Risk Management is an integral part of the Company’s strategic plans. Risk Management is the active process whereby we address the risks attached to our activities; encouraging the understanding of the potential upside and downside of all those factors which can affect the firm. Risk Management increases the probability of success, and reduces both the probability of failure and the uncertainty of achieving the firm’s overall objectives.
At Honey Bun, risk management is an ongoing continuous process which translates into tactical and operational objectives; assigning responsibility throughout the firm with each manager and employee responsible for the management of risk as part of their job description at all levels. It supports accountability, performance measurement and reward, thus promoting operational efficiency. This is done by way of a Controlled Documented procedure, whereby policies and procedures are provided and approved; checklists conducted on the floor; and audits of procedures completed. Through the controlled documentation of procedure a process of continuous improvement is managed.
We provide for an Independent Internal Audit process while we also manage risks ongoing. The Board of Directors (BOD) determines once a year during the budget review the strategic areas for internal audits for each year.
The Company arranges adequate coverage for various areas of known risks which can possibly be insured.
TYPES OF RISK
At Honey Bun the areas of exposure to Risk mainly include but are not limited to the following:
Our Disaster Recovery Plan identifies our exposure to threats and ensures that systems are in place so that the business activities can function in the event of any disruption. We continuously focus on improving key processes that will enhance our responses to this risk and conduct systems testing to ensure continuance in the event of disruptions.
Disruptions can be described as disruptions due to natural disasters such as earthquakes weather extremes like hurricanes or floods, or company-specific disasters such as industrial accidents. Disaster planning addresses many aspects of a response, including:
1. Emergency procedures to evacuate people and important assets,
2. Special responsibilities for crisis management, availability of alternate sites, information and communication technology and other necessary infrastructure, alternate supply chain scenarios, emergency staff planning, emergency liquidity planning, communication strategies, product callback, exchange procedures, and the like.
3. The company provides for various drills and checklists for pre and post disasters.
4. We also provide for adequate insurance in the event of loss of business or to allow for replacement of equipment in the event of loss. These insured amounts on selected policies are reviewed and adjusted on a monthly basis.
IT Disaster Recovery Plan
A separate document outlines the IT disaster Recovery Plan in the IT manual whereby the company is able to manage a system or back up, recovery and testing recovery of it’s database and programs. It also provides for protection for antivirus software and provides for the system security.
Products liability risks and reputational risks arise from the risk of large-scale damage awards through jury verdicts or settlements in products liability lawsuits and from increasingly strict product safety laws and regulations (violations which may also be used against a company in a private lawsuit). A comprehensive program to manage products liability risks include all relevant business functions of the company, from engineering, procurement, manufacturing and quality control to sales and distribution. More specifically these include:
1. Food safety standards are clearly defined in our Good Manufacturing Practices (GMP) policy
2. Conformance to international food safety standards such as, Hazards Analysis Control Points (HACCP). Through this process, each ingredient and each process is carefully reviewed to identify potential hazard and clearly describes the preventative measure or the type of control required at the stage control is required. These procedures are clearly documented and bi annual training conducted.
3. An Orientation program is also provided for employees to initiate them into the culture of food safety at the plant.
4. The company is regulated by the local Bureau of Standards who provides certification for local food manufacturers operating at the required standards.
5. Registration with the US Food and Drug Administration pursuant to the Federal Drug and Cosmetics Act and is subject to random plant audits for export to the USA.
6. Food Storage and Prevention of Infestation audits
Health and Safety
At Honey Bun Safety comes first and this is communicated at the entry to and throughout the plant. All employees have a responsibility to ensuring safety. Steps taken to ensure same include:
1. Internal Department safety audits conducted twice annually
2. External audits from our insurers
3. External audits and certification from the local bodies including:
a. Ministry of Health
b. Ministry of Labour
4. The Company SOPs also contain a section on Corrective Action which details the procedure to be followed in the event there is a non-conformance in the prescribed method and the action to correct and prevent another breach defined.
