TIDMNCC
RNS Number : 7182Y
NCC Group PLC
23 August 2018
NCC Group plc
(the "Company" or the "Group")
Notice of Annual General Meeting 2018
and
Notice of Trading Update
The Company confirms that its Notice of Annual General Meeting
2018 ("AGM Notice") and its Annual Report and Accounts for the year
ending 31 May 2018 ("Annual Report") have been posted or otherwise
been made available to shareholders and published on the Investor
Relations section of its website
(www.nccgroup.trust/uk/about-us/investor-relations/). The Annual
General Meeting will be held at 11.00am on Wednesday 26 September
2018 at the Company's Head Office, XYZ Building, 2 Hardman
Boulevard, Spinningfields, Manchester, M3 3AQ.
Copies of the Annual Report and the AGM Notice have been
submitted to the National Storage Mechanism and will shortly be
available for inspection at www.morningstar.co.uk/uk/NSM.
The Company will provide a trading update at 7.00am on Wednesday
26 September 2018 ahead of its Annual General Meeting on the same
day.
A condensed set of the Company's financial statements and
extracts were included in the Company's preliminary results for the
year ended 31 May 2018 released on 17 July 2018 (the "Preliminary
Announcement"). The information included within the Preliminary
Announcement together with the information set out below, which is
extracted from the Annual Report, constitute the material required
by Disclosure Guidance and Transparency Rule 6.3.5 to be
communicated to the media in full unedited text through a
Regulatory Information Service. This announcement and the
Preliminary Announcement are not a substitute for reading the full
Annual Report. Page numbers and cross-references in the extracted
information below refer to page numbers and cross-references in the
Annual Report. To view the Preliminary Announcement, please visit
the Investor Relations section of the Company's website at
www.nccgroup.trust/uk/about-us/investor-relations/.
Directors' Responsibility Statement
The following statement is extracted from page 97 of the Annual
Report and is repeated here for the purposes of Disclosure Guidance
and Transparency Rule 6.3.5. This statement relates solely to the
Annual Report and is not connected to the extracted information set
out in this announcement or the Preliminary Announcement:
"The Directors are responsible for preparing the Annual Report
and the Group and parent Company Financial Statements in accordance
with applicable law and regulations.
Company law requires the Directors to prepare Group and parent
Company financial statements for each financial year. Under that
law they are required to prepare the Group Financial Statements in
accordance with International Financial Reporting Standards as
adopted by the European Union (IFRSs as adopted by the EU) and
applicable law and have elected to prepare the parent Company
Financial Statements on the same basis.
Under company law the Directors must not approve the Financial
Statements unless they are satisfied that they give a true and fair
view of the state of affairs of the Group and parent Company and of
their profit or loss for that period. In preparing each of the
Group and parent Company Financial Statements, the Directors are
required to:
-- select suitable accounting policies and then apply them consistently;
-- make judgements and estimates that are reasonable, relevant and reliable;
-- state whether they have been prepared in accordance with IFRSs as adopted by the EU;
-- assess the Group and parent Company's ability to continue as
a going concern, disclosing, as applicable, matters related to
going concern; and
-- using the going concern basis of accounting unless they
either intend to liquidate the Group or the parent Company or to
cease operations, or have no realistic alternative but to do
so.
The Directors are responsible for keeping adequate accounting
records that are sufficient to show and explain the parent
Company's transactions and disclose with reasonable accuracy at any
time the financial position of the parent Company and enable them
to ensure that its financial statements comply with the Companies
Act 2006. They are responsible for such internal control as they
determine is necessary to enable the preparation of the financial
statements that are free from material misstatement, whether due to
fraud or error, and have general responsibility for taking such
steps as are reasonably open to them to safeguard the assets of the
Group and to prevent and detect fraud and other irregularities.
Under applicable law and regulations, the Directors are also
responsible for preparing a Strategic Report, Directors' Report,
Directors' Remuneration Report and Corporate Governance Statement
that complies with that law and those regulations.
The Directors are responsible for the maintenance and integrity
of the corporate and financial information included on the
company's website. Legislation in the UK governing the preparation
and dissemination of financial statements may differ from
legislation in other jurisdictions.
