Xeon’s Board of Directors and top management are committed to ensuring that a strong governance framework operates throughout the organisation.
They recognise that good corporate governance is a vital component to support management in their delivery of the company’s strategic objectives, and to operate a sustainable business for the benefit of all stakeholders.
Risk management
Xeon’s Audit, Risk and Compliance Committee provides governance and oversight regarding appetite for risk and acceptable tolerance levels and empowers senior management to implement acceptable risk mitigations and report back to the committee quarterly. Risks are evaluated against Xeon’s key strategic objectives and under-pinning principles, including, but not limited to:
- Growth objectives
- Profitability targets
- Environment sustainability principles
- Reputation in the market
- Legal obligations
- Business continuity
Xeon offsets residual risk and unavoidable risks factors through comprehensive insurance cover to ensure that consequences of risk events do not result in a severe adverse financial impact on the organisation.
Quality management compliance
Xeon has extended its ISO standards accreditation to include ISO 13485: 2016 in recognition of our solutions provided into the pharmaceutical sector. The requirements of this standard are applied across all our industry sectors, not purely within our pharma business.
Legal compliance
Legal compliance is reported quarterly to the Audit, Risk and Compliance Committee, reporting on:
- Potential new legislative requirements, and the Group’s response to implement
- Compliance against existing legislative requirements
Contract compliance
Data privacy and information security
Data privacy and information security compliance is monitored through the legal and compliance function, which provides oversight and autonomy of reporting into the Audit, Risk and Compliance Committee.
Technical and operational support and implementation thereof is managed through the Information Technology function who provide specialist knowledge and solutions regarding cyber-security, and technological solutions to counteract the ever increasing risks and requirements regarding data protection, data privacy and information security.