Size: px

Start impression from page:

transcript

1 APPROVE: Director production management in the city of Tyumen of the Branch of RN-Inform LLC in the city of Nefteyugansk D.I. Surnin April 01, 2015 Register of the main operational risks of production management in Tyumen as of the year Risk Description of the risk Risk consequences Risk mitigation measures Short description risk The probability of an undesirable event associated with a given hazard at various stages of activity. Worst case scenario for personnel, company equipment/funds, environment, reputation of the company Measures to reduce the likelihood of occurrence of an incident and the severity of an undesirable event.

2 Walking to work in the city, inside the administrative building Slippery road, steps of stairs, footboards of cars, moving cars. disability. - It is necessary to move on foot slowly, carefully look around; - To prevent falling, when moving to the workplace inside the ABK on stairs, it is necessary to hold on to the railing of the stairs. Transport. Embarkation, disembarkation of passengers. Bus travel. Fall: slippery road (stop), bus steps, other participants traffic. Traffic accident. disability. - Strict adherence to company standards in the field of transport security. - Movement to the bus stop, to the place of boarding the rotational bus should be carried out assessing and predicting possible dangers (slippery road, collision with other pedestrians, crossing roads, etc.). - Before boarding the bus, do not crowd, do not push and do not rush. - When boarding the bus and moving around the cabin, hold on to the handrails. - Seats should be taken from the rear of the cabin. - It is forbidden to occupy the front seats if there are other free seats. - Fasten your seat belts before starting the bus. - While the bus is moving, it is forbidden to unfasten seat belts, get up from your seats, move around the bus. - Do not smoke, eat or drink while driving. - You should get up from your seats to get off the bus only after the bus has stopped at a specially designated area. - Passengers located at the rear of the bus first start exiting the bus. - When driving through the cabin and exiting the street, hold on to the handrails. It is forbidden to jump from the steps of the bus. - Compliance with the speed limit by the driver. - In cases of non-compliance with the Corporate Standard of TNK-BP and detection of inconsistencies and / or non-compliance with the indicated rules, immediately notify the HSE specialists of Transport. Departure to objects for the production of works Road traffic accident. Equipment: damage to vehicles, transported equipment. - When leaving for objects on production vehicles, the senior group appointed by the head is obliged to ensure that all employees, including the driver, fasten their seat belts. - The head of the group, appointed by the leader, in winter or at night, is obliged to check whether the low beam of the car is on. - The leader of the group, appointed by the head, is obliged to monitor the condition of the driver. In case of feeling an alcoholic smell, a cloudy look, inadequate behavior, inadequate speech, a sharp and unreasonable change in mood, demand a stop of vehicles and report to your immediate supervisor.

3 Transport Preparing for work Work associated with moving around the territories of production bases. Work on a personal computer. When transporting a portable tool to the place of work and from the place of work, the power tool is incorrectly stowed in the car, protruding sharp parts of the portable power tool. Unconnected wires, exposed sockets Slippery road, stairs, car footboards, moving cars. Static tension of the muscles of the neck-shoulder region and back, curvature of the spine; weakening of vision; pinching of the nerves of the hands. injured. Falls, electrical injuries disability disability - Compliance with the technical standard of the company "Transport Safety". - Use of seat belts. - Using low beam headlights to reduce the risk of collision with other road users. - Strict observance of company standards and requirements of state authorities on labor protection. - Do not transport (if possible) portable power tools in the passenger compartment. - Regular checking of safe location and installation; portable power tool when it is necessary to transport it in the car. - Check the condition of the workplace for the presence of items or devices that are not provided (or the absence of those provided), and their condition; - The PC electrical wiring must be tied with a cable manager, fixed, excluding the possibility of unintentional movement - You should move around the territory of the base only in accordance with production necessity and slowly, carefully look around. - To prevent falling, when moving to the workplace on stairs, it is necessary to hold on to the railing of the stairs. - Strict adherence to company standards in the field of labor protection. - When working at a PC, the employee must take a comfortable position. - The distance from the eyes to the monitor should be at least 50 cm, normal cm. - Hands should be conveniently and comfortably located on the table in front of the keyboard, exclude the possibility of squeezing hands on the edge of the table. - the employee should take a short break after 0.5 hours of continuous work on the keyboard, give the eyes a chance to rest. - Lighting should not be bright or dim. - Strict observance of labor protection instructions when working on a computer

4 Work indoors (high thresholds, slippery floors) Personnel falling: bruises, fractures. - Exercise personal caution. - Pay attention to the possibility of a significant change in the state of the flooring when changing weather conditions or the actions of third parties. - Exercise personal caution. Look carefully at your feet. Fire Work outdoors in adverse conditions: low temperatures, wind speeds and other climatic conditions in the Far North. Moving loads Working with portable power tools Possibility of wire short circuits, improper operation of household appliances, indoor smoking. Defeat electric shock. Power outage. Poisoning carbon monoxide etc. Injury (frostbite, colds) by an employee under the influence of climatic factors. At high speed wind: falling, bruising, etc. Injuries to limbs and spine, bruises, muscle strain When connecting a portable power tool to power sources, there may be a danger of electric shock to a worker. Malfunction of protection against defeat Equipment: partial or complete damage to the company's equipment, damage to the company's funds. The staff is full, disability - Strict observance of the company's standards and the requirements of state bodies in the field of HSE. - Briefing on measures fire safety. - Compliance with safety rules for working with electrical equipment. - Strict observance of company standards and requirements of state bodies in the field of labor protection. - Strict observance of the regulations when working in adverse conditions, the prohibition of work during active days; - Training of personnel in the rules of safe work. - Exercise personal caution. - One employee is allowed to carry a load weighing no more than 15 kg.; - If the load exceeds the permitted weight, then total weight divided by the number of people carrying the load. When transferring bulky cargo, a senior team is appointed who manages the transfer of cargo. - Strict observance of company standards and requirements of state authorities on labor protection. - Strict adherence to the operating instructions for portable power tools. - Regularly check the portable power tool for damage and periodically test the power tool.

