Risk Management

With global leadership comes global responsibility...not only to our people and shareholders, but also to the suppliers, distributors and citizens of the countries in which we operate. That’s why we devote considerable resources toward Enterprise Risk Management (ERM), anticipating and avoiding risks to the financial and operational health of our business.

ERM follows a clearly defined business strategy that is shared across the company and that is aligned with our strategic and organizational goals. Our ERM process adheres to the COSO II (Committee of Sponsoring Organizations of the Treadway Commission) framework. We assess all categories of business risk — strategic, operational, compliance, legal and regulatory, reputational and financial reporting — and coordinate our ERM assessment with the Internal Audit Risk Assessment to ensure consistency between the ERM plans and upcoming internal audits.

Several executive committees integrate ERM with business management by monitoring both risk exposure and how effectively those risks are managed.

These committees include:

  • Management Committee
  • Enterprise Risk Steering Committee
  • Business Ethics and Compliance Governance Board
  • IT Risk Governance Board
  • Credit Committee
  • Currency Strategy Committee
  • Reputation Management Committee
  • Management Audit Committees

In addition, the Audit Committee of the Board of Directors plays a key role in ERM oversight, while the roles of other Committees (including Compensation, Governance, and Finance) are restricted in scope. As needed, the Board will establish special committees to focus on specific business risks.

Institutional investors hold approximately 85 percent of Xerox’s common shares