Risk Management System

IRMS deployment

The Company has developed and formalised a uniform approach to its risk management processes, which is fully contained in the Integrated Risk Management System (IRMS) corporate standard.

Gazprom Neft’s IRMS is a systematic, continuous process that identifies, assesses and manages risks.

Its key principle is that the responsibility for managing different risks is assigned to managers at various levels, depending on the potential financial impact of each specific risk.

By late 2011, the Company had implemented basic IRMS processes at most of its major subsidiaries and affiliates, and was therefore able to develop a detailed corporate risk map for 2011 by consolidating identified risks from individual subsidiary and affiliate levels across the entire Company. In 2012-2013, the scope of the IRMS was extended as the asset portfolio grew, with 11 new assets in the Exploration and Production Segment (EPS) and four assets added to the Logistics, Refinement and Sales Segment (LRSS). At the end of 2013, the IRMS covered all of OJSC Gazprom Neft’s major assets; it will be extended further whenever new projects are launched or operating assets are acquired.

This approach made it possible to outline risk management responsibility areas, and to monitor these at every level of corporate management, and to have customised response plans to address material risks at each subsidiary/affiliate and throughout the Company.

The IRMS standards and methods are included in the following documents:

  • Risk management policy;
  • The corporate standard “Integrated Risk Management System Procedure for identifying and assessing risks, preparing responses, and monitoring compliance”; and
  • Guidelines for the risk management process, including the Risk Registry, Card and Matrix templates.

The Company works continuously to improve its basic IRMS processes with a particular emphasis on assessing risks and integrating risk management processes into key corporate processes, such as business planning, project management and M&A.

To make IRMS processes more efficient, in 2013 Gazprom Neft embarked upon an IRMS automation project. By year-end, phase one was completed, which involved the creating and commissioning of a central database to monitor the Company’s risks. The plan for 2014 is to populate the database with updated content, train users and produce executive reports.

Key irms deployment stages

Implementation of the integrated risk management system at the Company began in August 2008, when the Company’s management board approved the concept



2013–2014 (aims)

Developed the IRMS implementation concept and received the Management Board’s approval.

The scope of the IRMS was expanded to include subsidiaries and affiliates, joint ventures and major projects. Risk management procedures were established for major projects .

Continued integration of the IRMS at new assets.

Introduced a new corporate standard, “IRMS: Procedure for identifying and assessing risks, preparing responses, and monitoring compliance”.

Introduced risk-oriented planning for internal audit.

Further improvement of risk assessment methodology, adoption of regulatory and methodology documents for the quantitative assessment of individual risks.

Expanded the scope of the IRMS to cover 29 business entities (20 subsidiaries and affiliates, sand nine sub-divisions at the Corporate Center).

Analysed the IRMS to ascertain its compliance with best international practices (Ernst & Young). The development of the IRMS was recognised as compliant with best practice. Integrated IRMS processes into executive decision-making procedures, an important factor in the current stage of corporate development.

Integration of the IRMS into corporate business processes (including business planning, project management, and target-based management).

In two phases, in June 2009 and March 2011, the IRMS was analysed to ascertain its compliance with best practices (by Ernst & Young). The risk management system was found to be compliant with best international practice in terms of ERM (Enterprise Risk Management) system building.

Developing an IT system to support IRMS processes.

Impact level of financial risks and delegation of authority within the IRMS
IRMS process flow chart in relation to the business planning process

* Depending on the severity of risks

Integration of the IRMS into the business planning process

During the reporting year, risk assessment became an integral part of the business planning process. As a result, EPS- and LRSS-related business plans for 2013 to 2015 are, therefore, characterised by a more detailed approach to risk assessment: the existing assessment and description of risk factors have been revised at the subsidiary and affiliate level taking into account changing conditions and new plans; and information on the key risks faced by subsidiaries, affiliates and business blocks, as well as risk mitigation measures, have been incorporated into the respective business plans.

As part of the efforts to integrate risk management processes into the Company’s project management processes (primarily major exploration and production projects), a methodological base was developed in 2013 to enable analysis of project risks. Its purpose is to work out a project plan (starting with a time schedule) that is balanced through correlation of the objectives with the level of uncertainty (risks); this helps to set goals that are both ambitious and achievable. In 2014, the Company plans to fully deploy this methodology on each major project.