5 electric current (lack of grounding, insulation damage, etc.). - Training of personnel in safe work practices. Electricity Work at height 1. Connecting and disconnecting portable power tools to power sources may cause a risk of electric shock to the worker. 2. In case of malfunction of protection against electric shock (lack of grounding, insulation damage, etc.). 3. Organizational and technical measures have not been fully implemented when working in existing electrical installations, electrical equipment has not been de-energized. Personnel fall: fall, bruises, fractures 1. Personnel 2. Personnel 3. Personnel death - Strict adherence to company standards and government health and safety requirements. - Strict adherence to the operating instructions for portable power tools. - Regularly check the portable power tool for damage and periodically test the power tool. - Training of personnel in the rules of safe work.. Strict observance of company standards and the requirements of state bodies on labor protection, Strict observance of the instructions for performing work at height, Not performing work in adverse weather conditions (wind, rain, etc.) - Personnel training rules for safe work at heights. Work at Customers According to the risk assessment of the Customer According to the risk assessment of the Customer - According to the risk assessment of the customer, strictly follow the instructions on the risks of the Customer. - It is mandatory to put your signature, which confirms the understanding of all risks and measures to reduce them, in the logs of the Customer's daily briefings at each facility.

6 COMPILED BY: Ch. S. Aredakov, Specialist of the Department of Chamber of Commerce and Industry of Production Management in Tyumen

Production department in the city of Tyumen On labor protection for engineering and technical workers and employees 25 VERSION 1.00 TYUMEN 2015 APPROVED: Head of the production department in the city of Tyumen branch

ADOPTED at a meeting of the Pedagogical Council MBOU-SOSH 1 p. Stepnoe settlement of the Soviet district of the Saratov region Protocol from APPROVED Director of MBOU-SOSH 1 p. Stepnoe settlement of the Soviet district of the Saratov region

PARENT REFERENCE On safe participation of CHILDREN in road traffic 1 Your child: Passenger child Pedestrian child Cyclist child Motorcyclist child What the child should learn when studying

Rules for safe behavior on the railway Name the areas of increased danger at railway transport facilities Places of injury while at railway transport facilities According to

ADMINISTRATION OF THE CITY DISTRICT OF PERVOURALSK AGREED Chairman of the primary trade union organization Administration of the city district Pervuralsk L.M. Afonasiev? 9. % / 2017 APPROVED Business Manager

I.1. I.2. I.3. I.4. I.5. to ensure sanitary and epidemiological well-being and road safety in the transportation of organized groups of children by car» (developed by the Department

SMK-PD-PP01.01 PROCEDURE FOR DEPARTURE OF VEHICLES ON APPLICATIONS PROCEDURE FOR DEPARTURE OF VEHICLES ON APPLICATIONS Nizhnevartovsk - 2014 SMK-PD-PP01.01 Version 1 Date 27.02.2014 Page. 1/8 SMK-PD-PP01.01 CONTENTS: 1. General

DEPARTMENT OF PHYSICAL CULTURE AND SPORTS OF THE CITY OF MOSCOW

1. General safety requirements. 1.1. This instruction defines the basic general safety requirements for employees, students and pupils, aimed at preserving their life and health, preventing

1 2 1. PURPOSE AND TASKS OF THE DISCIPLINE 1.1. The purpose of teaching the discipline

REGULATIONS on organized transportation of students I. General provisions 1.1. The terms contained in these Rules have the following definitions: Bus is a motor vehicle for the carriage of passengers,

Adopted at a meeting of the governing board of MKOU "Fedorovskaya secondary school" protocol dated March 28, 2012 3 Approved by order of the municipal state educational institution "Fedorovskaya secondary general education

Road safety. Student, remember! About 1.3 million people die each year worldwide as a result of road traffic accidents (RTIs), and 8 million people become disabled.

A stopping point is a place where buses stop on a route for boarding (disembarking) passengers, provided for by the timetable. 1.3. This Regulation determines the Order of organized transportation of students

Maintain the PC and office equipment clean and in good condition, if it is impossible to fix the problem on your own, contact the engineer; help students do their own work

Municipal treasury educational institution“Krasnodubrovskaya basic comprehensive school” Considered and adopted by the decision of the School Council Minutes 4 of 01/27/2017 “I approve” Director

Production department in Tyumen On labor protection when people move around the territory of facilities 7 VERSION 1.00 TYUMEN 2015 APPROVED: Head of production department in Tyumen branch

1. General provisions 1.1. This Regulation has been developed in accordance with the Law Russian Federation"On Education" federal law dated December 10, 1995, 196-FZ "On Road Safety",

Appendix 1 to Order 1-278 dated November 28, 2014 Quality management system of the branch of "St. Petersburg State University of Economics" in Cherepovets document name page 2 of

Federal State Budgetary Educational Institution of Higher vocational education"Samara State Agricultural Academy" AGREED Chairman of the Trade Union Committee

This Regulation on labor protection at NOCHU DPO "Linguistic Center" (hereinafter referred to as the "Regulation") has been developed in accordance with the requirements of the current legislation on labor, labor protection and other regulatory

REGULATIONS on the organization of transportation of students 1. General provisions 1.1. This provision governs the relationship between the participants in the transportation - students living in the microdistrict "Taiga" to MOBU secondary school 6 and back

Test on the rules of the road for students in grade 1 1. Who is a road user? 1) Pedestrian, driver, passenger 2) Driver, passenger 3) Pedestrian, sailor, pilot 2. What part of the street

road users and general rules their behaviour. Pedestrian, safe behavior of a pedestrian on the streets and roads. Road users are drivers and passengers of vehicles and pedestrians.

