Risk Management System

The Company has developed and formalised a unified approach to risk management within the framework of an Integrated Risk Management System(IRMS). The IRMS at Gazprom Neft is a continuous, systematic process designed to identify, assess and manage risks.

The key approach of the Company’s IRMS is the distribution of powers by management level within the Company depending on the financial impact of the risk.

In late 2011, the Company introduced basic IRMS processes at most of its existing subsidiaries and affiliates. This made it possible to compile a detailed Corporate Risk Map for 2011 by consolidating the risk events from the level of individual subsidiaries and affiliates to the Company level as a whole. In 2012–2014, the portfolio of the IRMS perimeter was expanded and as of late 2014 the IRMS includes all existing Gazprom Neft assets. Further expansion is planned as new projects are launched or existing assets are acquired.

This approach has made it possible to form zones of responsibility for risk management and monitor risks at all levels of the Company’s management as well as to ensure the preparation of targeted response plans to substantial risks both subsidiaries and affiliates as well as at Gazprom Neft assets as a whole.

The regulatory and methodological framework of the Gazprom Neft IRMS includes the following documents:

  • a Risk Management Policy
  • a Company Standard Integrated Risk Management System with procedures for identifying and assessing risks, preparing risk management measures and monitoring their fulfilment
  • methodological guidelines for the risk management process, including templates of the Risk Register, Risk Card and Risk Matrix.

The Company continuously updates and improves its approach to basic processes of the IRMS, including devoting special attention to improving the approach to risk assessment and the integration of the risk management process into such key processes as business planning, project management and M&A.

To improve the efficiency of IRMS processes in 2014, Gazprom Neft continued its activity on a project launched in 2013 to automate the IRMS. The first stage of the project was completed in late 2013 and made it possible to establish and put into commercial operation a unified Company risk database. Over the course of 2014, the database was completed with relevant information, users were trained and reporting formats were developed for Company executives.

Risk management constitutes an integral part of the internal environment of OJSC GAZPROM NEFT and includes:

  • introducing a risk-management approach to all aspects of production and management activities
  • conducting systematic analysis of identified risks
  • building a system to control risks and monitor the effectiveness of risk management activities
  • an understanding by all Company employees of the basic principles and approaches to risk management accepted at the Company
  • providing neccessary regulatory and methodological support
  • allocating powers and responsibilities for risk management among the Company’s structural divisions

Goal of risk management

The Company’s goal in risk management is to improve the efficiency of management decisions by analysing related risks as well as ensuring the maximum effectiveness of risk management measures during the implementation of the adopted decisions.

This goal is achieved by performing the following tasks:

  • establishing a risk management culture within the Company to realize a common understanding among management and employees concerning the main principles and approaches to risk management
  • establishing and introducing a systematic approach to identifying and assessing risks that are inherent in the Company’s activities both as a whole and in individual areas of activity
  • stimulating the exchange of information on risks between the Company’s structural divisions and the joint development of risk management actions
  • providing systematic information about risks to the Company’s governing bodies


The introduction of the Integrated Risk Management System at Gazprom Neft began in August 2008 with the approval of the IRMS Introduction Concept by the Management Board.

2008–2012 2013–2014 2015 (goals)
  • The IRMS Introduction Concept was developed and approved by the Management Board and the Company’s Policy and Standards on risk management took effect.
  • The perimeter of the IRMS expanded to subsidiaries, affiliates, joint ventures and major projects. Risk management procedures were introduced in the management practice of major projects.
  • Risk-oriented planning introduced in internal auditing.
  • Analysis on compliance with best practices conducted by Ernst & Young. Risk management system recognised as approaching the best global practices for building Enterprise Risk Management (ERM) systems
  • Further expansion of the IRMS perimeter to new assets.
  • Continued improvement of risk assessment methods, introduction of regulatory and methodological documentation on the quantitative assessment of individual risks.
  • Integration of the IRMS with the Company’s business processes, including business planning, project management, target-specific management and other processes.
  • Development of an information system supporting IRMS processes.
  • To use quantitative risk assessment results to determine the materiality of their impact on financial results.
  • To continue integration of the IRMS with the Company’s business processes, in cluding the areas of business planning, project management and other areas.
  • To further develop the information system supporting IRMS processes, including the development of risk reports for Company executives.

Levels of financial impact of risk and distribution of powers within the IRMS

KEY RISKS The Management Board adopts key decisions and assesses management. Units directly manage this risk category.
RISKS OF UNITS Management and monitoring at the Unit level
RISKS OF S&A Management and monitoring at the subsidiary and affiliate level

Integration of IRMS with business planning and project management

Risk assessment became an integral component of business planning in the reporting year. One of the main differences in the business plans for 2015–2017 is the more detailed approach to risk assessment: existing assessments and risk factor descriptions were revised at the subsidiary level taking into account the changed conditions and new plans, while information on the most significant risks faced by subsidiaries as well as measures to mitigate them were included in the relevant business plans.

As part of integrating risk management with the Company’s project management processes, above all in major projects related to exploration and production, the methodological framework for the analysis of project risks developed in 2013 was introduced on a full-scale basis in 2014. At the same time, a number of risk sessions were held to identify risks related to the management of the Company’s major projects. This made it possible to prepare project plans, primarily calendar schedules, that are more balanced in terms of the correlation between the goals set and the level of uncertainty.