PG&E Corporate Responsibility and Sustainability Report 2020

Plan of Reorganization Commitments

Risk Management

Nothing is more important to PG&E than the safety of our customers, workforce and the public. In keeping with this focus, we strive to embed risk management in every critical business process, making data-driven decisions to support safe, reliable and affordable electric and gas service.

Our Approach

At PG&E, risk management processes are facilitated by a central group, implemented by each line of business and overseen by senior management and the Boards of Directors.

The Vice President, Internal Audit and Chief Risk Officer (CRO) of PG&E Corporation and Pacific Gas and Electric Company is responsible for overseeing the enterprise and operational risk management program, internal audit and insurance functions, market and credit risk management, third-party risk management, and Sarbanes-Oxley Act compliance reporting jointly to the Executive Vice President and Chief Financial Officer and the Audit Committees of the PG&E Corporation and Pacific Gas and Electric Company Boards.

Under PG&E’s Chapter 11 Plan of Reorganization, PG&E committed to establishing a newly expanded role of Chief Risk Officer who will have oversight of risks associated with PG&E’s operations, emphasizing the role of risk management in operational decisions.

With guidance from a central program office, PG&E maintains a risk register of event-based risks and line-of-business risks. To manage risks, we follow a consistent enterprise-wide approach to model, measure and reduce risk. With our methodology, PG&E is able to calculate a baseline risk score and evaluate different mitigation strategies for their ability to reduce that baseline score. The methodology places an emphasis on identifying and prioritizing the highest safety risks. Risk mitigations are tracked throughout the year and risk assessments are refreshed at least annually to capture the impact of mitigation strategies and to reflect changes in the operating environment. The risk management program provides transparency and accountability for risk reduction progress.

The senior-most executive of each line of business maintains a Risk and Compliance Committee, which has oversight responsibility for all associated activities for risk and compliance programs within their organization. The Risk and Compliance Committee ensures that activities related to enterprise and operational risk and compliance management within their respective organizations are adequate and effective, and that resources are available as needed.

In addition, the PG&E Corporation and Pacific Gas and Electric Company Boards and their respective committees have specific oversight responsibility for risk management in their respective areas:

Entity Risk Oversight Responsibilities
Boards
  • Evaluate risks associated with major investments and strategic initiatives (with assistance from the Finance Committee Footnote 1a)
Audit Committees
  • Discuss the guidelines and policies that govern the processes for assessing and managing major risks
  • Allocate to other Board committees the specific responsibility to oversee identified enterprise risks
  • Consider risk issues associated with overall financial reporting and disclosure processes
  • Discuss programs to monitor compliance with laws, regulations, policies and programs
Finance Committee Footnote 1b
  • Discusses risk exposures related to energy procurement, including energy commodities and derivatives, and other enterprise risks, as assigned by the Audit Committees
Safety and Nuclear Oversight Committees
  • Advise and assist the Boards of Directors with respect to the oversight and review of risk management practices related to Pacific Gas and Electric Company’s nuclear, generation, gas and electric transmission, and gas and electric distribution operations and facilities
  • Oversee other enterprise risks, as assigned by the Audit Committees
Compensation Committee Footnote 1c
  • Oversees potential risks arising from compensation policies and practices
  • 1. Committees of the PG&E Corporation Board of Directors only.1a, 1b, 1c

For a full description of Board committee oversight responsibilities, please see the webpages of the Boards of Directors of PG&E Corporation and Pacific Gas and Electric Company, as well as our 2019 Joint Proxy Statement (PDF).

Senior management and their committees have specific oversight responsibility for risk management in their respective areas:

Entity Risk Oversight Responsibilities
Enterprise Risk Committee
  • Provides strategic direction and oversight of PG&E’s enterprise and operational risk management program
Enterprise Compliance Governance Committee
  • Provides strategic direction and oversight of PG&E’s compliance and ethics programs

2019 Milestones

In 2018, the Safety Model Assessment Proceeding (S-MAP) at the California Public Utilities Commission (CPUC) established a common enterprise risk framework for California’s investor-owned utilities. As a result, PG&E implemented a new risk framework in 2019, which included developing a multi-attribute value function to combine different risk consequences (safety, reliability, and financial) into a single risk score. Using the new framework, PG&E quantified the risks on our risk register and began risk and mitigation analysis for our 2020 Risk Assessment Mitigation Phase (RAMP) filing, due in June 2020.

In 2019, the CPUC also issued a decision in the S-MAP proceeding on metrics and reporting. During the year, PG&E participated in several workshops to refine and propose new metrics, which will enable the CPUC and utilities to better measure and understand operational risk.

In the spirit of continuous improvement, PG&E continues to enhance its risk models based on lessons learned in both the CPUC’s RAMP and S-MAP proceedings.