ADMINISTRATION OF THE KRASNOGVARDEYSKY DISTRICT OF THE REPUBLIC OF CRIMEA DECISION 15.01.2015 urban settlement Krasnogvardeyskoye 05-p On approval of the Procedure for organizing free transportation of students of municipal budgetary general education

Instructions on labor protection when transporting students by road transport INSTRUCTIONS on labor protection when transporting students, pupils by road IOT 024 2012 1. General

Additional requirements for child safety Drivers should take into account that the level of development of the child does not yet allow him to fully assess the traffic conditions. At the sight of a child

AGREED APPROVED Chairman of the trade union committee Director of MBOU DO "TsDOD them. V. Voloshina "I.P. Cheredova 20 20 Instructions to heads of educational institutions and teaching staff working

Walking, work surface and ladder safety welcome Walking, work surface and ladder safety Contents Course objectives Slips, trips

Prevention of child injuries ON RAILWAY Railway This is a high risk area. But there are people who, looking at posters promoting the Rules for the safety of citizens when they are

Municipal state-financed organization additional education"Children's Ecological and Biological Center" Zheleznogorsk, st. Siberian, 19 tel. 76-23-54, 76-23-53, 76-24-44 fax: (391-97) 76-23-53 e-mail:

NAME OF THE ORGANIZATION TRAINING PROGRAM AND EXAMINATION TICKETS ON LABOR SAFETY FOR THE PROFESSION OF INCREASED DANGER: COURIER City 2010 APPROVED Head of organization Name of organization Full name

INSTRUCTION (AT THE WORKPLACE) ON LABOR SAFETY FOR STUDENTS Ekaterinburg 2010 http://urib.info/moodle 1 OCCUPATIONAL SAFETY FOR STUDENTS OF THE INSTITUTE All students must be instructed on labor protection. Each

Municipal Autonomous Preschool Educational Institution " Kindergarten 23 "Usinsk Approved by the order of the head of the MADOU" Kindergarten 23 "Usinsk 354 dated October 18, 2016 REGULATIONS on the organization

S G U P S

Fashion Technology competency Moscow 2016 Description of the Fashion Technology competency Fabric painting is one of the most popular fashion technologies. Creation of a collection of accessories in the technique of painting on fabric

Quality management system Biysk Federal State Budgetary Educational Institution of Higher Professional Education "Altai State Technical University. I.I.

Considered at a meeting of the pedagogical council of the school on 29.08.2013. protocol 1 REGULATION on the transportation of students to MBOU SOSH 20 1. General provisions. 1.1. This provision governs the relationship of participants

Reminder for pedestrians. Road safety When you walk down the street, you are a pedestrian. You are allowed to walk down the street only on sidewalks, keeping to the right side so that

Topic. Rules of conduct in transport and on landing sites. Purpose of the lesson: To introduce students to the rules of transportation of people by transport. To form in them sustainable behavioral skills in transport

6094 "Regulations on the peculiarities of the regime of working hours and rest time for car drivers." 2. Decree of the Government of the Russian Federation of October 23, 1993, 1090 (as amended) “Rules of the road of the Russian

FEDERAL RAILWAY TRANSPORT AGENCY Federal State Budgetary Educational Institution of Higher Professional Education "Irkutsk State Transport University"

Municipal educational institution "Shost'enskaya secondary school" (MOU "Shost'enskaya secondary school") These job responsibilities are developed on the basis of the Unified

CONVERSATION “We are passengers and pedestrians” Purpose: To form ideas junior schoolchildren on road safety when moving along the streets and roads. Introduce students to the terms of use

Injury Prevention Day Injury is a set of injuries that have occurred in a certain population group over a certain period of time. The highest level of injury is observed in men aged

Administration municipality"Tolyensky" ORDER dated September 29, 2017 22 p. Debesy On approval of the program for conducting primary (repeated, unscheduled) security briefings

Agreed with the Gosgortekhnadzor of Russia by a letter dated 05.11.03 12-07 / 990

R 50.1.084-2012 Risk management. Risk register. Guidance for Creating an Organizational Risk Register

set a bookmark

set a bookmark

Risk management

RISK REGISTER

Guidance for Creating an Organizational Risk Register

risk management. risk register. Guidelines on construction of organization risk register

Introduction date 2013-12-01

Foreword

1 DESIGNED BY AUTONOMOUS non-profit organization"Research Center for Control and Diagnostics of Technical Systems" (ANO "NRC KD")

2 INTRODUCED by the Technical Committee for Standardization TC 10 "Risk Management"

3 APPROVED AND PUT INTO EFFECT by Order of the Federal Agency for Technical Regulation and Metrology of November 29, 2012 N 1283

4 INTRODUCED FOR THE FIRST TIME

Information about changes to these recommendations is published in the annual index "Guidelines, recommendations and rules", and the text of changes and amendments - in the monthly information index "National Standards". In case of revision (replacement) or cancellation of these recommendations, a corresponding notice will be published in the monthly information index "National Standards". Relevant information, notification and texts are also placed in information system general use - on the official website of the Federal Agency for Technical Regulation and Metrology on the Internet

Introduction

The risk register is one way to present and store information about hazardous events and risks. The presence of a risk register allows an organization to obtain information related to a specific hazard source, consequences, target of hazardous events, etc. However, the development of a risk register, especially when a large number sources of danger, requires a lot of effort, time, financial resources, as well as a large amount of information.

The need to develop and maintain a risk register is determined by the organization itself.

3.2 risk register(risk register): A form for recording information about an identified risk.

NOTE The term "risk log" is sometimes used instead of the term "risk register".

3.3 danger(hazard): Source of potential harm.

NOTE Hazard can be a source of risk.

3.4 risk manager(risk manager): A specialist in the identification, assessment, analysis, processing, monitoring of risk, as well as other activities in the field of risk management of an organization.

4 How to develop an entity risk register

4.1 General

The organization should determine the need for development, stages, form and methods of maintaining a risk register. The main objectives of developing an organization's risk register, its place in the risk management system, the advantages and disadvantages of the risk register are established in GOST R 51901.21.

The organization's risk register is a form of keeping records of identified hazardous events, assessment of the corresponding risk, methods and timing of its processing. When maintaining a risk register, it is necessary to take into account the relevant mandatory requirements, as well as other available information on the types of hazard and the risk of its occurrence. Depending on the characteristics of the organization, the form and content of the risk register can be changed or supplemented in relation to the standard form of the risk register shown in Table 1 GOST R 51901.22.

When developing an organization's risk register, consideration should be given to:

• policy, objectives and strategy of the organization in the field of risk management;
• features of manufactured products and services provided by the organization;
• main production processes and management processes of the organization;
• established and used methods of risk analysis and assessment;
• legal requirements;
• operating conditions of manufactured products.

Responsibility for risk management should be assigned to the accountable risk manager or risk management team, including responsibility for risk control and monitoring. Requirements for risk managers are established in GOST R 51901.21.

