Anadarko has an Enterprise Risk Management (ERM) process to identify, assess, report and monitor enterprise risks to the Company, which include above-ground or non-technical risks. The ERM process complements our Financial Risk Management (FRM) process and ensures:
- Identification and monitoring of critical enterprise risks at the Company
- Identification of appropriate Anadarko personnel with accountability for managing those risks
- Assistance to risk owners with risk quantification, reporting, mitigation planning and monitoring
- Consistency of risk assessments to enhance understanding by the Risk Council, executive management and Board
- Communication of material changes to the risk profile of the company including emerging risks
The following process is directed by the Enterprise Risk Management Committee (ERMC).
- Risk Identification: The ERMC maintains a Corporate Risk Register, which summarizes basic information on critical risks to the Company, solicited from across the Company. The ERMC and other designates assess the likelihood and potential impact of the identified risks. The ERMC identifies appropriate personnel with accountability for managing specific risks.
- Risk Quantification: The Risk Council selects risks from the Corporate Risk Register for further analysis based on the ERMC’s initial assessment. The ERMC and risk owners work together to enhance understanding of the potential impact and probability of key risk events, with the ERMC’s initial assessment confirmed or adjusted as needed. To identify critical risks to Anadarko, the ERMC uses risk maps to differentiate and prioritize risks. High-threat risks are further evaluated through financial modeling and scenario and/or portfolio analysis.
- Risk Reporting: The ERMC facilitates risk reporting for critical risks ensuring that management receives consistent risk-related information. The ERMC assists the Risk Council in preparing an annual report to executive management and the Governance and Risk Committee of the Board of Directors detailing Anadarko’s critical risks and current management strategies in place.
- Risk Mitigation: The ERMC works with risk owners to recommend action (accept, mitigate, transfer, avoid) with respect to each critical risk.
- Risk Monitoring: The ERMC identifies risk controls to include in Corporate Audit’s annual audit plan. The ERMC and risk owners identify and monitor Key Risk Indicators (KRIs) as appropriate. The ERMC reports emerging risks or shifts in the materiality of risks to the Risk Council as appropriate.
- Reporting from the ERMC to the Risk Council: The ERMC provides the Risk Council with specific risk assessments as requested. The ERMC periodically provides the Risk Council with updates on Anadarko’s Corporate Risk Inventory. The ERMC proactively informs the Risk Council of any deficiencies in the Company’s risk management practices.