The risk management and internal control system is a set of formal and informal tools that define the roles of key participants in the risk management process, an approach to identification, assessment and risk management, as well as rules for information exchange and monitoring the level of risks in the company. Risk management involves the development of measures and the establishment of controls that allow the company to minimize the risks of not achieving operational and strategic goals.
Uncertainty is present in any area of the company's activity, which means that there are risks associated with this uncertainty that need to be controlled. The introduction of an integrated approach to risk management allows the company to form an objective view of the current and planned activities of the organization, given possible negative events or new opportunities, anticipate risks and take decisions based on information about them, respond to risks in a timely manner and reduce the negative impact of risks in case of their implementation.