• Home
• Highlights
• Messages to Shareholders
• Business Overview
• Operating and Financial Review
• Corporate Governance
• Governance framework
• The Board and its Committees
• Shareholders
• Change of control provisions
• Corporate governance practices
• Internal control
• Risk management
• Compliance management
• Risk factors
• Directors’ Reports
• Consolidated financial statements
• Company financial statements
• General Information
• Shareholder Information

Risk management

Understanding and managing risks is integral to the way we run our business. We continue to have a well established enterprise-wide risk management process that ensures risks are consistently assessed, recorded and reported in a visible, structured and continuous manner, the outputs of which are primarily used as a management tool. A secondary and natural output from this process is information that provides assurance to management at all levels and thus helps safeguard our assets and reputation. It has been designed to manage rather than eliminate material risks to the achievement of our strategic and business objectives while also recognising that any such process can provide only reasonable, and not absolute, assurance against material misstatement or loss. This process complies with the Turnbull working party guidance (revised October 2005) and, in addition, contributes toward our compliance with our obligations under the Sarbanes-Oxley Act as well as other internal assurance activities.

Risk management in National Grid has become embedded over time and our experience of this has enabled us to identify a number of key success criteria linked to both the risk management framework and process that, if in place, will help ensure the process continues to remain embedded. Understanding this in the context of a Company that has changed considerably in size and geographic coverage since 2000 has been invaluable in helping to integrate different risk management processes seamlessly and effectively. For example, with regard to KeySpan we had already started to align process expectations prior to completion of the acquisition and because of this foresight are now making positive strides towards process consistency across our US and UK lines of business.

Within existing businesses, the risk management process continues to be based on both bottom-up and top-down assessments of operational, financial and other business or project risks. From the bottom up, business units and Corporate Centre functions prepare and maintain risk registers that capture their key risks and the actions being taken to manage them. The key element in the top-down assessment of our enterprise-wide risk profile is the involvement of the Executive Directors and other senior management at critical stages in the review process. Their review, challenge, and debate of the outputs of the bottom-up assessment against their top-down perceptions produce an overall evaluation of the risks that are faced by National Grid. Graphics that set out the Company’s risk profile and any significant changes to this between reporting periods have been designed to aid debate by the Executive, Risk & Responsibility and Audit Committees twice a year. The Audit Committee also reviews the risk management process at least once a year and reports on this to the Board.

During the year, we have benefited from this process through continued coordination with the Internal Audit function, Sarbanes-Oxley teams, and the Insurance team. The external benchmarking exercise has continued with a deliberate focus on energy utilities in similar lines of business to measure the effectiveness of our own approach and exchange ideas on best practice. We have completed the restructuring of risk and compliance services to deliver the support required by our global lines of business and to ensure approaches are consistent across the US and UK and continue to provide value to business operations, including major projects.

Our risk management process has identified the risk factors set out here.