Integrated Risk Management

Risk Management Approach

With our Corporate Risk Management approach, we identify and evaluate all events that may disrupt the operation of Zorlu Enerji Companies; We enable it to be managed consistently, comprehensively and economically.

  • We have established the Corporate Risk Management approach we apply within the framework of COSO (Comittee of Sponsoring Organizations) and ISO 31000 Risk Management Standard.
  • We support them on the way to our Company's goals and objectives by managing the risks we have identified, not separately, but with a portfolio approach at a certain risk tolerance (risk appetite).
  • While making a risk assessment; We measure and evaluate risks within the scope of their probability of occurrence and effects.
  • While making risk assessment, we create a risk inventory in which the economic, environmental and social impacts of our company are evaluated, and we define our approach to risks with a SWOT analysis.

The fact that the Corporate Risk Management shall be independent and dynamic process, it is crucial in terms of detecting and measuring these risks that may cause deviation from company goals and objectives.

With our Early Detection of Risk Committee, we aim to detect risks that may endanger the existence, development and continuity of our Company, to implement the measures related to the identified risks, and to manage the risk.

  • Our Early Detection of Risk Committee meets several times a year by the Corporate Risk Management Department within the scope of its duties specified in the Working Principles.
  • The decisions taken as a result of the Committee's examinations are reported and presented to the Board of Directors.

We use the QDMS software for the management of our risks, periodically review the local and international legislation requirements in line with the expectations of the relevant parties (credit institutions, legal authorities, etc.), and take our actions specific to the relevant environmental and social risks within the scope of Environmental and Social Action Plans.

At our Kızıldere III Geothermal Power Plant, Turkey's largest geothermal facility, we carry out process safety studies in line with the requirements of national legislation in line with the SEVESO-Major Accidents Prevention Directive.

We monitor and report our environmental risks, our emissions from our power plants, in accordance with relevant local and international expectations.

The amount of mercury in coal is regularly monitored. Within the plans of Lüleburgaz Thermal Power Plant, the amount of mercury remaining in the base ash, fly ash and gas phase of the thermal power plant will be determined separately You can access the 2024 Mercury in Coal Phase Measurement Report through the link.

Gas Leakage Rates

Year

2021

2022

2023

Transport (% leakage)

0

0

0

Distribution (% leakage)

0.004

0.003

0.003

Storage (% leakage)

0

0

0

Fugitive and ventilated gas leakage rate is given for natural gas distribution business from GAZDAŞ Trakya and GAZDAŞ Gaziantep operations.

You can access Zorlu Enerji's detailed Enterprise Risk Management via the link.

Cybersecurity & Compliance

IT and business leaders recognize the significant risks posed by cyber threats, understanding their potential societal and economic impact. The World Economic Forum's (WEF) Global Risks Report offers valuable insights for strategic decision-making, highlighting that AI and cyber threats rank among the top global risks for the next 2-10 years.

Cyber insecurity, including cyber warfare and crime, is rated as the fourth highest short-term risk and eighth over the long term. The report emphasizes the rising threat of AI-powered misinformation and the flourishing of cybercrime, driven by new tools and capabilities. Additionally, it notes the increasing collaboration between state-sponsored attacks and organized crime, posing further risks to various organizations.

Experts advocate for integrating cybersecurity into organizational culture, emphasizing continuous monitoring, data protection, and employee training. Recognizing cybersecurity as a driver of business growth rather than merely a defensive measure can enhance stakeholder trust. The WEF report serves as a crucial tool for Chief Information Security Officers (CISOs) to secure board support and funding for cybersecurity initiatives. Overall, it underscores the urgent need for organizations of all sizes to prioritize cybersecurity investments.

In line with Global Risk Report’24, Zorlu Enerji prioritizes cybersecurity risks with great importance. As part of its corporate risk management efforts, it manages cybersecurity risks and implements necessary measures. For information regarding the governance structure related to this context, please visit the link.