Risk Management Process

Given the size of the EDP Group and its geographical diversity, it is important to define a transversal and consistent process at the level of the various Platforms and Regions, which at the same time recognises the heterogeneity of the businesses and activities in which the Group operates. In this way, risk management in the EDP Group is structured around five main phases (identification, analysis, evaluation, treatment, and monitoring), complemented by a prior phase of establishing the context, and by adequate levels of communication between the various stakeholders:

i. Establishing the context

Assessment of the external and internal environment
Defining the fundamentals for risk management

ii. Identification

Comprehensive mapping of key risks (and representation in structured taxonomy)

iii. Analysis

Establishment of risk criteria
Risk Materiality Analysis (qualitative and quantitative)

iv. Assessment

Exposure Assessment in light of risk appetite
Definition of treatment strategies to implement

v. Treatment

Implementation and execution of the established treatment plan

vi. Monitoring

Monitoring and reporting the evolution of risk indicators, materialization of events and progress of treatment measures

vii. Communication

Continuous and bidirectional communication between relevant stakeholders

Risk management process circular diagram showing seven interconnected phases: establishing context, identification, analysis, assessment, treatment, monitoring, and communication with connecting lines indicating process flow

Fundamental phases Preliminary/continuos phases

Download the PDF below for a detailed description of EDP Group’s Risk Management Process.

EDP Group's Risk Management Process

PDF . 176.57 KB

Risk Management Process