Nuestra Empresa - ISA

Integral Risk Management Policy

ISA Economic Group

Approved: JD 626 - August 5, 2005


Based on this policy, Grupo ISA sets its criteria and defines the framework for action concerning integral management on such risks that affect business resources required in all critical processes necessary for the continuity and competitiveness of the Group companies.


Integral Risk Management is a practice inherent to the business activity, for which reason it does not follow any legal provisions but the Organization’s strategic purpose of preserving integrity of business resources, increasing competitive advantages and assuring business continuity vis-à-vis any risks to which it is exposed.


Clearly and expressly define the concept and performance outline for objective, systematic and matching application of Integral Risk Management.

Corporate reference framework

The Integral Risk Management Policy is supported by:

Vision, insofar as the Economic Group intends being recognized by its efficient rendering of services. 

Economic Group’s Mission, by establishing the efficient provision of integral services and growing with profitability for value generation.

Culture elements, by incorporating ethic values, ongoing improvement, self-control, social responsibility and timely, best qualified and effective provision of services.

Concept outline

Risk: An event which possibility of taking place and consequences affect the Economic Group’s resources and objectives.

  • Resources: Such essential talents and assets held by the Company to comply with its objectives and that should be protected by the Integral Risk Management.
  • Integral Risk Management: Endorsed and systematic implementation of a set of actions purported to the optimum handling of risks in all processes. The Integral Risk Management cycle encompasses: identification, assessment, handling, monitoring, communication and disclosure.
  • Identification: Process to ascertain prospective events that might affect the resources or deviate the Economic Group’s objectives.
  • Assessment: Risk measuring as to its possibility of taking place and severity of its consequences in accordance with preset scales for each resource. It allows identifying priorities for its management.
  • Handling: Application of measures to reduce the probability of taking place and/or severity of the risk consequences.
  • Monitoring: To verify, supervise, critically observe and record the progress of any activity, action and/or system on an integral and periodical basis, to identify changes and make a feedback on improving opportunities for Integral Risk Management.
  • Communication and disclosure: To make information, ideas and skills available, for the appropriation and to raise awareness on Integral Risk Management at all cycle stages. 
  • Consolidation: Such process through which all Organizational risks are incorporated on a consistent and coherent basis.  

 Application criteria

Grupo ISA Companies adopt the following criteria to apply this policy:

  • Responsibility: All workers are responsible for correctly applying Integral Risk Management through the identification, assessment, handling, monitoring, communication and disclosure of risks related to their processes and implementing verification mechanisms.
  • Permanent learning: To strive for and promote a systematic and updated knowledge on risk management best practices.
  • Economic reasoning: To strive for efficient and integral risk management which entails assessing cost-effectiveness of any handling measures being designed and applied for.

Framework for action

Grupo ISA Companies undertake the best practices and methodologies for Integral Risk Management, on a permanent, endorsed and consistent basis.

Grupo ISA Companies promote and facilitate the development of competencies for Integral Risk Management.

Integral Risk Management is part of the Economic Group’s organizational culture. 

Each of the Grupo ISA Companies complies with the rules application to risk management at each country. 

The General Manager for each company and his/her work teams are responsible for correctly applying Integral Risk Management at the corporate level, macro-processes and processes.

All matters concerning Integral Risk Management focused on the Group will be learned and approved by the Group’s General Committee.