Risk management framework

Vattenfall's risk management framework ensures thorough identification of our risks and acceptable risk exposure.

Enterprise Risk Management (ERM) is a continuous process of identifying, assessing, addressing and monitoring risks at all levels of the business. It enables quantification and comparability of financial as well as non-financial risks. 

Enlarged illustration

The text in the illustration
Information, communication and monitoring

  1. Internal environment and objective-setting
  2. Event identification
  3. Risk assessment
  4. Risk tolerance
  5. Risk response
  6. Control activities
  7. Internal environment and objective-setting and so on.


Vattenfall's strategy, which includes our purpose, our values and our risk appetite, serves as the basis for setting objectives for the respective business units in the business planning process.

When setting these objectives, events that could hinder their achievement are identified. These risks are assessed against the company's risk tolerance, and a decision is made on suitable risk measures to avoid, reduce, share or accept the risks. The business units' most important risks and measures are followed up as part of the financial monitoring. 

Information and communication are provided on a regular basis to the Executive Group Management. Our risk management process quantifies and compares risks with respect to both financial and non-financial consequences (e.g., reputation, environment, health and safety). After aggregating the risks, a composite overview of our risk situation is created. The potential financial impact is linked to relevant financial key data that is used for the governance of the company.

For further information, please read the risks and risk management section in the Annual and sustainability report 2016 (PDF 6 MB).

Last updated: 2017-03-30 13:22