Risk Assessment

Risk assessment and risk handling

Conexus has a risk-based approach to our operation. Procedures for risk assessment and risk handling are established.

Risks can be associated with all management systems in the Conexus Quality Management System.

Risk assessments shall be carried out periodically for all critical processing. There is a need for additional risk assessment in case of major changes in our operating environment.

All actions identified in the risk assessments must be followed up closely by the manager, product- or system owner. High-risk items shall be reported to CISO.

Risk assessments are internal confidential documents.

Risk willingness

Conexus risk management is based on business assessments and compliance with applicable laws. In general, risk willingness falls into the following categories:

Risk category

Risk willingness

Risk category

Risk willingness

Information security and privacy

Very low

Key Business Processes

Based on the potential business impact

HMS

Low

Environment and Sustainability

Low

Risks that conflict with applicable lawa are to be avoided.