edp

Our Company

Business Units

edp > About EDP > Principles and Policies > Corporate Business Risk Management Policy

Corporate Business Risk Management Policy

Business risk management, which involves identifying, measuring, dealing with and reporting the main risks, is an integral part of the management style that the Group requires from its employees, in line with good international risk governance practices, legal and regulatory requirements and the Group's internal and external stakeholders' expectations and demands.

The Group's corporate business risk managment policy is based on the following principles:

> Risk management is everyone's responsibility, from the EBD to each individual employee. Everyone is responsible for knowing the risks in their area of activity and managing them in accordance with approved risk policies and tolerance levels.

> The Group must manage its significant risks from a portfolio perspective, optimising the balance between risk and return throughout all its business areas.

> Business risk management must be included in all the most important business processes, such as strategic and business planning, operations management and investment decisions, in order to ensure that risk analysis is included in all decisions.

> Business risk management is a comprehensive, continuous, disciplined process in which risks are identified, analysed and consciously accepted, increased or mitigated within approved risk tolerance levels.

> Local risk management polices and procedures must be consistent with this corporate policy. In addition, all local policies and procedures must facilitate the aggregation, consolidation and revision of all significant risks at corporate level.