NNPC Limited ERM Processes And Procedures PDF

Summary

This document details the risk management processes and procedures for NNPC Limited. It covers topics such as risk appetite re-evaluations, risk culture development, and governance structures. These policies outline staff and management duties related to risk management.

Full Transcript

NNPC Limited ERM Processes and Procedures Policies S/N 10. Description Re-evaluation of the risk appetite NNPC Limited’s risk appetite will need to be re-evaluated: a) As part of Its strategy planning cycle and goal-setting process; b) When significant changes are made to NNPC Limited’s organis...

NNPC Limited ERM Processes and Procedures Policies S/N 10. Description Re-evaluation of the risk appetite NNPC Limited’s risk appetite will need to be re-evaluated: a) As part of Its strategy planning cycle and goal-setting process; b) When significant changes are made to NNPC Limited’s organisational structure; c) When changes are made to Its overall strategy and goals; and d) When there are changes in the expectations and risk preferences of key stakeholders. The following considerations shall be made in the course of the review:  Changes to the Company’s strategic objectives and risk preferences  Changes in prevailing market realities and economic conditions  The output shall be the revised risk appetite statements and key risk indicators. Page 15 of 347 NNPC Limited ERM Processes and Procedures 3.0 Risk Culture Introduction NNPC’s risk culture encompasses the shared knowledge, understanding, values, beliefs, attitudes of Management and staff towards risks. A strong risk culture leads to effective management of risks while a weak risk culture. Objectives To ensure the development of a strong risk culture, alignment of vision and values in the management of risks across NNPC Limited. Policies Policies S/N 1. Description Management and staff of NNPC Limited shall be committed to the optimal management of risk in order to achieve the Company’s mission and vision, as well as protect Its core values. 2. Management shall ensure periodic training and awareness on risks are provided to all stakeholders within NNPC Limited 3. NNPC Limited shall proactively identify future uncertainties and adequately plan for them without inhibiting growth and value creation. Page 16 of 347 NNPC Limited ERM Processes and Procedures Policies S/N 4. Description Employees are expected to proactively manage risks in their operations and will be recognised for their good risk management practices in our performance evaluation process. 5. NNPC Limited and its subsidiaries shall adhere to the following four (4) key pillars: a) Leadership – The Board and Senior Management shall set the tone at the top by establishing and promoting a strong culture of adherence to risk limits and boundaries. b) Ownership – Every employee shall proactively manage risks in their day-to-day activities i.e. risk management is a shared responsibility. Every staff shall be trained to integrate risk management in their respective day to day operations. See Appendix A for the training policy. c) Transparency – There shall be open, clear and honest communication information of shall risks be within NNPC communicated Limited. to Risk relevant stakeholders periodically, to aid decision making. d) Compliance – There shall be low risk tolerance for breach of laws, regulations and organizational policies. The Governance, Risk and Compliance Function shall be empowered to monitor compliance. Where the need arises, the GCEO is authorized to grant exceptions to the application of this policy, and thereafter Page 17 of 347 NNPC Limited ERM Processes and Procedures Policies S/N Description seek ratification from the NNPC Limited Board. 4.0 Risk Governance 4.1 Introduction Risk governance refers to the structure for managing risks within NNPC Limited and its subsidiaries. It also presents a comprehensive detail of the responsibilities for monitoring and reporting business risks within NNPC Limited and its subsidiaries. The risk governance structure comprises: 1) The risk governance structure; 2) The ERM organizational structure; 3) The risk reporting structure; 4) The ERM roles and responsibilities; and 5) The ERM stakeholder relationships. These are further detailed below: 1. Risk Governance Structure NNPC Limited’s risk governance structure is based on the “three lines of defense” model, which ensures that risk is properly managed throughout NNPC Limited and its subsidiaries. Page 18 of 347

Use Quizgecko on...
Browser
Browser