Responsibility statement of the Directors in respect of the
annual financial report
We confirm that to the best of our knowledge:
-- The financial statements, prepared in accordance with the
applicable set of accounting standards, give a true and fair view
of the assets, liabilities, financial position and profit or loss
of the Company and the undertakings included in the consolidation
taken as a whole.
-- The strategic report/Directors' report includes a fair review
of the development and performance of the business and the position
of the issuer and the undertakings included in the consolidation
taken as a whole, together with a description of the principal
risks and uncertainties that they face.
We consider the annual report and accounts, taken as a whole, is
fair, balanced and understandable and provides the information
necessary for shareholders to assess the Group's position and
performance, business model and strategy."
Principal risks and uncertainties
The principal risks and uncertainties relating to the Company
are set out on pages 40 to 44 of the Annual Report from which the
following is extracted in full and unedited text:
"Relaunch of Risk Management
During the year we appointed a risk management subject matter
expert, the Director of Risk & Assurance. Following this
appointment, the Board commissioned an evaluation of our existing
risk management framework. The review led to the implementation of
a range of enhancements to build on the established platform.
The Group has now developed and implemented a new Risk
Management Policy, against which we are relaunching enterprise wide
risk management. This policy sets out protocols covering roles and
responsibilities for the risk framework and the definition of risk
appetite as set by the Board (see the risk framework diagram). A
web-based tool, the Integrated Risk Management System (IRMS), has
been deployed to record risk registers and to track risk mitigation
action plans, helping embed ownership of risks and treatment
actions while also providing access to live management
information.
Risks are evaluated at a number of levels of the organisation,
commencing with those which link to the Group achieving its
strategic objectives. These risks are presented overleaf under our
principal risks and uncertainties.
Risks are identified primarily by the management team through
the use of a structured risk framework. Non-executive reviews
carried out by two Board Committees; the Cyber Security Committee
for IT centric risks and the Audit Committee for all other risk
types. The Chief Information Security Office (CISO) reports to the
Cyber Committee and the Director of Risk and Assurance reports to
the Audit Committee.
While distinct from the established CISO role, the Director of
Risk and Assurance works closely with the CISO to facilitate risk
oversight across the full range of risk types.
Risk management processes and controls
The Board monitors the ongoing process by which relevant
material risks are identified, evaluated and managed via the two
subcommittees noted above. On a quarterly basis, the sub-committees
review the detailed risk registers that have been prepared and
updated across the business along with the status of actions plans
that are in place to treat risks which are considered to be
excessive.
Evaluation and treatment of risk
Risks are evaluated using a simple but robust model which forms
part of the new Risk Management Policy. The model, which is capable
of application across multiple risk types, is sufficiently
sensitive to record risks that have the potential to impact
Viability Reporting obligations.
Risks are evaluated without considering the operation of any
existing controls. This is done to form a view of inherent
risk.
The impact of existing mitigating controls are then considered
along with their effectiveness to determine the extent of residual
risk. The assessments are made using a combination of impact and
likelihood criteria to arrive at a total risk score. Residual risk
is then considered against the Group Risk Appetite which is a
judgemental scoring matrix created by the Board to identify risks
as being within or outside acceptable parameters for the Group.
Output from the evaluation of strategic risks has been used to
help shape the Group's Transformation Programme. Where risks are
assessed as being outside of appetite, treatment actions are agreed
including owners, priorities and due dates, either within the
Transformation governance structures or milestone plans owned by
senior business leaders. The IRMS is used to track these actions,
with data mining capabilities to produce reports to the Cyber
Security and Audit Committees.
The Group uses a simple Risk Heat Map to record an up-to-date
view of residual risk. Viability risks are principal risks that the
Directors consider are so extreme that they could jeopardise the
business viability if they crystallise.
Principal risks and uncertainties
The Group continues to operate in a particularly dynamic and
evolving marketplace. The very latest strategic risk register has
been developed to reflect those factors.
The Directors have carried out a robust assessment of the
principal risks facing the Group including those that would
threaten its business model, future performance, solvency or
liquidity. Detailed descriptions of the current principal risks and
uncertainties faced by the Group, their potential impact and
mitigating processes and controls are set out below. The tables
also highlight whether the risk is assessed as increasing or
decreasing with a similar assessment for the position last year.
