TIM Green

A set of initiatives to improve the environmental efficiency of our products, from the use of sustainable materials to the reduction of energy consumption. Read more

Latest press releases

Read the latest press releases and search the archives of TIM Group's Press Office.

TIM and LGBT+ people: the road to inclusion

Our presence at the Pride events, our collaboration with Parks, Valentina' story , LGBT+ wife and mother. Read more

Living in the cloud with TIM

Cloud computing allows anyone to access maximum potential in processing power, paving the way for endless applications. Read More

Risk Management

The TIM Group has adopted a Risk Management Model, which is constantly evolving and is aligned with international regulations and standards to allow risks to be identified and managed in a homogeneous way within the Group companies.

The Risk Management process is designed to identify potential events that may influence the business activity, in order to manage risk within acceptable limits and provide a reasonable guarantee that company objectives will be achieved.


The Risk Management Model adopted by the TIM Group

• classifies risks based on their impact into Strategic (deriving from the evolution of the factors underlying the main assumptions used for the development of the Strategic Plan) and Operational (deriving from the evolution of risk factors, both endogenous and exogenous, that may compromise the achievement of company objectives)

• assesses risks not only individually but also from a risk portfolio perspective (correlation analysis);

• identifies and updates the overall set of risks to which the Group is exposed by means of:

     - the analysis of the Business Plan

     - the monitoring of the reference context (e.g., macroeconomic and regulatory)

     - specific analyses of the risks to which company assets may be exposed

     - monitoring and cyclical analysis with the Risk Owners to intercept possible variations         and/or new risk scenarios.

The process is managed by the Risk Management Steering Committee, which is chaired and coordinated by the Chief Financial Officer. The Steering Committee ensures the governance of the Group’s risk management, aimed at guaranteeing the operational continuity of the company’s business, monitoring the effectiveness of countermeasures taken.

The approach adopted is dynamic and, therefore, provides for a revision of the risk scenarios not only after periodic assessments, but also when significant changes occur in the context inside or outside the Group, as well as the identification and/or occurrence of new risk situations. It also cyclical depending on the stages of the strategic planning process.

The management process includes the following stages:

1 - Definition of the context and level of acceptance

Setting the context involves defining the purpose and objectives of the risk assessment, understanding the internal and external context in which decisions are made, and planning the approach to be taken and the criteria to be followed in assessing the risk. The risk acceptance and tolerance levels (so-called Risk Appetite, Risk Tolerance) are defined in this stage.

2 - Communication and Consultation

Communication and consultation help stakeholders understand the risk, the basis on which decisions are made, and the reasons why particular actions need to be implemented.

TIM Group’s Management must be constantly informed to make informed decisions. The Risk Owners must be involved in the risk assessment and the results must be communicated to decision-makers.

3 - Assessment

Risk assessments should be conducted during the decision-making process to make management and Risk Owners aware of the risks associated with an investment initiative, with defining the Plan, or with an activity/process that impacts the achievement of Business objectives and company assets.

The aim of the risk assessment is to identify, analyse and evaluate risks that could compromise the achievement of company objectives.

4 - Mitigation

The purpose of handling is to identify and implement actions necessary to mitigate the risk associated with a decision. Risk handling involves an iterative process of selecting, evaluating, implementing, and monitoring mitigation actions. The choice of risk mitigation actions is made in consultation with the Risk Owners with a view to optimising the "total cost of risk" by balancing the potential benefits of achieving the objectives against the costs of mitigation.

5 - Monitoring and Review

The purpose of monitoring and review is to ensure and improve the quality and effectiveness of the design, execution, and outcomes of the RM process and its contribution to the quality of decision making.

Monitoring and review results must be integrated into all performance management, measurement, and reporting activities.

6 - Recording and Reporting

The results of the Risk Management process must be integrated into the information presented to the Risk Owners at the time a decision is made, as well as in the subsequent performance reporting and measurement stage.

Reporting is an integral part of TIM Group’s governance and its purpose is to aim to improve the quality of the dialogue with stakeholders and support Management and the Corporate bodies in the discharge of their duties.