NOMAC Group operates in a fast-changing environment which can give rise to a host of risks across our value chain which could impact our operations, financial results and, possibly, the reputation. NOMAC Group is also exposed to indirect risks that emanate from other businesses and entities that are linked to the Group’s line of business. We recognize that risk management is an integral aspect of effective management practices and corporate governance as it assists decision making and enhances sustainability. Accordingly, we are committed to implement risk management best practices across our businesses, both in Saudi Arabia and other countries where we do business.
We have established the Enterprise Risk Management (ERM) framework based on the guidelines of ISO 31000:2018 encompassing risk appetite, continuous assessment and reassessment of risks quantitatively and qualitatively, establishing controls, drawing up mitigation actions and reviewing them periodically and comprehensively.
We have implemented standardized, digitized ERM processes to be followed by establishing a comprehensive Risk Diary, establishing of Risk categories, wherein the Plants and functions identify from the exhaustive list based on the local conditions and technology. Risk assurance is carried out through periodical testing of Controls, to validate their effectiveness, adequacy, relevance and veracity.
NOMAC Risk Management approach is comprehensive permeating all the stages of the business life cycle starting from Business development, bid submittal, construction, mobilization and operations and the entire strata of the organization including Plants, Functions and Entity.
The effectiveness of the ERM is driven by the strong Risk Management culture, which permeates every level of the organization, coupled with robust re-assessment of risks at regular intervals, assessing the effectiveness and adequacy of controls and tracking and closing mitigation actions in a timely manner.