Development, approval, maintenance and updating of the risk register of the organization should be carried out in accordance with clause 5 GOST R 51901.22.

The exchange of information on the risk register and ensuring the confidentiality of information related to the risk register must be carried out taking into account the requirements of clause 6 of GOST R 51901.22 and the recommendations established in R 50.1.070.

An example of a simplified risk assessment method and the development of an abbreviated risk register small organization is given in Appendix A.

4.2 Steps in the organization's risk management process

The main steps in developing an organization's risk register should be consistent with the steps in the risk management process. At the same time, the content of the stages depends on the characteristics of the organization's risk management. Risk management principles are set out in GOST R ISO 31000. The main elements of the risk management process for small organizations are shown in Figure 1.

Picture 1 - General scheme risk management process

A description of the main elements of the risk management process for small organizations is given in R 50.1.069.

4.3 Organizational risk management process map

Based on the risk management process in accordance with GOST R 51901.21, an organization can draw up a map of the risk management process. When developing a process map for small organizations, it is recommended to retain the basic elements of risk management (identification of hazardous events, quantification risk analysis and comparative risk assessment, risk treatment, monitoring and review), while their content can be refined depending on the characteristics of the organization.

4.4 Developing an organization risk register

4.4.1 General

The results of the actions performed at each step of the risk management process should be reported in the risk register. The rules for building a risk register are given in GOST R 51901.22. Standard form risk register is given in table 1 GOST R 51901.22.

The allocation of responsibility for the development and maintenance of an organization's risk register should be consistent with the steps in the risk management process, as information in the risk register should be entered and updated after each step of the risk management process is completed.

The main stages of developing an organization's risk register are described in paragraphs 4.4.2-4.4.6.

4.4.2 Establishing the purpose and scope of the risk register

The organization shall establish the organization's external and internal objectives, as well as risk management objectives, for the implementation of the remaining elements of the risk management process. Guidance on defining the scope of risk management is given in R 50.1.068.

When defining the objectives and scope of the risk register, the objects of the risk register are first defined. The objects of the risk register can be:

• the organization as a whole, its structural subdivision or its part;
• product, service, process or activity;
• personnel or individual workers.

General requirements for determining the scope of the risk register are established in GOST R 51901.21.

4.4.3 Development of risk criteria

The organization shall establish risk criteria. The criteria should reflect the purpose and scope. They often depend on the interests of the parties involved, as well as on relevant legal and/or regulatory requirements. Risk criteria can be operational, technical, financial, legal, legislative, social, environmental, humanitarian and/or others.

general description decision criteria should be developed when establishing the scope of risk management. Risk criteria should be refined and/or revised after identification specific type risk and the choice of risk analysis method. Risk criteria should be appropriate to the type of risk and how it is presented.

Risk criteria are usually included in the organization's risk register, but for smaller organizations, risk criteria may be established in the organization's documented procedures or other risk management documents.

4.4.4 Hazardous event identification

The identification of hazardous events should include the identification of phenomena and events that may affect the risk register items established within the scope of the risk register. General requirements for the identification of hazardous events for inclusion in the risk register are established in clause 4.2 GOST R 51901.21.

For small, small organizations, the identification of hazardous events can consist of three stages:

• definition of risk identification methods;
• identification of hazardous events;
• identifying the causes of a hazardous event.

The organization must first determine the methods for identifying the risk. The following methods can be used in risk identification: analysis of checklists, expert opinions, analysis of experimental and chronological data, analysis of the structural diagram of reliability, brainstorming method, system analysis, scenario analysis, methods of system design. These methods are discussed in more detail in GOST R ISO / IEC 31010. The choice of method depends on the type of risk, the scope and objectives of the organization's risk management, as well as the applicable and required controls and methods for managing the organization's risk.

Risk identification methods are usually recorded in the organization's risk register, however, for smaller organizations, risk identification methods may be defined in documented procedures or other documents of the organization's risk management.

The next step is the identification of hazardous events, at which the organization must draw up a general list of hazardous events that can adversely affect its activities and the achievement of objectives. Based on the list, it is necessary to describe in detail each identified hazardous event that can occur. When compiling a list of hazardous events, the hazard classification given in Appendix A can be used. GOST R 51901.21.

The name of the hazardous event must be formulated in a clear phrase. For a hazardous event whose name is sufficiently long, a short name may be used.

After identifying possible hazardous events, it is necessary to consider the sources and causes of their occurrence, as well as the possible consequences for the organization's activities.

Hazardous events, their sources and possible consequences are included in the risk register of the organization (regardless of its size).

When carrying out the hazard identification stage, it is recommended to take into account the requirements of GOST R 51901.23.

4.4.5 Risk analysis

General requirements for the risk analysis of dangerous events for inclusion in the risk register are established in clause 4.3 of GOST R 51901.22.

Risk analysis includes the study of the sources of hazardous events, their consequences and the likelihood of these events occurring. At the same time, factors affecting the consequences and probability of the event should also be identified. The risk should be analyzed taking into account the combination of the consequences of the event and its probability. In addition, the organization should review and evaluate the controls and controls in place. The magnitude of the consequences of an event and its likelihood need to be assessed against the effectiveness of existing strategies, controls and management practices.

Organizational risk analysis can be carried out in varying degrees of detail depending on the nature of the risk, the purpose of the analysis, available data and resources. Risk analysis can be qualitative, quantitative or combined. For small organizations, qualitative analysis is usually used to obtain overall assessment risk and identification of problems associated with risk. If the organization decides that further detailed analysis is necessary, then quantitative or combined methods of risk analysis can be applied. A description of these types of risk analysis is given in R 50.1.069 and GOST R ISO/IEC 31010.

The way in which the consequences and likelihood of events are presented in the risk register should be chosen in such a way as to ensure that the objectives of the risk analysis are met.

Risk analysis needs to take into account the uncertainty and variability in estimates of the consequences and likelihood of an event, as well as the effectiveness of risk communication. When entering quantitative data into the risk register, the associated uncertainty should (if possible) be indicated.

4.4.6 Comparative risk assessment

General requirements for comparative risk assessment for inclusion in the risk register are set out in subsection 4.4 GOST R 51901.22.

The purpose of a comparative risk assessment of a small organization is to make decisions based on the results of the risk analysis and risk acceptability criteria on the need for risk treatment and on the prioritization of risk treatment.