5. First Aid Training of internal personnel to respond in the event of accident or sickness. The names of trained individuals are clearly posted at each plant.
6. Emergency measures are documented for hurricanes and other natural disasters in the company manual and checklists provided.
7. The company provides for an annual health fair where staff has the opportunity, either free or at a minimal cost for various health checks. We may also provide for Aids testing, blood pressure and other onsite tests.
8. Through our annual training calendar, drivers are provided with driving safety tips on a set frequency.
At Honey Bun we will establish a designated safety monitor whose primary and sole responsibility is to monitor safety throughout the operations and make recommendations for improvement.
Financial risks can expose the company to loss of money. These risks are provided for through the development of systems of control, checks and balances and by way of avoiding in as much as possible any conflict of interest.
1. As part of the company’s policy to provide documented systems and procedures and their compliance, each SOP contains a section on Verification whereby the system is subjected to review at a pre determined level. Each SOP also contains a section on Corrective action which details the procedure to be followed in the event there is non-conformance in the prescribed method and the action to correct and prevent another breach defined.
2. A biannual internal department audit provides an opportunity to review procedure adherence.
3. Submission to the Jamaica Stock Exchange and the Financial Securities Commission provide an opportunity for our shareholders to view the financial performance of the company.
4. The external financial auditors review the financials of the company on the accuracy of the information in accordance with International Standards on Auditing.
5. Insurance Policy on Consequential Loss provides for insurance against loss of profits from natural disasters.
6. The company manages customer credit by way of a credit policy and reports on performance on the quarterly management report.
7. In order to manage the risk of loss due to foreign exchange exposure, invoices billed in FE are promptly settled by the accounting department
Distribution in the process by which Honey Bun makes its products available to the market both locally and globally. This process has 2 major risks:
1. Financial Risks are covered under the financial Risks policy
2. Motor damages risks are covered under the company motor vehicle insurance policy
Information Technology is an integral component to all aspects of the business. It provides for communication, record keeping, reporting and daily operations. It is critical that these areas are properly maintained, information saved and secured and that the systems are available to support operation so that the business will not suffer significant disruption from system failure.
The company’s critical software is backed up offsite each night. This software includes accounting, payroll and manuals. The accounting software is also backed up by 2 hard drives alternatively each week, logged and stored at another location by the CEO.
Systems to test recovery are scheduled to mitigate risks. Other risks are alleviated through proper documentation and development of standard guidelines.
The Company responsibility towards its employees is paramount as we consider the significant value that they provide for the company. Next to ingredients our employees are the next largest component in the production of products. It is critical that we manage risks that might arise from any Industrial Disputes through:
1. The fair and legal treatment of our employees.
2. We recognize that while risks might arise from Industrial disputes that there are several risks that can be managed through a culture of motivation and satisfying employees and that we must be responsible for strategically managing this desired culture within the company. The desired culture is determined by the CEO and the HR Manager and executed at the supervisory and management level.
3. The company policy on Incentives ensures communication of appropriate means of incentives designed to achieve our specific goals.
4. Regular audits are developed to ensure compliance to the treatment of staff, surveys taken to measure employee satisfaction, administration of policy on incentive programs and the application of disciplinary procedures are regularly reviewed.
5. Management of the disciplinary procedure ensures full communication, adherence and just treatment of employees
We are engaged in a business where as food manufacturers, a public entity and as a responsible corporate citizen, our reputation is critically important to us. In managing Honey Bun’s reputational risk – we shall do everything in our power to ensure that the relationship we enjoy between ourselves and our stakeholders is ethical. As a public entity with our operating activities overseen by the Financial Services Commission and the Jamaica Stock Exchange, we ensure that these relationships are positively nurtured and sustained. We are also audited by the Bureau of Standards. We conduct Customers’ Audits annually as part of our Customer Service policy. As part of the same policy we have strict guidelines on the treatment of Customer complaints as we maintain accountability and transparency, compensating those who suffer any loss.
