 Home
| Letter
from the Chairman |
Report Overview | Global Reporting Initiative |
Feedback | |
Enterprise Risk Management
PG&E is taking an integrated and coordinated approach to risk management to the benefit of our shareholders and customers. We are engaged in an enterprise-wide effort to identify the most significant risks facing our business and establish a sustainable process for managing these risks into the future. Enterprise Risk Management (ERM) is a process used by companies to ensure they are effectively managing major risks to achieve their business objectives. PG&E’s ERM program:
 | is designed as an ongoing process rather than a one-time project; |
| | supports the company's vision, goals and strategies; |
| | provides a portfolio view of risk and facilitates a coordinated risk response across the enterprise; |
| | identifies significant risks and ensures they are being managed within the company's risk tolerance; |
| | ensures a systematic process for identifying and evaluating risks; |
| | improves the understanding of key risks and their potential interdependencies; |
| | enhances the ability to manage the probability of occurrence and/or consequence of risks; |
| | improves the allocation of resources used to manage risk; and |
| | defines clear roles and responsibilities for risk-management activities, including the creation of a senior officer risk committee, which is responsible for prioritizing risks and reviewing the evaluations and plans for the top risks. |
Consistent with best practices, PG&E is taking both a "bottom-up" and "top-down" approach to risk management. A structured "bottom-up" approach was used to identify key risks and provide a high-level evaluation of these risks. Subject matter experts within PG&E were interviewed to define the nature and potential impact of key risks as well as existing mitigation activities. An outside expert on global trends then reviewed this work and provided additional suggestions.
As a result of this process, approximately 30 significant risks to PG&E Corporation and the Utility were identified. They include a wide variety of risks, such as commodity risk, strategic business risk, operational risk, natural hazards, political risk, regulatory risk, economic risk and environmental risk, including climate change. A structured "top-down" approach was then used to prioritize key risks. Risk assessments and mitigation plans to address the risks identified are being developed and put into effect, and will be reviewed and updated annually to take into account changing market, regulatory and other dynamics.
An outgrowth of the ERM process was establishing an integrated way in which to identify key stakeholders for the company, assess stakeholders, areas of interest and concern and better understand how these stakeholders perceive the issue of risk as it pertains to our business. We are currently undertaking a structured effort to reach out to these stakeholders and engage in constructive dialogue to develop a shared sense of the major issues of concern as well as a common understanding of the major issues facing PG&E going forward; we are also enhancing existing, and in some cases establishing, working relationships with stakeholders to mitigate these issues.