Principles of risk management

Tieto’s risk management policy defines the concept of risk, the risk management framework and the responsibility for risks within the company. At Tieto, risk management is an integral part of management practices and it is integrated into the business processes. Managers in charge of business operations are also responsible for conducting and implementing risk management related to their business transactions. This is supported by the structured risk management processes, policies and guidelines that are defined in Tieto’s W2E (Way to Excellence) business system.

W2E describes all the main processes at Tieto. The owner of each process is responsible for the continuous development of the established procedures. Risk management procedures are in place for business processes such as sales and delivery, comprising the following steps:

  • identify
  • analyze
  • mitigate and
  • follow-up.

For example, in a delivery project, the project manager is responsible for all these steps. The projects are to be followed and reported monthly. The major high-risk projects are reported to the top management and to the Audit and Risk Committee regularly.



Modified: 2010-02-24   Print the page