When performing a comparative risk assessment, one should be guided by the requirements of GOST R 51901.23.

The results of a comparative risk assessment are usually entered into the organization's risk register, unless otherwise specified in the organization's documented procedures or other risk management documents.

4.4.7 Risk treatment

The general requirements for risk treatment for inclusion in the risk register are set out in subsection 4.5 of GOST R 51901.22.

At the stage of risk treatment, a risk treatment strategy is selected, consequences are assessed, the probability of a dangerous event and risk (taking into account the application of the chosen risk treatment strategy), risk treatment measures, deadlines and those responsible for their implementation are determined, and the results of risk treatment are evaluated.

For small organizations, the mandatory elements of the risk register associated with the risk treatment stage are the definition of risk treatment measures, the timing of their planned and actual implementation.

Typically, a small organization's risk treatment budget is limited, so treatment methods must also establish the order in which each risk is treated. The organization should compare the total cost of a hazardous event when no action is taken against the cost savings realized by treating the risk and applying preventive action.

4.4.8 Risk monitoring and review of the risk register

General requirements for risk monitoring and review of the risk register are set out in subsection 4.6 GOST R 51901.22.

The organization must ensure the continuity of the risk management process, therefore, it is necessary to regularly monitor all types of risk and review the entries in the risk register.

The results of risk monitoring are usually recorded in the organization's risk register, however, for small organizations, these results may be identified in documented procedures or other documents of the risk management organization.

Annex A
(reference)

An example of a simplified risk assessment method and the development of an abbreviated version of a small organization risk register

A.1 General

The structure and composition of the risk register depends on the characteristics of the organization. A typical form of the risk register is given in GOST R 51901.22. Smaller organizations may use an abbreviated (simplified) form of the risk register, an example of which is shown in Table A.1.

Table A.1 — Simplified form of the risk register

identi- dangerous event indicator	Name- Hazardous event definition and description	Responsible risk manager	The last hazard event	Likely severity of hazardous event	Risk assessment	Risk treatment measures	Deadline for the implementation of risk treatment measures	Note- chani

When completing the risk register, the following scales can be used:

scale of consequences: 5 - catastrophic consequences, 4 - significant consequences, 3 - moderate consequences, 2 - minor consequences, 1 - insignificant consequences;

hazardous event probability scale: 5 - very high probability, 4 - high probability, 3 - medium probability, 2 - low probability, 1 - very low probability;

risk assessment: acceptable risk (0-4), controlled risk (5-8), significant risk (9-25);

risk treatment measures: (0) no risk, no action taken; (0-4) low risk, only low-cost actions are taken; (5-8) medium risk, actions are taken taking into account the time of their implementation and economic feasibility; (9-25) high risk, urgent need for risk mitigation; (16-25) high risk, application of immediate (emergency) actions to reduce the risk.

A.2 Risk matrix

A.2.1 General

The risk assessment method for hazardous events is given in GOST R 51901-23 *, however, small organizations can use simplified risk assessment methods, while taking into account the uncertainty of such risk assessments.

________________

*Probably an original error. Should read: GOST R 51901.23. - Database manufacturer's note.

Small organizations can use a risk matrix to assess the significance of a risk. For a systematic and consistent risk assessment, it is necessary to develop a risk matrix in accordance with the following steps:

• assessment of the likelihood of a hazardous event (A.2.2);
• assessment of the consequences of a hazardous event (A.2.3);
• compilation of a risk matrix (A.2.4);
• definition of risk treatment measures (A.2.5).

This example shows the simplest version of the risk matrix. The organization, depending on the conditions of risk assessment, can develop its own risk matrix.

A.2.2 Assessment of the probability of a hazardous event

In a small organization, depending on the object of the risk register, the risk manager must answer the question of what is the probability of a dangerous event occurring when applying the specified controls and methods of managing risk reduction measures. Table A.2 can be used for this.

Table A.2 — Estimation of the likelihood of a hazardous event

If there are doubts in the assessment of the probability of occurrence of a dangerous event, then the rank of the danger of the event is increased.

A.2.3 Assessing the consequences of a hazardous event

Depending on the area of ​​impact of a hazardous event, the risk manager must assess the consequences of a hazardous event with existing controls, management methods and risk reduction measures. Table A.3 can be used for this.

Table A.3 — Assessment of the consequences of a hazardous event

Consequence, in points	Description of consequences	Objects affected by a hazardous event*
	disastrous consequences	People, environment, economy, government and municipal government, social environment, infrastructure
	significant consequences	People, economy, infrastructure, environment, social environment
	moderate consequences	People, economy, infrastructure
	small consequences	Economy, infrastructure
	minor consequences	Social environment
* Hazardous event targets are for example only.

If there are doubts about the assessment of the consequences of a dangerous event, then the rank of this event is increased.

A.2.4 Compilation of the risk matrix

In this example, the simplest method of risk assessment is used - a qualitative assessment of the consequences and probability of a dangerous event. In this case, the risk is calculated as the product of the consequences by the probability:

The ranks of consequences and probabilities are determined according to tables 2 and 3.

The results obtained allow the construction of a risk matrix (Table A.4), which can be used as a basis for identifying acceptable and unacceptable risk.

Table A.4 — Risk matrix

Qualitative assessment of the probability of a hazardous event	Effects
	minor (1)	small (2)	moderate (3)	significant (4)	catastrophic (5)
Very low (1)
Low (2)
Medium (3)
High (4)
Very high (5)
Note - Risk assessment (risk rank): acceptable (0-4), controlled (5-8), significant (9-25).

For greater clarity in the risk register, the risk assessment can be highlighted in color:

green - acceptable risk (0-4);

yellow color - controlled risk (5-8);

red (dark red) is a serious and significant risk (9-25).

The identified types of risk can be ranked both in departments and throughout the organization. The ranking is based on a risk matrix (the product of consequences and likelihood) and makes it possible to identify most of the significant risks.

A.2.5 Determination of risk treatment strategy and measures

Depending on the risk assessment (see Table A.4), the actions to be taken for each risk recorded in the risk register should be determined. Table A.5 provides an example of actions to be taken based on risk assessment.

