Risk management
We identify, assess, prioritize and manage sustainability‑related risks through a mandatory, auditable annual process applied across our business unit-operated assets and select corporate functions. Our SD Risk Management Standard provides consistent methods for risk identification, evaluation, tracking and documentation. Results from this process inform our ERM and key business‑planning processes, including corporate strategy. Read more about how we manage climate-related risks and our approach to nature and people and communities.
Our risk management disclosures should be read in conjunction with our governance, strategy, metrics and targets disclosures and, where relevant, our 2025 Annual Report and Form 10‑K.
SD Risk Management Standard
The SD Risk Management Standard establishes a consistent approach for identifying, assessing and ranking sustainability‑related risks associated with company activities and for developing associated mitigation actions. Its scope includes physical and transition risks for climate change and nature, as well as operational and transition‑related social risks, including those associated with stakeholder engagement, human rights, social investment and supply chain. To facilitate consistent risk identification and categorization across business units and functions, the standard provides direction for evaluating consequence severity, likelihood and near, medium and long-term time horizons.
We document priority sustainability risks in the corporate SD Risk Register with corresponding mitigation actions, which are tracked at the business unit, function or project level and reviewed at least annually. Priority risks are aggregated by sustainability topic to assess materiality and guide goal‑setting and performance tracking. While business units manage risks and mitigation actions locally, enterprise-wide actions, such as greenhouse gas (GHG) target setting, emissions abatement project prioritization, and sustainability disclosures, are managed at the corporate level.
Enterprise risk management
Topics in the corporate SD Risk Register are shared with enterprise risk owners (Executive Leadership Team or senior managers) for relevant risk categories, including climate, capital markets, public perception, operational matters, corporate strategy and policy. These enterprise risk owners are briefed on risk rankings, corporate actions and mitigation activities, demonstrating the relative significance of sustainability risks in relation to other enterprise risks. The enterprise risk management (ERM) process directly informs our strategic planning process and supports integration of sustainability‑related risks into performance priorities. Enterprise risks are presented annually to both the Audit and Finance Committee (AFC) and the full Board of Directors.
Materiality
We determine the materiality of sustainability‑related risks and opportunities over the near, medium and long term consistent with the ISSB definition. For the assessment, we apply a structured approach that considers the full range of relevant sustainability topics, defined time horizons, and evaluations of likelihood and consequence severity. The process incorporates judgment and both qualitative and quantitative factors and includes calibrated consequence severity scales covering operational, legal/regulatory and strategic impacts, calibrated likelihood probabilities and descriptions, and consideration of data or information limitations. Assessment results inform our disclosures and are integrated into our enterprise risk management and business‑planning processes.
Our 2025 materiality assessment identified climate-related risks as material at the global asset portfolio level, while aggregated nature-related and social risks fall below the materiality threshold. Read more about our climate risk strategy and approach to nature and people and communities. This materiality assessment is specific to this report.
Risk management governance documents
Corporate policies,1 standards, practices, guidelines and positions form part of the governance processes and controls we use to manage sustainability‑related risks, supporting disclosures across governance, strategy, risk management, and metrics and targets. These documents facilitate consistent application of our processes by defining how risks and opportunities are identified, assessed and tracked, and by outlining roles and responsibilities. They also support the application of judgment and consideration of qualitative and quantitative factors when determining what information is material. Policies, standards, practices and guidelines that support risk management processes include:
Corporate policies, standards, practices and guidelines
| Sustainable Development |
|
| Health, Safety and Environment (HSE) |
|
| Subsurface |
|
| Human Resources |
|
| Global Compliance |
|
| Corporate Authorization |
|
| Supply Chain |
|
| Projects |
|
| Management System |
|
Positions
Notes:
- Unless noted, standards and practices apply to ConocoPhillips and its subsidiaries globally, including all affiliated companies and joint ventures.↩
- Developed in 2025 and issued in 2026, the Operational Management System integrates prior corporate standards, including HSE Management System Standard, HSE and Social Issues Due Diligence Standard and HSE Waste Management Standard, to consistently manage HSE and other operational risks.↩