The Company has developed and formalized a uniform approach to handling risk-management processes, which is fully contained in the ‘Integrated Risk Management System’ (IRMS) corporate standard.
Gazprom Neft's IRMS is a systematic continuous process that identifies, assesses and manages risks.
Its key principle is that responsibility for the management of various risks is assigned to various management levels depending on the expected financial impact of the specific risks.
As of late 2011, the Company had implemented basic IRMS processes at most of its major subsidiaries and affiliates, and was thus able to develop a detailed corporate risk map for 2011 by consolidating risk events from individual subsidiary and affiliate levels to the entire Company.
In 2012, the scope of the IRMS was extended as the portfolio grew, with 11 new assets in the Exploration and Production Segment (EPS) and 4 assets added to the Logistics, Refinement and Sales Segment (LRSS).
This approach made it possible to outline responsibility areas for risk management and monitoring at every level of corporate management, and to have customised response plans to address material risks at each subsidiary/affiliate and throughout the Company.
Risk-related hierarchical structures for the key EPS business areas (production, industrial safety, procurement, projects) have been developed along the same lines for the LRSS key business areas (refinement, sales). This approach enables consistency in the regular re-evaluation of risks, and analysis of root risk factors that impact the achievement of financial targets.
In 2012, the IRMS legal and methodological framework was completely updated with newly developed and implemented tools:
- Risk management policy;
- The corporate standard ‘Integrated Risk Management System. Procedure for identifying and assessing risks, preparing responses, and monitoring compliance'; and
- Guidelines for the risk management process, including the Risk Registry, Card and Matrix templates.
The Company continuously works to improve its approach to the basic IRMS processes with particular emphasis on efforts to assess risks and integrate risk management processes into key corporate processes such as business planning, project management and M&A.
- Implementing a risk-oriented approach in all aspects of production and management;
- Undertaking systematic analysis of identified risks;
- Building a system to control risks and monitor the efficiency of risk-management activities;
- Making all employees aware of Gazprom Neft’s basic principles and approaches to risk management;
- Ensuring the required regulatory and methodological support; and
- Distributing authority and responsibility for risk management between the Company’s business units.
KEY IRMS DEPLOYMENT STAGES
IMPLEMENTATION OF THE INTEGRATED RISK MANAGEMENT SYSTEM AT GAZPROM NEFT BEGAN IN AUGUST 2008, WHEN THE COMPANY’S MANAGEMENT BOARD APPROVED THE CONCEPT
Continued integration of the IRMS into business planning process, including:
Continued integration of risk management procedures into operational management. Developing an IT system to support IRMS processes
FINANCIAL IMPACT LEVELS OF RISK AND DISTRIBUTION OF AUTHORITY WITHIN IRMS
decisions and assesment of risk management.
The immediate control of this risk category is
carried out by business blocks Risk management and monitoring at the business
block levels Risk management and monitoring at the subsidiary
and affiliate level
IRMS PROCESS FLOW CHART AT GAZPROM NEFT GROUP
CONTROL ACTIVITIES ANNYALLY
Integration of the IRMS into the business planing process
In the course of 2012, risk assessment became an integral part of the business planning process. EPS- and LRSS-related business plans for 2013 to 2015 are, therefore, distinguished by a more detailed approach to risk assessment.
The existing assessment and description of risk factors has been revised at the subsidiary and affiliate level taking changing conditions and new plans into account.
Information on the key risks facing subsidiaries, affiliates and business blocks, as well as risk mitigation measures, have been incorporated in the respective business plans.