Risk and Impact Management

Assessment, Management and Integration

Our SD Risk Management Standard outlines a process for operated assets and projects to assess nature-related risks to ensure corporate oversight, assurance and consistent implementation. The standard mandates developing action plans for risks ranked significant or high and tracking them in the corporate SD Risk Register. Risks that are no longer ranked significant or high, due to the effectiveness of mitigation actions, as well as risks identified as medium, continue to be tracked at the business unit and corporate level. The results of the assessment are integrated into key business-planning processes for the company, from business development activities and exploration to developing major capital projects and managing our day-to-day operations. Read more about our risk process.

The assessment process is guided by our SD risk assessment tool and comprises the following:

Assessment Step Assessment Output
Risk Assessment
  • Impacts on nature and ecosystem services considering all potentially relevant nature-related physical and transition risks.
  • Potential business consequences.
  • Consequence occurrence time horizon; near, mid or long-term.
Risk Ranking
  • Potential financial consequence severity assuming cumulative impacts over a 10-year period.
  • Likelihood of occurrence for 10-year period.
Mitigation Action Plan
  • Risk mitigations already in place.
  • Additional mitigations or opportunities planned.
  • Mitigation action owner, target completion and progress.

Our long-range and strategic planning activities consider sustainable development risks and mitigation. Our Long-Range Plan (LRP) forecasts key data for our corporate strategy covering our proposed portfolio development and performance, production, costs and cash flows. We also use the LRP to forecast GHG emissions and water use to understand our future environmental footprint.

Sustainability risks are integrated into the corporate Enterprise Risk Management (ERM) system. Risks from the corporate SD Risk Register are mapped to relevant enterprise risks including market, reputational, operational and political. Owners of these enterprise risks, who are Executive Leadership Team (ELT) members or senior managers, are briefed on the risks and our mitigation activities. Enterprise risks are then presented to the Audit and Finance Committee (AFC) of the board.

The AFC receives annual updates on how enterprise risk is being addressed, mitigated and managed across the company.