The Risk Management System
The Company has implemented a risk management system, which is regulated by the organizational and administrative documents of two levels:
- — the Company’s Risk Management Policy (specifies the requirements, principles and approaches to risk management system);
- — a Procedure for the Application of the Company’s Risk Management System (regulates the procedures for the functioning of the risk management system, techniques to identify and assess risks, the procedure for reporting on risks and risk response procedures).
The risk management system is intended to provide for the sustainable and continuous operation and development of the Company via the timely identification, assessment and efficient management of risks that threaten the efficient economic operation and good standing of the Company, the health of the Company’s employees, the environment and the property interests of its shareholders and investors.
The participants of the risk management system:
- — Board of Directors;
- — Management Board;
- — Deputies Chairman of the Management Board (Heads of Units), Directors;
- — Structural Departments Managers;
- — Internal Control Division.
The Risk Management System determines the following:
1. Risk identification methods
The identification of risks is performed using methods based on ISO/IES 31010 and COSO standards (analysis, threat assessment, expert assessment, and the event tree).
2. Risk Assessment Criteria
The risk assessment criteria include: probability, financial impact and risk controllability. The probability and financial impact of the risk determines its significance.
3. Risk Response Methods
Response to risks is carried out by implementing one of the types of strategy: risk taking, minimizing risk consequences, transferring risk to a third party, avoiding risk and other combined actions. The choice of strategy is approved by the Management Board of Federal Grid Company.
4. Procedures and terms for the submission of risk reports
The Internal Control Division systematizes quarterly risk reports. Based on the adjusted reports, the Company prepares the Risk Matrix and the Risk Minimization Actions Summary. These documents are subject to the approval of the Company’s Management Board.
After collection and evaluation of risk reports, we systematize information about potential events that have a negative impact on the achievement of the Company’s objectives, the degree of their importance and the actions to eliminate or minimize them.