Web Content Display Web Content Display

Our comprehensive risk management is designed to create value for ISAGEN and is a key element in decision-making, reducing losses and maximizing opportunities. It seeks to safeguard our Company’s strength and sustainability by efficiently managing risks at various levels of the Organization, managing mechanisms to transfer risks and preparing effective responses to events that affect business continuity.

The risk management system is a logical, systematic process through which we establish context, while also identifying, analyzing, assessing, treating, monitoring and reporting risks related to the Organization’s processes and strategy. These management efforts are based on a methodology that’s aligned with corporate strategy, best practices and standards such as ISO 3100 and NTC 5254.

We establish as a premise that all employees are responsible for comprehensively managing the risks associated with their work. In view of this, we have prepared the Comprehensive Risk Management Policy, with the aim of making these practices the cornerstone around which all work is carried out.

 
 

Business continuity system

In preparation for adverse events that could result in a crisis, we manage business continuity as a global, comprehensive and systematic process. We use this process to identify potential impacts, establish a context for the situation, develop recovery strategies and create effective responses so that we can be prepared for such impacts.

Business continuity management comprises:

  • Crisis management: aims to protect reputation and ensure the wellbeing of stakeholders when faced with crises that jeopardize the stability of the Company and the fulfillment of its strategic objectives.
  • Business continuity: aims to develop corporate response capability, so that it can recover and restore critical business functions when faced with events that interrupt operations.
  • Emergency response: aims to protect people, the environment and infrastructure when incidents occur, and take basic measures to avoid the escalation of negative impacts.

To ensure these elements effectively interact and ensure continuous improvement, our work is carried out in the framework of the Business Continuity Management System, which is built on best practices from national and international standards such as ISO 22301 and NTC 5722.

Corporate risk

We create a risk inventory that is aligned with our corporate strategy to facilitate monitoring and prioritization of the most critical Company risks.

 

1

Occupational Health and Safety Risk

Residual risk

Inadequate management of activities leading to undermining the protection, safety, health and well-being of personnel.

1

Occupational Health and Safety Risk

Inherent risk

Inadequate management of activities leading to undermining the protection, safety, health and well-being of personnel.

2

Physical security of people and facilities risk

Inherent risk

Social conditions or malicious actions by third parties that threaten the security of ISAGEN's people (personnel, contractors or community members) or assets and/or affect the business operations.

3

Environmental and social risk

Inherent risk

Inadequate social and biophysical management for contributing to environmental sustainability of ISAGEN and its influence areas during the construction or operation of power generation plants.

4

Commercial Management Risk

Inherent risk

Inadequate commercial management that prevents or hinders the achievement of the EBITDA target.

5

Natural disaster risk

Inherent risk

Natural phenomenon of certain extent, intensity and duration, with the potential to cause damage on people, assets or the environment, which affect operations.

6

Risk of Unavailability at Power Generating Plants

Inherent risk

Internal or external events that affect the operations of the electric power plants and impact their availability.

7

Fuel Shortage Risk

Inherent risk

Fuel shortage (supply and transport) to ensure back up and/or generation of ISAGEN's thermoelectric power plant.

8

ICTs Management and Cyber-Security Risk

Inherent risk

Inadequate management of information technology and communications that prevents or limits the achievement of business goals, and vulnerability of information caused by internal or external cyber-attacks.

9

Legal Management Risk

Inherent risk

Errors or omissions in the legal representation or legal advisory of the company.

10

Human Talent Management Risk

Inherent risk

Inadequate management of human talent that hinders the integral development of employees and prevents the company from having competent workers and efficient succession plans.

11

Macroeconomic Changes Risk

Inherent risk

Macroeconomic changes that negatively affect the Company's operational results and the creation of value therein.

12

Fraud, bribery and corruption risk

Inherent risk

Fraud, bribery and corruption acts by company workers or stakeholders.

13

Regulatory and Compliance Risk

Inherent risk

Default or ignorance of laws, norms and/or regulations.

14

Financial Management Risk

Inherent risk

Inadequate financial management that negatively affects the business operational results and the creation of value therein.

15

Hydrological and climate variability risk

Inherent risk

Climate and hydrological variability that affects negatively the production of electric energy at the Company's hydroelectric power plants.

2

Physical security of people and facilities risk

Residual risk

Social conditions or malicious actions by third parties that threaten the security of ISAGEN's people (personnel, contractors or community members) or assets and/or affect the business operations.

3

Environmental and social risk

Residual risk

Inadequate social and biophysical management for contributing to environmental sustainability of ISAGEN and its influence areas during the construction or operation of power generation plants.

4

Commercial Management Risk

Residual risk

Inadequate commercial management that prevents or hinders the achievement of the EBITDA target.

5

Natural disaster risk

Residual risk

Natural phenomenon of certain extent, intensity and duration, with the potential to cause damage on people, assets or the environment, which affect operations.

6

Risk of Unavailability at Power Generating Plants

Residual risk

Internal or external events that affect the operations of the electric power plants and impact their availability.

7

Fuel Shortage Risk

Residual risk

Fuel shortage (supply and transport) to ensure back up and/or generation of ISAGEN's thermoelectric power plant.

8

ICTs Management and Cyber-Security Risk

Residual risk

Inadequate management of information technology and communications that prevents or limits the achievement of business goals, and vulnerability of information caused by internal or external cyber-attacks.

9

Legal Management Risk

Residual risk

Errors or omissions in the legal representation or legal advisory of the company.

10

Human Talent Management Risk

Residual risk

Inadequate management of human talent that hinders the integral development of employees and prevents the company from having competent workers and efficient succession plans.

11

Macroeconomic Changes Risk

Residual risk

Macroeconomic changes that negatively affect the Company's operational results and the creation of value therein.

12

Fraud, bribery and corruption risk

Residual risk

Fraud, bribery and corruption acts by company workers or stakeholders.

13

Regulatory and Compliance Risk

Residual risk

Default or ignorance of laws, norms and/or regulations.

14

Financial Management Risk

Residual risk

Inadequate financial management that negatively affects the business operational results and the creation of value therein.

15

Hydrological and climate variability risk

Residual risk

Climate and hydrological variability that affects negatively the production of electric energy at the Company's hydroelectric power plants.

2017 Management Report 2017 Management Report

Our 2017 results

Comprehensive risk management

We encourage you to refer to last year’s most outstanding milestones regarding our enterprise risk management and to provide your comments at Contact us.

  • We reconsidered the methodology and standards to design and model our processes on risk-based thinking.
  • We conducted exercises and drills to build awareness and enable the parties responsible for responding to emergencies, crises and business interruptions.
  • We structured the recruitment risk mitigation program, using tools such as insurance policies.

Web Content Display Web Content Display

ALSO OF INTEREST

 
Employee development

Employee development

 
Stakeholder relations

Stakeholder relations

 
Management reports

Management reports

Every year, we share our management reports which address the most relevant business aspects throughout the year.

 

Social management in the regions