We want to make sustainability an integral part of the way we do business.
With our Corporate Risk Management approach, we enable the identification, assessment, and consistent, comprehensive, and economically efficient management of any event that may disrupt operations within Zorlu Enerji companies.
We aim to make sustainability an integral part of how we do business. From how we manage our relationships to how we shape our financial operations, we believe that every decision we make should be based on sustainability principles.
This approach helps us build a resilient and future-ready organization that can adapt to changing regulations and reporting requirements.
Our Corporate Risk Management Model
We have established our Corporate Risk Management Model in an integrated and centralized structure to identify risks that may pose a threat to our business strategy. In this way, we can identify, assess, and manage risks more comprehensively, effectively, and cost-efficiently. In this process, a risk management system has been established in alignment with COSO’s Internal Control Integrated Framework and ISO 31000 Risk Management Standards. This system facilitates management by annually reviewing risks and opportunities in daily operations. The Corporate Risk Management and Finance Departments calculate the financial impacts based on scenarios and share the results with the Board of Directors and the relevant Board Committees. The Board analyzes sustainability risks and presents the most critical ones to senior management. The Board evaluates the risk level, determines necessary measures, and decisions are approved and implemented with the CEO.
The Zorlu Holding Corporate Risk Management Framework consists of the following steps. These steps are carried out by both Zorlu Holding and Zorlu Enerji organizations.
For the responsibilities at the Board of Directors and committees level regarding Risk Management, please refer to the Investor Relations page.
Enterprise Risk Management
Our Integrated Risk Management Practices
Corporate Risks
At Zorlu Enerji, we prioritize our identified corporate risks. You can access our categorized corporate risks in accordance with the Corporate Risk Management Procedure through the Integrated Annual Report of the relevant year.
Double Materiality Analysis
At Zorlu Enerji, we identify our priority topics and shape our sustainability strategy by evaluating financially significant issues and environmental and social impacts on our stakeholders through a “Double Materiality Analysis.” You can review the risks, impacts, and opportunities identified within the scope of the analysis via the link.
Climate-Related Risks
Climate change creates critical financial and operational risks for the energy sector. To manage these risks and meet investor expectations, Zorlu Enerji increases transparency by publishing the TCFD Report and supports IFRS S1-S2 compliance efforts. Zorlu Enerji places global climate risks and opportunities at the core of its strategic decisions. You can access our climate-related risks via the link.
Nature-Related Risks
Risks to natural ecosystems create a wide range of environmental and economic threats, from biodiversity loss to water crises. For a sustainable future, it is crucial to manage risks and protect ecosystems by developing nature-compatible solutions. You can access Zorlu Enerji’s risk studies on ecosystems via the link.
SEVESO & Process Safety
At our Kızıldere 3 Geothermal Power Plant, the largest geothermal facility in Turkey, process safety activities are meticulously conducted in compliance with the SEVESO – Directive on the Control of Major Accident Hazards and national regulatory requirements. Process safety is one of the key elements in minimizing operational risks at our facilities, ensuring employee safety, controlling environmental impacts, and guaranteeing uninterrupted energy production. Within this scope, we create a safe and sustainable energy production model through risk analysis, emergency planning, and continuous improvement processes. You can access the public disclosure statement via the link.
SEVESO & Process Security
Asset Management at Zorlu Enerji
Zorlu Enerji effectively manages the integrity and operability of its assets through targets, action plans, and corrective-improvement activities under its Asset Management Plan for geothermal operations. This plan is implemented with an integrated approach aligned with the Seveso Safety Management System to achieve the availability targets set by the company. In addition, by creating a policy supporting the asset management process, it aims to enhance operational efficiency and contribute to sustainability goals. This holistic approach reflects Zorlu Enerji’s performance- and safety-focused operational excellence mindset.
Information Security
Zorlu Enerji has established a comprehensive management mechanism to oversee information security activities and ensures accountability and effective risk management across various organizational levels. At the board level, responsibility for information security is carried out through a dedicated information security committee, and oversight is further strengthened by a board member with experience in information security. Executive responsibility is undertaken by the Chief Information Officer (CIO), who is tasked with managing information security issues. The company’s Information Security Management Program encompasses a wide range of initiatives, including business continuity plans related to information security, vulnerability analyses, and internal and external IT infrastructure audits in compliance with the ISO 27001 standard. In addition, Zorlu Enerji has implemented an escalation process for incident reporting and conducts regular awareness training to promote a culture of security among its employees.
Information Security Management System Policy