Skip to main content

Risk Management & Business Continuity

1. Introduction

Geviton Enterprises Ltd. is committed to proactively identifying, assessing, mitigating, and monitoring risks that could impact its operations, reputation, financial stability, and ability to deliver products and services. This Risk Management and Business Continuity Policy establishes a framework for managing risks effectively and ensuring the resilience of Geviton's critical business functions in the face of disruptive events.

2. Scope

This policy applies to all Geviton employees, departments, operations, information assets, systems, and third-party relationships that support critical business functions. It covers all types of risks, including operational, financial, strategic, reputational, legal, technological, and environmental risks.

3. Principles

Geviton adheres to the following principles for effective risk management and business continuity:

  • Proactive Identification: Systematically identify potential risks and threats across all aspects of the business.

  • Systematic Assessment: Evaluate the likelihood and impact of identified risks to prioritize mitigation efforts.

  • Effective Mitigation: Implement appropriate controls and strategies to reduce risks to an acceptable level.

  • Continuous Monitoring: Regularly monitor the risk landscape and the effectiveness of implemented controls.

  • Business Resilience: Ensure the continuity of critical business operations and rapid recovery from disruptions.

4. Policy Elements and Controls

4.1 Risk Management Framework

Geviton implements a structured risk management process:

  • Risk Identification: Regular workshops, brainstorming sessions, and analysis of internal/external factors to identify potential risks.

  • Risk Analysis and Assessment: Evaluate each identified risk based on its likelihood and impact.

  • Risk Mitigation: Develop and implement strategies to address risks, which may include avoidance, reduction, transfer, and/or acceptance.

  • Risk Monitoring and Review: Risks and mitigation strategies are regularly reviewed by management to ensure their effectiveness and to identify new or emerging risks.

4.2 Business Continuity Planning (BCP)

Geviton develops and maintains Business Continuity Plans to ensure the continued operation of critical business functions during and after disruptive events.

  • Business Impact Analysis (BIA): Conduct BIAs to identify critical business functions, processes, and systems, and determine their recovery rime objectives and recovery point objectives.

  • Continuity Strategies: Develop strategies for maintaining operations during disruptions, including backup power solutions, cross-training of staff for critical roles, and emergency supplier agreements.

  • Crisis Management: Establish a clear crisis management team and communication protocols for internal and external stakeholders during an incident.

5. Employee Responsibilities

All Geviton employees are responsible for:

  • Understanding and adhering to this policy and related procedures.

  • Reporting potential risks, vulnerabilities, or incidents to their manager or the designated risk management team.

  • Participating in risk management and business continuity training and exercises.

  • Following established procedures during disruptive events.

6. Compliance and Reporting

  • Risk Register: A central risk register is maintained, documenting identified risks, their assessment, mitigation actions, and ownership.

  • Regular Reviews: The Risk Management and Business Continuity framework are reviewed by senior management regularly or in response to significant changes or incidents.

  • Incident Reporting: All disruptions, near misses, or incidents are reported and analyzed to inform continuous improvement of risk management and continuity plans.

7. Review and Update

This Risk Management and Business Continuity Policy will be reviewed and updated regularly to reflect changes in Geviton’s business operations, the external risk landscape, technological advancements, and lessons learned from incidents or exercises.

8. Contact

For any questions about this Risk Management and Business Continuity Policy, please contact:

📧 Email: info@geviton.co.ke

📞 Phone: +254740223196

Back to top