Our reputation is mainly secured through the administration of sound risk management to ensure that in any occurrence we are able to demonstrate that we have taken all the necessary steps to prevent its occurrence.
Safeguarding the integrity of our company’s intellectual property (IP) – includes the registration of trademarks, logos, and , know-how Preventing the misappropriation of intellectual property are all important parts of the overall risk management of the company.
Policy and procedures are employed to reduce these risks and their likelihood of occurrence. This may include but is not limited to various contracts with customers, employees and suppliers.
Security Risk (including criminal or terrorist activities)
In our local climate Security is a critical factor. Occurrence of criminal action can result in the loss of life and or significant financial loss. As such the company provides policy and procedures to reduce these risks to safeguard our employees and our assets.
1. Our policy on Biological Terrorism refers to the treatment of visitors and employee screening.
2. Security procedures are audited twice annually to ensure policy provides for potential risks and that gaps in the process are brought into conformance.
3. New security guards are provided with the requirements for their daily duties.
Honey Bun values itself on good corporate governance and recognizes the need to responsibly manage our carbon footprint as part of the global challenges. We recognize our responsibility to adequately manage our waste and other aspects of our environment such as energy and other natural resources. We seek to establish key performance indicators in this regard to establish a ‘green’ identity and to ensure that we do not place our local and global environment at risk. We recognize that without these measures the company also places its reputation at risk.
RESPONSIBILITY FOR POLICY
1. The BOD is responsible for approving the company’s risk policy, risk appetite and major portfolio limits.
2. The BOD is supported by the Audit Committee which monitors and oversees the firm’s risk profile, internal audits and closure of gaps.
3. Honey Bun’s Independent Internal Auditor examines the effectiveness and appropriateness of the company’s systems and operational procedures to identify potential risks and categorizes them in order of the level of exposure. The Internal Auditor defines the scope of each audit and proposes the methodology to be used to complete. The Board of Directors receives these reports for review.
4. The CEO is accountable for the results of the company, which includes responsibility for the active and continuous management of risk exposures to ensure that risks and returns are balanced. He is directly responsible for the Internal Audit execution plan.
5. The CEO shall seek Legal Counsel for implementing the firm’s risk management and control principles for legal matters and for ensuring compliance with all laws and regulations and communicates with the board in these regards
6. The various Executive Managers and the Management team are responsible for establishing methodologies and systems to reduce or eliminate risks. This is completed through a process of continuous improvement in the Standard Operating Procedures (SOP) of the company, communication, training, implementation and the monitoring of the effectiveness of the systems. Personal evaluation programs of the executive and management team monitor performance in this area. The Management team also provides timely information on other potential operational risks outside the scope of the internal audit.
7. The management team shares information regarding individual risks at regular recorded weekly meetings, and uses the shared information to guide its decision making.
8. The Human Resource Manager ensures that the content of orientation and training programs for new senior managers are reviewed to make sure that such programs enable managers to gain an understanding of the company’s business and risks. This is completed through a documented orientation program for each senior manager.
While the board has responsibility for policy and overall monitoring, the company also implements other internal systems to test our conformance to policy and procedures which are designed to mitigate risks. This is done through:
1. Job Descriptions
2. Documented training programs for new employees
3. Personal and 360 degree performance evaluations
4. Bi annual internal department audits
5. Training on a regular basis as outlined in the company’s Training Calendar
At Honey Bun we believe in providing proper guidelines and continuous improvement. Responsibility for exposing the organization to risks beyond our procedural guidelines requires that sanctions are taken at the highest level except where there are demonstrated efforts to alleviate risk at a lower level. [Example: where a manager might demonstrate adherence to the disciplinary guidelines then sanction will be delivered to his/her subordinate]. Where there is damage to the organization as a result of negligence exposing the organization, the person directly responsible will be expected to resign or his/her services terminated.