We adopt a proactive approach to managing risks and assurance so our Board and senior management team have a comprehensive view of all key risks and the strategies employed for their management.
Oil Search’s management system, ‘Our Way’, defines our governance and assurance processes. This ensures employees conduct their work in accordance with our performance requirements and our risk and compliance obligations are understood and appropriately managed.
In line with the ISO standard 31000 - Risk Management, our risk management approach includes the identification, measurement, evaluation, monitoring, reporting and controlling or mitigation of current and emerging risks for inclusion in the Company’s risk profile. This profile is multilevel; it includes an overall organisational profile, supported by subsidiary profiles maintained by all areas of the business. Regular review of new and emerging risks is a requirement of the Company’s risk governance process, and risk profiles are updated as required.
Oversight of these profiles and their management is provided at various levels across the business at management and specific risk governance forums. The Risk Management team has visibility of registers across the business and monitors them for links that may impact the ratings for the likelihood of, or consequences of, risks that are formally or informally connected.
We conduct sensitivity analysis for relevant performance indicators using economic models and use the outcomes to inform our investment decisions.
To manage risks across our organisation in line with ‘Our Way’, we have three lines of assurance:
- Primary accountability – Business Unit managers are responsible for identifying and managing risks to Company and business unit objectives, and for operating in compliance with our performance requirements.
- Corporate assurance – Functions challenge and provide specialist support and assurance to Business Unit Managers in managing identified risks.
- Independent assessment – Our internal audit programme tests the design and operating effectiveness of internal controls to ensure they comply with our policies, plans, procedures, business objectives and significant legislative and regulatory requirements. This programme also includes elements of supplier performance, such as business resilience, compliance and aviation safety.
The risks identified and managed include financial, operational and social responsibility risks such as those relating to the health and safety of our workforce, the environment, climate change, security, human rights, and fraud and corruption. For an overview of our material business risks and how we respond, see our latest Annual Report.