The methods used by the LOTOS Group to identify and assess risk remained unchanged in 2013. Risks are identified by their bearing on the organization’s strategic and operational objectives. They are then assessed in two different time frames – until the following year, and until the end of the period covered by the current strategy. The probability of a risk actually materialising is estimated using a Risk Matrix, following which an assessment is made of its possible impact on the LOTOS Group’s financial standing and reputation. This takes into consideration the predicted impact on human safety and the environment, as well as how key stakeholders may perceive the risk. Based on these criteria, risks are classified as Material, Moderate or Low.
Risk Maps are developed from the risk assessment and are submitted to the Enterprise Risk Management Committee for an opinion and to the Board of Grupa LOTOS for approval.
Each risk is assigned to an owner, who is responsible for its management, including its oversight and monitoring and the implementation of the recommended mitigation strategy.
In addition, we prepare detailed analyses of Material risks and selected Moderate risks, which we use to develop mitigation plans and response procedures in case of their occurrence. We also define Key Risk Indicators (KRIs), which are subject to periodic monitoring and reporting.
Actions mitigating key risks
Enterprise Risk Management initiatives at the LOTOS Group are supported by the ERM Portal, an IT tool.
Apart from recording information about risks and risk-related actions, the ERM Portal can also be used to monitor current risk indicators and the automatic flow of information on actions in progress.
To better serve the needs of its users, in 2013 we updated the ERM Portal with numerous improvements and new functionalities, including a database of risks audit results, as well as a risk management chart generator. All of these initiatives were designed to improve the Enterprise Risk Management system.