br />
independently by the Audit and Risk Management Department;<br />
an IT Risk Committee, organized by the IT Department under the management<br />
of the Audit Department and the Risk Management Department and with<br />
representatives of other corporate departments.<br />
ACTIONS AND IMPROVEMENTS<br />
The main security programs implemented in <strong>2007</strong> sought to:<br />
extend deployment of the security policy defined in association with<br />
Nissan;<br />
deploy security measures that refl ect the new issues raised by the Group’s<br />
international expansion and partnerships (access management and<br />
confi dentiality) ;<br />
increase user awareness of security issues at international level;<br />
reinforce the security and emergency resources and procedures in place at<br />
the Group’s main IT centers.<br />
Projects planned for 2008 will continue in the same line and further develop<br />
the existing coordination and protection systems, based on the aims of <strong>Renault</strong><br />
Commitment 2009.<br />
2.3.1.8 DISTRIBUTION RISK<br />
RISK FACTORS<br />
The type of risks to which <strong>Renault</strong> is exposed depends on the type of product<br />
distribution channel involved:<br />
at commercial import subsidiaries, the main risks are related to the use of<br />
sales and marketing resources;<br />
at its own distribution subsidiaries, grouped under the umbrella of <strong>Renault</strong><br />
Retail Group (formerly REAGROUP), <strong>Renault</strong>’s risks are primarily related to<br />
decentralization and the diversity of these entities;<br />
the fi nancial situation of dealership networks is also a source of risk.<br />
Another risk related to the Group’s commercial activities is customer default.<br />
70 <strong>Registration</strong> <strong>Document</strong> <strong>Renault</strong> <strong>2007</strong><br />
Find out more at www.renault.com<br />
n<br />
n<br />
n<br />
n<br />
n<br />
n<br />
n<br />
n<br />
n<br />
< TABLE OF CONTENTS ><br />
01<br />
02<br />
03<br />
04<br />
05<br />
06<br />
07<br />
08