Our risks
Annual report JSOC Bashneft 2013
30
Our risks
Annual report JSOC Bashneft 2013
31
ABOUT
THE COMPANY
OPERATING RESULTS
CORPORATE GOVERNANCE
APPENDICES
INFORMATION FOR
SHAREHOLDERS AND INVESTORS
Risk management – organizational structure
Bashneft systematically assesses possible risk events when implementing current investment projects and conducting opera-
tions. The impact of potential events is assessed from two points of view: probability and the degree of negative impact (the
amount of damage).
The outcome of such assessments is the basis for the ranking of risks from the standpoint of their potential impact upon the
activities of the Company. Risks are divided into three levels of managerial decision-making: the ‘Management Board’, the ‘Risk
Committee’, and ‘Line Management’.
The objective of risks ranking and prioritisation is the identification of the most crucial risks and prioritisation of risk manage-
ment actions for the period under review.
Board of Directors/Management
Approval of risk management strategy
Board Committee on Finance, Budget
and Risk Management
Carries out Risk Control procedures
Accountability
Accountability
Risk Passport
Information
Information
Risk Passport
Accountability
Risk Management Committee
Approves Risk Register and Mitigation
Plans
Risk Management Centre
(reports to VP for economics and finance)
· Risk management database
· Corporate risk register
· Risk impact appraisal and modelling
· Preparation of risk management report
At-risk parties
(JSOC Bashneft)
At-risk parties
(JSOC Bashneft)
Management
Business management risks
· Responsible for certain risk
management activities
· Branches, subsidiaries and
affiliates
· Responsible for certain risk
management activities
· Branches, subsidiaries and
affiliates
Operational risks
Managers of major projects
Our risks
How we manage risk
The Group’s operations may face external and internal opera-
tional risks. Bashneft takes all possible measures for monitor-
ing and preventing risk, and this is one of the most important
tasks for the Company.
We perform regular monitoring of potential risk events and
take measures to prevent their materialisation. In instances
when such materialisation is inevitable, we take all necessary
action in order to mitigate the potential negative repercussions.
The contemporary oil and gas industry Bashneft is a part of,
is affected by a variety of different factors. In order to correctly
assess and respond to their cumulative impact upon its activi-
ties, the Group needs a well thought through and efficiently ap-
plied risk management system.
In order to improve the efficiency of the risk management pro-
cesses, we apply the Integrated Risk Management System. The
System was developed and put into practice in 2010, with the
engagement of a “Big Four” consulting firm, based upon the
commonly accepted conceptual models of risk management,
put together by the Committee of Sponsoring Organisations
of the Treadway Commission (COSO ERM) and summarised
in the “Enterprise Risk Management – Integrated Framework”
document.
Bashneft risk management process – key stages
The Company’s goals, objectives and concepts in the field of risk
management are delineated in the Corporate Policy titled “Inte-
grated Risk Management”.
The integrated risk management action takes place at each level
of the Company’s management, and is an integral part of the cor-
poratemanagement. The current riskmanagement systemhelps
the Company strive to achieve specific strategic goals with the
cumulative level of risks that is acceptable to its stockholders and
the Management.
The Integrated Risk Management System infers quarterly defini-
tion and implementation of steps and measures in order to:
· Identify risks relevant to JSOC Bashneft, and review them
in a systemic manner;
· Assign ownership of the risks and accountability for their man-
agement;
· Put together action plans in order to respond to the existing
risks; control the execution of the plans;
· Monitor the risks along with the efficiency of their management;
· Accumulate expertise in the field of integrated risk manage-
ment;
· Submit reports upon the management of risks.
When managing its risks, the Company applies an integrated ap-
proach: the entire range of current risks is taken into account,
along with specific features of the Group’s organisational and
geographical structure. The JSOC Bashneft Risk Management
and Insurance Department coordinates the risk management
activities of the Group’s units and divisions, and ensures due ac-
count of mutual impact of risks owned by different Group units.
The Department also maintains a unified information channel,
in order to keep the Executive Managementinformed on the entire
range of the Group’s risks, in order to assure the completeness,
quality and comparability of information provided for managerial
decision making.
Risk
identification
Risk
reporting
Risk
management
actions definition
Risk control
and monitoring
of risk
management
processes
Risk
assessment
