Risk management While management is responsible for assessing then implement these initiatives, with the owners and managing GXO’s exposure to various providing regular progress updates to the GRC. risks, the Board of Directors has overall risk Risk owners provide regular updates on progress management oversight responsibility. Our Board against action plans to the GRC. committees assist the Board with this oversight responsibility by reviewing specific risk areas. For climate risks specifically, the risk team will assess Within GXO, the Global Risk Committee (GRC), property risks annually to estimate the probable chaired by the Chief Compliance and ESG Officer, impact from hazards such as hurricanes, floods and shapes GXO’s enterprise risk management fires, which are increasing in frequency and severity (ERM) approach. The GRC seeks to develop due to climate change. and advance strategies to identify and manage GXO’s business continuity standards identify the enterprise risk, including driving alignment baseline requirements for implementing disaster across the organization to address ESG risks and recovery and enhancing overall resilience to help opportunities. ensure our preparedness and capability of recovery The committee includes all members of our in the event of a significant business disruption that executive team as well as other senior functional may affect our ability to meet customer expectations. leaders from across the organization, including At the facility level, business groups and site those within Environmental, Health and Safety, managers have their own processes and a business Legal, Investor Relations, Finance, Corporate resilience plan. These plans are prepared with the Communications, Human Resources, Information support of local leaders and management and are Security and Operations. submitted for regular audits and assessments. The GRC has identified areas of risk as a When risks are identified, the committee proposes foundation to its ERM framework, and additional approaches to mitigate, transfer, accept or control data and information on these risks will be added the identified risks and opportunities. We reference through surveys and assessments. Risk areas will our ERM risk prioritization criteria in the context of be assigned an owner, a senior leader responsible business continuity and service resilience, which for action plans to address relevant risks and include the scope of impact (e.g., reputational, opportunities that could have substantive regulatory and cost), potential return on financial or strategic impact on the organization. investment and time and resources required Managers and others across the organization will to implement changes. HOME E S G ©2022 GXO Logisitcs, Inc. 2021 ESG Report | 69