You are using an outdated browser. Please upgrade your browser to improve your experience and security.

Risk Management

We effectively identify, evaluate and mitigate risks and their impacts to our business and our stakeholders. Our governance framework is designed to manage this process and our Board of Directors is ultimately responsible for risk oversight.

A large part of our business is made up of regulated utilities whose governance policies and compliance reporting are subject to significant regulatory scrutiny.

Enterprise Risk Management Program

Our management systems integrate a culture of safety and emergency preparedness throughout our value chain. All levels of our organization are engaged with our Enterprise Risk Management (ERM) program.

As part of our ERM, senior leaders work together to identify the material risks and develop appropriate mitigation strategies. These risks are validated and ranked, then reviewed with the Board and its committees.

Critical Incident Risk Management

The EHS Committee is responsible for mitigating the risk of sudden, unexpected, critical events such as natural disasters. Due to the regulated nature of our Utilities, we operate under strict regulations for emergency preparedness.

How we anticipate and prepare for incidents is foundational to our approach to emergency response. Our people take part in training to ensure readiness for a critical incident.

For a detailed review of our key risks, read our Annual Information Form

Pipetown Safety Training Site

How we anticipate and prepare for incidents is foundational to our approach to emergency response. Our people take part in training to ensure readiness for a critical incident.

Directors and senior leadership also take part in Safety Stand Downs, where they meet with our people in the field to discuss safety.

Find out more about our commitment to customer safety

Information Security and the Risk of Cyberattack

Protecting the safety and effectiveness of our operations and the security of customer, employee and company data is paramount. Oversight of cybersecurity risks falls under the Audit Committee. To mitigate, identify and manage our highest cyber risk exposures, we have implemented preventive, detective and remedial measures.

Our cybersecurity program is designed to:

  • improve our security posture
  • reduce risk
  • ensure the protection and availability of critical data and systems

We follow the National Institute of Standards and Technology (NIST) framework for information security. Our people go through regular training to improve cybersecurity and risk awareness.

Questions?

For any inquiries regarding this report or its contents, please contact ESG@altagas.ca.