Table A.5 — Example of actions to be taken based on risk assessment

Risk assessment	Actions taken
Acceptable risk (0)	No risk, no action taken
Acceptable risk (0-4)	Low risk, only low-cost actions are taken
Controlled risk (5-8)	Medium risk, actions are taken taking into account the time of implementation and economic efficiency risk reduction measures
Serious risk (9-25)	High risk, immediate mitigation action needed
Significant risk (16-25)	Very high risk, immediate (emergency) risk mitigation measures should be taken

Risk reduction or risk treatment measures may be included in the risk register and/or may be developed as a separate document. In this case, a link to this document should be given in the risk register. In the example shown, the risk treatment activities are included in the risk register.

A.3 Additional provisions

Since the risk register is constantly updated, it is necessary to record the dates of the risk entries and any changes made. If the action plan is included in the risk register, the purpose and deadlines for completing the actions, provided by the plan, must be registered.

The comments or notes column in the risk register allows you to link to relevant information, such as holding a meeting where the risk was discussed.

The register of strategic risks for 2018-2019 was formed on the basis of the register for 2017-2018, analysis of external information, including the experience of the world's largest companies in the electric power industry, reports of consulting and insurance companies on the risks of companies in the fuel and energy complex and business in general, report on global risks of the World Economic Forum in Davos. Ranked according to the likelihood of implementation and impact on the Company's business and is presented below on the Risk Radar. The radar displays the Company's risk profile for 2018-2019. The risk assessment may be revised in the future due to changes in factors external environment.

All risks of the Company are under close attention of the management. A strategic risk management plan is formed annually, including both the existing control procedures regulated by the Company's local regulations, and measures aimed at improving business processes.

To assess the effectiveness of risk management in the Company, a system of scenarios and risk indicators for business processes of the Company and the RusHydro Group has been developed, monitoring of which allows you to track risk trends, and not just work off already realized losses.

Scenarios reflect the sequence of actions, phenomena that lead to the realization of strategic risks. The set and nature of scenarios for each risk is determined on the basis of the risk-forming factors of the Company's strategic risk register.

Risk Register of PJSC RusHydro for 2018-2019

Critical risks

Delays in commissioning new capacities Rise in the cost of investment projects Decrease in revenue from the sale of electricity (capacity), heat energy relative to the business plan Unfavorable changes/violations of legislation (Legal risks) Technogenic accidents and accidents at production facilities · Lack of funds, incl. received from external sources ( Financial risks)

Significant risks

· Risk of non-execution/decrease in efficiency of production programs Terrorism and cyberterrorism Failure to achieve target indicators by engineering companies (design, institutes, repair) Deficiencies and errors of the control system Reputational risks · Damage as a result of natural disasters and man-made accidents not at the facilities of the RusHydro Group Corruption risk Growth of receivables for the supply of electricity (capacity), heat, transmission services

Less priority risks

Inefficient integration of companies affiliated with RusHydro

Risk radar of PJSC RusHydro for 2018-2019

critical risks

significant risks

lower priority risks

Delays in commissioning new capacities

• a large share of uncertainty in the justification of projects;
• quality discrepancy project documentation;
• problems with the preparation of flood zones of reservoirs;
• significant dependence of the economic parameters of projects on environmental factors (availability of network infrastructure, sales markets by the time the construction object is commissioned);
• rising prices for equipment and materials in the construction process;
• disruptions in supply chains for various reasons;
• issues of interaction with the shareholders of PJSC RusHydro.

With respect to this risk, the Company monitors the following scenario:

• failure to meet the deadlines for the completion of work, leading to the unavailability of facilities for commissioning.

Rise in the cost of investment projects

This risk is of critical importance for the Company and is associated with the large scale of the investment program for the coming years, as well as the complex structure of management and financing of a number of projects. Risk factors are:

• design errors;
• low financial stability and bankruptcy of contractors and suppliers, violation of contractual obligations by contractors and suppliers;
• overestimation of the volume and cost of work due to overestimation of the physical volume of work and conversion factors to current prices, incorrect application of unit prices, calculations for products of in-house production, application of overhead and planned costs standards recommended for construction when manufacturing products in-house;
• adverse changes in legislation, incl. related to the tightening of requirements for procedures capital construction(correlates with risk 4);
• negative change in exchange rates (correlates with risk 6);
• low qualification/equipment of contractors;
• long terms for concluding contracts for the implementation of construction and installation works and design and survey works;
• failure to meet the deadlines for the provision of design and estimate documentation and design documentation for newly developed documentation, frequent changes to the design documentation;
• low quality of equipment and materials (low technological culture of manufacturers) (correlation with risk 5) (exogenous factor);
• acceptance of unfinished or partially completed work from contractors, failure to meet the deadlines for the completion of work, leading to the unavailability of facilities for commissioning;
• growth of inflation (exogenous factor).

• the total increase in the cost of capital construction projects in 2018 included in the RusHydro Group's IDP for 2018;
• an increase in the cost of priority construction projects.

The risk is critical due to overregulation of the rules of the electricity and capacity market, high volatility in electricity prices in the WECM, instability in fuel prices, a decrease in the solvency of counterparties as a result of the impact of the financial crisis, a decline in production, an increase in energy efficiency of consumers, adverse conditions(dry years), difficulties in forecasting equipment loading.

To reduce the negative impact of the risk on the Company, the following measures are taken:

• preparation of proposals for amendments to the regulatory legal acts in the field of electric power industry;
• revision on a regular basis of the sales policy of PJSC RusHydro;
• conclusion of hedging bilateral agreements on the day-ahead market (DAM), including the purchase of electricity to secure obligations;
• implementation of a commercial dispatching system;
• conducting work to reduce receivables for the supply of electricity and capacity.

With respect to this risk, the Company monitors the following scenarios:

• reduction in the volume of electricity generation relative to the volume specified in the business plan;
• deviation of the actual water content from the planned (forecast) value;
• revision of the PIWR in the direction of reducing the energy performance of the Company's HPPs;
• untimely approval of the IWRP (if necessary) in relation to HPPs scheduled for commissioning;
• decrease in RSV prices relative to the forecast price;
• an increase in the share of losses in the proceeds from the sale of capacity associated with undersupply of capacity due to forced downtime of equipment.

