Internal control and risk management in the Group aims to ensure that the Group operates efficiently and effectively, distributes reliable information, complies with regulations and operational principles, reaches its strategic goals, reacts to changes in the market and operational environment, and ensures continuity of its business.
It is the duty of the Board of Directors to monitor the appropriateness, effectiveness and efficiency of risk management and internal control in QPR Software Group. Risk management report is presented to the Board in connection with quarterly financial reporting.
The threat caused by the risks to shareholders is used as a criterion when the Board of Directors evaluates these risks. The Board of Directors also monitors that the Company has defined operational principles for internal control and that the Company monitors the effectiveness of internal control.
Coordination of risk management and internal control and the related reporting is the responsibility of the Chief Financial Officer. Risk management in QPR Software is guided by the requirements of legislation, shareholders’ expectations regarding business objectives, and expectations among important stakeholders, such as customers and personnel.
Risk management in QPR Software aims systematically and comprehensively to identify risks related to the Company’s operations and ensures that risks are managed and taken into account in decision-making. The Company does not have a separate risk management organization, and risk management is part of routine responsibilities throughout the organization. Risk management is developed by constantly improving operative processes in the Company.
QPR Software identifies the risks by their materiality: if realized, the risks selected for monitoring would have a material impact on the Company's business operations.
QPR has identified the following three groups of risks related to its operations:
Property, operational and liability risks are covered by insurance.
QPR Software Plc’s Management System has received ISO 9001:2015 quality certification covering the Company’s all activities, which is audited annually by an external party.
ISO 27001 Information Security Certification has been awarded to QPR Software for design, marketing, and delivering software services and solutions.
The ISO 27001 International Standard has been prepared to provide requirements for establishing, implementing, maintaining, and continually improving an information security management system. The information security management system preserves the confidentiality, integrity, and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed.
For more information on risk management in QPR Software, please see the latest Corporate Governance Statement.