This includes identifying new principal risks and
uncertainties.
Risk Areas Potential Impact Mitigation
Business Strategy A poor strategy (Medium impact, risk exposure
or ineffective decreased from 2017)
A comprehensive execution of a
business strategy strategy could Members of the Board have
is essential have a material significant experience
to the continued negative impact in evolving business strategies.
success of the on the Group's Following the recent appointment
Group as we strive financial performance of the current CEO, the
to maximise shareholder and value. It would Group is in the process
value. potentially weaken of reviewing and updating
the Group compared the strategy. The results
to its competitors are expect to help shape
and risk the Group's and refine the Group's
established position already established Transformation
in the marketplace. Programme.
--------------------------- -------------------------------------
Management of Poor change management (Medium impact, risk exposure
strategic change could lead to ineffective decreased from 2017)
implementation
As the Group of projects that During the year the Group
adapts and executes then cost more has established a Strategic
its strategy to deliver, take Change Management capability.
there are a number longer to deliver This includes access to
of complex projects and result in fewer Programme Management professionals
and initiatives benefits being and the deployment of
that not only realised (or all associated change management
need to be delivered three). Poor delivery processes, for example
but also require of change could the operation of senior
understanding ultimately impair change oversight committees.
and support from business performance.
all staff.
--------------------------- -------------------------------------
Availability If the Group's (High impact, risk exposure
of critical information critical systems unchanged from 2017)
systems failed, this could
affect the Group's The Group has made significant
The Group is ability to provide investment in its IT infrastructure
heavily reliant services to our to ensure it continues
on continued customers. to support the growth
and uninterrupted of the organisation.
access to its
IT systems. As The Group has controls
well as environmental in place in order to reduce
and physical the risk of actual loss
threats, the of critical systems. Further,
Group is a natural controls are operated
target for individuals to ensure the availability
who may seek of back-up media in the
to disrupt the event of prolonged loss
Group's commercial of systems.
activities.
Initiating to standardise
and simplify while increasing
resilience continue to
be implemented. Additional
focus is being periodically
given to proving the recoverability
of systems and data.
--------------------------- -------------------------------------
Attracting and Loss of key employees (Medium impact, risk exposure
retaining appropriate or significant unchanged from 2017)
staff capacity staff turnover
and capability could result in
a lack of necessary Staff are offered a rewarding
The Group would expertise or continuity career structure and attractive
be adversely to execute the salary packages, which
impacted if it Group's strategy. can include participation
were unable to in share schemes.
attract and retain An inability to
the right calibre attract and retain Linked to the development
of skilled staff. sufficient high-calibre of our people, the Group
employees could is reviewing our values,
Some roles within become a barrier personal performance management
the Group operate to the continued processes and aligned
in highly technical success and growth development programmes.
and extremely of NCC Group.
specialised areas
in which there
are shortages
of skilled people.
--------------------------- -------------------------------------
Cyber risk (including Failure to maintain (Medium impact, risk exposure
GDPR) control over customer, decreased from 2017)
colleague, commercial
As a provider and/or operational The Board operates a Cyber
of security services, data could lead Security Committee chaired
the Group is to a range of impacts, by a Senior Non-Executive
a high profile including reputational Director. The CISO reports
target and could damage. The misuse to each meeting, in line
therefore be of personal data, with the new Group Risk
subject to attacks for example without Management Policy.
specifically the customer's
designed to disrupt consent or retaining Security testing is regularly
the Group's business for longer than carried out on the Group's
and harm the is necessary, may infrastructure and there
Group's reputation. also result in are extensive response
reputational harm, plans, which were reviewed
There could also regulatory investigations during the year, in the
be implications and potential fines. event of a major security
relating to our incident.
GDPR control
obligations. Comprehensive plans are
Such events could in place and being delivered
adversely affect associated with discharging
the market's our GDPR obligations.
perception of Progress is monitored
the Group as by the Cyber Security
well as causing Committee.
business disruption.