The critical risk of adverse changes/violations of legislation is noted as one of the most significant for the power industry not only in Russia, but throughout the world. Regulatory requirements are constantly tightened in terms of safety, insurance, ecology, etc., energy efficiency of consumers is encouraged, and over time, the influence of this factor on the company is likely to increase. The Company constantly monitors initiated and considered changes to the legislation, which in the future may have an impact on its activities, monitoring and revision existing standards and normative documents in the field of technical regulation. Representatives of PJSC RusHydro take part in significant events and round tables on changing legislation, held by legislative, executive and judicial authorities, public associations, professional legal associations and associations to represent their interests. Environmental audits are carried out regularly. PJSC RusHydro takes part as an expert in the processes of developing legal acts in the field of electric power industry at the sites of various bodies state power and industry organizations, including the Ministry of Energy of the Russian Federation, the Federal Antimonopoly Service, the State Duma of the Federal Assembly of the Russian Federation, the NP Market Council Association, etc.

With respect to this risk, the Company monitors the following scenarios:

• an increase in the cost of complying with the instructions of state supervisory authorities compared to the previous year;
• an increase in the number of violations identified by supervisory authorities;
• increase in environmental protection costs and fees for negative environmental impact;
• growth of losses from proceeds from the sale of capacity as a result of changes in the Rules of the WECM: introduction of penalties for exceeding the time the equipment is in scheduled maintenance (RT&R);
• the refusal of the Federal Tax Service of the Russian Federation to refund the VAT of the sub-developer implementing new construction projects, the emergence of an obligation to return the previously reimbursed VAT;
• additional accrual tax authorities property tax amounts.

The risk is reduced within the red zone due to the implementation of PCM projects and the corresponding increase in the reliability and safety of equipment, which leads to a decrease in the probability of risk realization. At the same time, due to the possible severe consequences from the realization of the risk of various man-made accidents, which may pose a threat to human life and health, lead to interruptions in production and subsequent loss of income of the Company, the risk remains in the focus of the Group's management. It is also possible to have a negative impact on the risk of management ties being broken in the event of privatization and/or reorganization of the management system for generating assets and facilities under construction. The factors of this risk are design errors that manifest themselves at the stage of operation, physical deterioration of equipment, violation of operating conditions and untimely repairs and technical re-equipment and reconstruction, poor-quality repairs and construction and installation works (CEW) for technical re-equipment and reconstruction (TRiR), the impact human factor, environmental impact. All of them can lead to failure of the main equipment and destruction of hydraulic structures. According to the Company's assessment, the probability of failure of equipment and structures is at the average statistical level. All main production facilities of PJSC RusHydro are insured. In addition, the Company is implementing a set of measures to ensure the reliability of equipment and facilities at the proper level, namely:

• full management repair work and implementation of a promising program of technical re-equipment and reconstruction;
• development of a quality control system for the supplied equipment, including the process of its production and shipment/delivery/implementation of construction and installation works and commissioning, as well as increasing the level of contractual responsibility of suppliers/contractors in the manufacture and supply of equipment and materials;
• conducting claims and lawsuits against unscrupulous contractors/suppliers;
• implementation of the recommendations identified during the execution of survey surveys of the facilities of PJSC RusHydro;
• strengthening the control of contractors / subcontractors on production sites in terms of reducing injuries, fires, unethical behavior, theft;
• development of regulatory and technical documents aimed at improving the processes of design and construction management;
• implementation modern methods equipment diagnostics without stopping, modern technologies management of production assets, including the necessary Information Technology;
• optimization of the structure and volume of spare parts;
• development of a system for managing the life cycle of equipment of operating hydroelectric power plants.

With respect to this risk, the Company monitors the following scenarios:

• actual index technical condition below forecast (all factors);
• an increase in the number of technology incidents compared to the previous year (all factors);
• an increase in the volume of undersupply of capacity associated with forced downtime of equipment (all factors).

In the context of ongoing stagflation and international sanctions, the risk is slightly reduced inside the red zone due to the revision of investment priorities. At the same time, it is possible to limit access to credit funds in the event of a long-term persistence of international sanctions. Most of the influencing risk factors are country and external factors for the Group.

For the Company, the risk of a shortage of funds received from external sources for the planned investments is critical. It is closely interconnected with the risks of implementing capital construction projects. The reduction of all or part of the sources provided for financing the investment program may lead to a delay in the timing of projects implemented by PJSC RusHydro or the implementation of a scenario in which the Company will be forced to suspend construction or even mothball a number of generating facilities under construction. Taking into account the high cost of work on the conservation of construction in progress, in some cases comparable to the cost of continuing construction, this fact will affect both the economic efficiency of the Company's investment projects and the results of its financial and economic activities in general.

This risk is managed by the Company by the following means:

• maintaining a sufficient supply Money and accessibility financial resources through the provision of credit lines;
• implementation of a balanced financing model working capital through the use of short-term and long-term sources;
• monitoring compliance with loan agreements to prevent violation of the Company's financial covenants;
• placement of temporarily free funds in short-term financial instruments (bank deposits and bills of exchange);
• conclusion of contracts with counterparties on “standard financial conditions”;
• introduction of a methodology for managing interest and currency risks, taking into account the credit policy of PJSC RusHydro;
• work on the preparation of flood zones of reservoirs of hydroelectric power plants under construction at the expense of funds federal budget and budgets of subjects of the Russian Federation;

With respect to this risk, the Company monitors the following scenarios:

• inclusion in the tariffs of economically justified expenses in the regulated period at an insufficient level;
• decrease net profit Society;
• shortage of funds to pay for foreign exchange obligations;
• decline working capital;
• an increase in attracted credit resources, an increase in shortfall in income, an increase in losses in the event that the amount of shortfall in income exceeds the amount to be reimbursed within the tariff, taking into account the forecast growth.

