Enterprise Risk Management Framework
WillScot Mobile Mini is dedicated to enterprise risk management practices that encompass all levels of our organization. Our framework allows us to constantly uncover and identify new risks across the enterprise, see them clearly and manage them decisively.
Our Enterprise Risk Management (ERM) framework follows the Institute of Internal Audit and COSO Integrated Framework recommendations.
Board of Directors
The Board of Directors has a key oversight role for ERM.
Audit Committee of the Board of Directors
The Audit Committee of the Board of Directors assists the Board in fulfilling its oversight responsibility by monitoring the company’s risk management framework. Review of the framework is on the Audit Committee calendar for semi-annual reviews, but can be added to the agenda as needed throughout the year. In the semi-annual reviews, the Audit Committee is apprised of the company’s most significant risks, management’s assessment of the risks and the planned response to mitigate the risks. The Audit Committee updates the full Board as needed on key issues that result from these reviews.
The ERM Committee presents semi-annual updates to the Audit Committee. The ERM Committee is comprised of the Company’s Executive Officers and meets quarterly to review and discuss the Company’s most recent risks and action plans developed to mitigate each risk. These meetings are facilitated by the VP of Enterprise Risk Management, who reports to the General Counsel and Corporate Secretary. In these meetings the ERM Committee assigns rankings to each risk resulting in a prioritized Risk Matrix, which is presented to the Audit Committee.
Business Units & Functional Leaders
The VP of Enterprise Risk Management conducts a formal process each year to accumulate and categorize the enterprise risks throughout the organization. Those included in the annual risk assessment include Directors on the Audit Committee, ERM Executive Committee members, divisional and functional leaders, and the Company’s external auditors. The risks identified are aggregated and fed into the framework. They are then reviewed and ranked with the General Counsel and Corporate Secretary and prepared for the ERM Committee. This process is updated each quarter as needed.
|Board of Directors||
|Audit Committee of the Board of Directors||
|Business Units & Functional Leaders||
Identify, Address, Solve
Our ERM framework allows management to make strategic decisions based on consolidated, timely and relevant risk information. The framework provides a summarized portfolio view of strategic risks that transcend the company’s operational risks. In short, the Board and Audit Committee can ensure that management is identifying the most significant risks to the organization and responding appropriately. The Divisional and Functional Leaders are on the front lines of responding to enterprise risks. They ensure that the associated mitigation plans comply with risk tolerance levels agreed to by the ERM Committee.
At WillScot Mobile Mini, an enterprise risk is any potential activity or event that could hinder our strategic and business objectives over the next three years, which is aligned with our strategic planning process. Key focus areas for our ERM framework include all Operational, Strategic, IT, Financial & Compliance risks as identified and included in the annual risk assessment and the quarterly updates.
Our risk ranking process incudes the organization’s risk tolerance levels as approved by the Audit Committee. The process aids in ranking and understanding threats from a variety of different types of risks. The ranking criteria includes severity, likelihood, preparedness and velocity. This approach ensures that slowly developing risks like climate change are weighted and considered along with near-term risks. In fact, a number of environmental and social factors are included, such as truck fleet emissions, labor law changes, diversity, and building code and zoning regulations.