Enterprise Risk Management, Business Continuity Management and Internal Control
Risk management is considered the responsibility of all PTTEP's personnel. PTTEP established a Risk Management Policy that requires directors, management, employees, suppliers and contractors to adopt. The policy sets out PTTEP's commitment to effective risk management which is vital to the achievement of our target and the sustainability of our business.
PTTEP's Board of Directors and Management recognize the importance of strong risk management in pursuing PTTEP aspirations. Changes in business environment are inevitable and may expose PTTEP to certain business risks. A systematic and well-structured risk management process will provide the Board of Directors and Management with reasonable assurances over the target achievement.
PTTEP oversees the effectiveness of the PTTEP Group as a whole in conducting business with full compliance to applicable laws and external regulations (“Compliance”) in every area we have business in. PTTEP also directs Compliance Risk Management.
PTTEP has determined a risk management framework that aligns with ISO 31000, an international standards for risk management. Risk management practices are taken into account at various levels within the organization, including corporate, function group, asset, division, department, project, process and investment & divestment decision making.
Business Continuity Management
PTTEP recognizes the importance of Business Continuity Management (BCM) that it strengthen PTTEP role as a hydrocarbon producer, to serve communities and countries. PTTEP has systematically implemented BCM system as seen as a part of Enterprise Risk Management.
PTTEP BCM policy objective is :
- To protect people, organization, brand and reputation, the interests of our stakeholders and the wider community
- To mitigate the risks from events that could negatively impact or disrupt operations and businesses
- To minimize risks of non-compliance with government regulations and laws including any contract or agreement with our partners, customers, suppliers and contractors
- To continually improve the organization's business continuity capabilities
PTTEP has aligned BCM system to the international standard, ISO 22301.
All business units in PTTEP recognize the importance of internal control and emphasize in particular that the control is adequate, appropriate and efficient in managing risks to remain within acceptable risks. PTTEP has determined an internal control system that aligned with the international standard - COSO internal control framework considering
1) Control Environment
2) Risk Assessment
3) Control Activities
4) Information and Communication
5) Monitoring and Evaluation
The 5 components will enable PTTEP to achieve the following objectives :
- Efficient and effective operations, including safeguarding of asset and prudent use of resources
- Accurate, reliable, timely and transparent reporting
- Compliance with laws, rules and regulations as well as the company's policy and procedure