• Delaying the deadlines for approval of key financial documents of the Company and its subsidiaries;
• Long terms for concluding contracts for the performance of work (provision of services);
• Low financial stability and bankruptcy of contractors and suppliers;
• Low qualification of employees of contracting organizations;
• Low labor discipline of contractors;
• Imperfection of the monitoring system for the implementation of repairs and TP&R;
• Negative change in exchange rates (correlates with risk 1, 6 in terms of currency risk management).
• Unfavorable changes in the macroeconomic environment, including crisis phenomena in the global economy (correlates with risk 1).
• Lack of criteria economic evaluation efficiency of innovative projects/solutions.
• Uncertainty/impossibility to assess the effectiveness of individual innovative projects/solutions (exogenous factor).
• Insufficient tracking of world-class advanced and innovative technologies.
• Lack of funds.

Measures to manage this risk are similar to those implemented in the risks “Missing the deadlines for commissioning new capacities”, “Lack of funds, incl. received from external sources (Financial risks)»

Terrorism and cyberterrorism

This risk is related to the general tension in the political and social spheres countries, the activity of gangs in the North Caucasus and their attempts to transfer their activities to other regions of the Russian Federation, with a high probability of local and regional armed conflicts, an increase in the threat from international terrorism and the level of political instability in a number of developing countries due to the economic crisis, as well as with the activity of radical organizations, the development of industrial terrorism. In this regard, PJSC RusHydro assumes the emergence of risks associated with terrorist activities aimed at hydropower facilities, including in regions adjacent to the border with Ukraine.

Growth of cyberterrorist threats (by this moment Russia is in first place in the rating of exposure to cyber threats by the Kaspersky Lab and other studies). Lack of coordination with international anti-terrorist services in case of tightening international sanctions. A large share of automated control systems of foreign production. In order to reduce the impact of this risk on the Company, the following measures are taken:

• property insurance against the risk of "Terrorism and Sabotage";
• increase in the share of FSTEC-certified equipment and equipment of domestic production;
• conducting an audit of information and technical security.

The armed protection of objects is also carried out by the forces of units private security Ministry of Internal Affairs of Russia and Federal State Unitary Enterprise "Departmental Guard" of the Ministry of Energy of Russia. In addition, plans have been developed for interaction with law enforcement agencies to protect the Company's facilities in the event of a terrorist act being committed or threatened. Access and intra-object regimes have been introduced on the territory of hydropower facilities. Together with law enforcement agencies, activities are organized to prevent theft. The most dangerous threats are also assessed and mitigation plans are developed jointly with the civil defense and emergency services of the constituent entities of the Russian Federation, at the location of the Company's generating assets.

The risk can significantly affect the development of the company's business as a whole. In a crisis, a key development opportunity is to increase quality and reduce costs throughout all stages of the life cycle of the Group's assets by reducing the risks of engineering activities. At the same time, it is possible to restrict the access of engineering companies to credit funds in the event of long-term international sanctions and difficulties in obtaining funds in a freely convertible currency. The company considers this risk significant for itself due to the possible decline in the engineering part of the business due to its lack of efficiency and high competition in the market. In order to reduce the impact of this risk on the Company, the following measures are taken:

• creation of a unified design complex of PJSC RusHydro through the reorganization of design subsidiaries;
• implementation of the program for the development of engineering subsidiaries;
• launch of programs for international exchange of experience on repair and design subsidiaries;
• organization of advanced training of personnel and training of scientific personnel;
• development of standard sheets of scope of work for the repair of equipment and hydraulic structures;
• minimizing the risks of inefficient management of non-core activities through its consolidation in specialized service subsidiaries.

In order to manage the risk, the Company develops a system of activity regulation and business process management, optimizes the timing of procurement and approval, and interacts with stakeholders. The internal control division of PJSC RusHydro analyzes the main business processes in order to improve the control system and increase the efficiency of processes. Civil responsibility officials The company is insured against third parties. PJSC RusHydro implements corporate management standards in newly acquired or created subsidiaries and dependent companies, as well as the introduction of organizational project management systems, employee grading (grading is the construction of a system of job levels, taking into account the assessment of positions, strategy and corporate culture of the company), certification management personnel and implementation of individual employee development plans.

Reputational risks

The risk factors for this are:

• dissemination of incorrect and deliberately false information about the RusHydro Group in the public field;
• dissemination of negative (compromising) information about the RusHydro Group in the public field;
• unauthorized dissemination of information by RusHydro Group employees;
• unauthorized access of third parties to RusHydro Group facilities.

In order to reduce the impact of this risk on the Company, measures are taken to maintain the image of the Company when interacting with the investment community, special events are held for the media, publications are initiated in key all-Russian, regional and local media, information is regularly updated on the corporate website, in the corporate blog, community in the Live Journal, the Facebook group, the media is monitored on a regular basis.

The risk rating is unchanged. The significance of the risk is due to the uncertainty of the consequences and the complexity of predicting these risks. One of the most highlighted risks for fuel and energy companies according to insurance companies on the considered horizon. Improving protection procedures, but also possible risk events of force majeure similar to the 2013 flood. There is a possibility of systemic accidents, as well as losses as a result of natural disasters. To ensure system reliability in the entire power system in the event of local accidents, the Company has implemented and is modernizing in accordance with modern requirements centralized system of emergency automatics. PJSC RusHydro complies with the legislation of the Russian Federation in the field of industrial safety and uses the production control system functioning on its basis.

Corruption risk

Risk events are possible due to conflicts of interest in the event of a reorganization (including during privatization), while the quality of risk management is constantly improving. The growth of the probability of this risk in the whole world. As part of improving the system of controls to reduce corruption risks, the Company is implementing measures to suppress illegal actions: a system of integrated automated system control over the dissemination of information containing commercial secrets; monitoring of employees' compliance with the Regulations on insider information is carried out, and other measures are taken to influence the factors and consequences of corruption risks.

The risk is significant for the Company. In the context of unstable fuel prices, reduced solvency of counterparties as a result of the financial crisis, the lack of effective debt collection mechanisms, a decline in production, bankruptcy of counterparties, as well as in an unfavorable macroeconomic environment, the risk increased.

To mitigate the negative impact of the risk on the Company, measures are taken to manage accounts receivable in the Company, including the initiation of claim work, settlements outside the authorized credit institution WECM in accordance with the DOP within the framework of current activities in accordance with the Regulations on the Department for work on the wholesale electricity and capacity market and market analysis and the Regulations on interaction between structural divisions PJSC RusHydro on accounting for the fulfillment of obligations under contracts related to the sale of electricity and capacity.