TRC | 2017 SUSTAINABILITY REPORT
CONDUCTING BUSINESS WITH ETHICS AND INTEGRITY
Our commitment to strict ethical standards contributes directly to the professional reputation of our company. Our
approach to ethical business transactions is guided by our corporate Code of Business Conduct and Ethics. The
code is principles-based and assumes the application of professional judgment. The board of directors audit and
risk management committee reviews compliance at least annually.
The Code is also posted on our internal and external websites. Full compliance is required from all employees
in completing required training on our code.
The TRC ethics hotline and Ethicspoint reporting website are resources for all employees. An ethics officer is in
place and is accessible to all employees.
We have a fundamental commitment to treating our employees with the highest dignity and respect as
communicated in our employee handbook. Discrimination against or harassment of employees for any reason
will not be tolerated.
MANAGING RISK
TRC’s Chief Risk Officer oversees risk management processes and practices that directly impact the strategic
direction of the Company. Our enterprise risk management program is a comprehensive and consistent method
of identifying sources of risk, establishing the desired level of risk and mitigating the risk in alignment with our
strategic objectives.
We strive for a defensively-biased blend of risk and opportunity to ensure that the appropriate risk-reward outcome
is balanced and that our internal culture fully understands how managing risk is a strategic tool at all levels of the
organization. We believe that emphasizing communication and clear accountability for risk across the organiza-
tion has served to significantly improve our risk management effectiveness, particularly the high level of focus and
resources we employ throughout the corporate Safety, Cyber/IT, Sustainability and Legal functions.
THE POWER OF A STRONG RISK CULTURE
Our use of a defensive bias for our risk management strategy is intentional. We
“ believe
that assessing and accepting risks has to be accompanied by risk mitigation
principles that are strong.
Our conduct of work is accompanied by highly structured health and safety planning
dedicated to hazard assessment and consistent employment of forward looking tools like
our “safe-catch” program. Simply put, our culture is tuned to the shared belief that we
can’t accept safety risk as something that is just part of the job; rather, we intentionally
integrate planning, assessment and management observation as the type of diligence
necessary to establish a culture where safety is imperative and we are unwilling to settle
for anything less. Our approach to cyber risk management is similar -- we cannot wait
and react when things go wrong or a weakness emerges, rather, we have to intensively
plan and act to build strength and resiliency while being able to act as early as possible
to challenges.
”
Thomas Bennet, Chief Risk Officer
22