Possible maintenance breaks on 30 May at 16:00-01:00 affecting the ability to download PDF documents in the OmaKela e-service More information
Technical problem with Kela’s remote customer service More information
Risk management is an integral part of how we carry out our daily activities and manage our operations. Risk management is a tool for ensuring the fulfilment of our objectives and chief mission, ensuring the continuity of our operations and protecting the wellbeing of our staff. Risk management is also a tool for ensuring good management practices.
Overall responsibility for risk management at Kela lies with the Director General. The other Directors oversee risk management within their respective areas of operation. Each business unit and their managers are responsible for risk management within their individual areas of responsibility. Finally, each individual staff member must also manage risks in a manner which is consistent with their role and responsibilities.
Implementation of risk management
We identify and evaluate key risks and opportunities in relation to our objectives. Identifying and evaluating risks is an integral part of strategic planning and operations. We ensure that we respond to the needs of our customers, partner organisations and broader society according to our objectives.
We actively follow up and adjust our risk posture and our risk management efforts. We report on our efforts at least quarterly.
By means of the internal audit function, we seek to ensure that Kela's strategy is implemented effectively and that risks are managed appropriately. Internal audit is carried out at all organisational levels, but it is a daily and ongoing part especially of our operations related to benefit provision.
The responsibilities of the internal audit function include evaluation of the functioning and quality of risk management.
We continually develop our risk management processes.
Key risks in 2021
Key risks in 2021 are:
- successful recovery from challenges posed by the coronavirus epidemic
- allocating staff resources and competence
- cyber and data security threats
- successful modernisation and development of information systems.