Employees also receive
regular security training
and updates.
During the remainder of
2018, the Group expects
to commission a health
check of Cyber security
governance and control.
--------------------------- -------------------------------------
Quality of Management Suboptimal business (Medium impact, risk exposure
Information Systems decision-making decreased from 2017)
(MIS) and internal and performance
business processes as key financial The Group finance function
performance data has developed a forward-facing
In addition to is not available Finance Functional Strategy.
meeting statutory or trusted. Enhancements were identified
reporting obligations, covering system and process
ensuring that standardisation. A comprehensive
trusted and relevant milestone plan is in place
MIS is available and progress is tracked
on a day-to-day and reported to each Audit
basis to inform Committee.
management decisions
and drive performance. Standardised business
process control standards
were recently issued across
all parts of the Group.
As the new financial year
progresses, control self-assessment
techniques will be implemented
along with an aligned
programme of Internal
Audits.
--------------------------- -------------------------------------
Quality and Security The risk of the (Low impact, risk exposure
Management Systems Group failing to unchanged from 2017)
retain a core standard
We aspire to e.g. 9001, 27001 We operate a comprehensive
attain and retain or PCI, with a programme to ensure the
key internationally consequential loss retention of our core
recognised standards of key customer standards. This includes
which form an accounts or ability a portfolio of aligned
important component to operate. policies and cascading
for many of our business processes. A
customers. programme of internal
audit provides assurance
over the design and application
of these policies and
procedures. External assessors
provide a further layer
of review and challenge,
confirming during the
year the retention of
our Quality and Security
standards.
--------------------------- -------------------------------------
Other risks
Furthermore, as the Group's international footprint expands,
there is an inherent risk of adverse foreign exchange movements
affecting profitability. At present this risk is limited due to the
low level of inter territorial trading but it will increase in
future. Inability to refinance the Group's core banking facilities
could call into doubt the Group's longer term viability. Equally,
if those facilities lacked the appropriate flexibility and
structure, this could inhibit delivery of the Group's strategy. The
Group's current banking facilities cover all of its expected needs
of the Group for the period of such facilities and are sufficiently
flexible to allow the Group to function effectively. The Group has
a Tax and Treasury Manager. Part of their role is to support the
CFO in developing a Treasury strategy and overseeing its
implementation.
Impact of Brexit on the Group
The Group continues to have little inter-territorial trade from
the UK into Europe and vice versa. While Brexit has already had an
impact on exchange rates, there is inevitably some uncertainty
around the likely impact of Brexit on businesses. The Group does
not believe that Brexit will have a significant impact on its
operations as currently structured. UK cyber regulation is likely
to stay closely attuned to evolving regulation in Europe, such as
GDPR where implementation will proceed in both Europe and the UK as
envisaged. Regulations governing international data transfers are
already in place and the Group works within these with little
change expected from Brexit itself.
With regards to staffing, NCC Group has significant in-region
presence within the UK and continental Europe. As such, should free
movement be impeded in the future, we do not foresee a material
impact. In the medium term, should free movement of labour be
impeded then future recruitment requirements in the UK will be
offset in part through our involvement in supporting initiatives
designed to create capacity in UK nationals in computer science and
cyber."
LEI number - 213800DJCGZRB6523934
Classification - Annual Report and Financial Statements and
Notice of AGM.
Enquiries:
NCC Group plc
Adam Palser - CEO 0161 209 5200
Tim Kowalski - CFO 0161 209 5200
Jonathan Williams, Deputy Company Secretary 0161 209 5374
This information is provided by RNS, the news service of the
London Stock Exchange. RNS is approved by the Financial Conduct
Authority to act as a Primary Information Provider in the United
Kingdom. Terms and conditions relating to the use and distribution
of this information may apply. For further information, please
contact rns@lseg.com or visit www.rns.com.
END
MSCPJMBTMBJTBIP
(END) Dow Jones Newswires
August 23, 2018 07:35 ET (11:35 GMT)
Ncc (LSE:NCC)
Historical Stock Chart
From Mar 2024 to Apr 2024
Ncc (LSE:NCC)
Historical Stock Chart
From Apr 2023 to Apr 2024