Risk is presented by any event that could prejudice the achievement of an organisation’s established goals and objectives. This gives rise to the need to identify, assess the materiality, and mitigate those risks, covering them where possible and eliminating them where necessary. For this purpose, the Fiat Group has for some time had an Enterprise Risk Management model (ERM) in place to ensure prudent management of risks.
The 2005 model is the result of the adaptation of the September 2004 COSO framework (formulated by the Committee of Sponsoring Organizations of the Treadway Commission, formed by five major American professional associations active in the areas of financial reporting and audit) to the Group’s specific requirements. The ERM is structured as a corporate process with objectives and roles being defined for the entire organisation, enabling not only the constant monitoring of risks but also opportunities to be pursued. This process is coordinated at Group level by Group Control, while at Sector level responsibility is attributed to the Chief Financial Officers (CFOs). Risk mapping is done centrally in close collaboration with the individual Sectors. A top-down approach was adopted by the Fiat Group which, beginning with process objectives, resulted in the identification of 80 standard risk drivers in various key areas/processes, ranging from strategic planning, to production, commercial activities, financial, etc. For more detail on financial risk management, see http://www.fiatgroup.com/en-us/shai/main_risks.





The risk assessment process, on the other hand, follows a bottom-up approach: starting at the individual company or business unit level, each risk is avaluated for the linkelihood of occurrence and impact (economic, business continuity or impact on corporate image), both on a scale of high/medium/low, to obtain an evaluation for the sector as a whole.
The model requires that existing measures be described and that future measures to contain unacceptable risks, action plans and individuals responsible be defined. The entire process is supported by a dedicated IT system. Upon completion of the process, the risk reports sent by the CEOs and CFOs of each Sector to Group Control are consolidated to form a Group Risk Report. On an annual basis, the Group Risk Report and related countermeasures are presented to the Internal Control Committee, whose duties include assisting the Board of Directors in verifying the adequacy and effective functioning of the Internal Control System. In 2009, as part of the continuous alignment with international standards and practice, an analysis of the existing ERM model was initiated (still in the finalization phase) to identify potential improvements. In particular, additional risks and opportunities were included linked to climate change, consisting of physical, regulatory or market risks linked to the potential demand for eco-compatible products. The process for analysing seismic risk was redefined and the existing risk management tools and methodologies were updated to include new possible and potential scenarios created by climate change. Also in 2009, Risk Management, the Fiat Group company which manages static risks (fire, explosion, natural events) and the associated insurance cover, adopted the innovative risk monitoring software VisioRisk (developed on the Google Earth platform), adapting it to Fiat’s industrial profile.
With this application, it is possible to share, in real time within the Group, all static risks to which company assets and production continuity are exposed. In 2010, the software will be used by Magneti Marelli in a pilot project.