The risk management and internal control system is updated in line with internal and external developments. We apply the ‘three lines’ model for risk management purposes. Each line of defence has its own responsibility in the management and control process:
- The first line is responsible for identifying, managing and monitoring the risks within its processes and for an effective risk management and control system.
- The second line supports, advises, coordinates and sets frameworks to ensure that the management genuinely takes responsibility. This line therefore provides additional assurance within Alliander.
- The third line provides additional assurance about the question whether the first and second lines can jointly manage the risks, so that the organisational objectives are achieved. The third line gives an objective and independent opinion on this matter, including suggestions for possible improvements. The third line operates objectively and independently from all other parts of the organisation.
In addition, various other measures are in place to manage our risks, such as the Planning & Control Cycle, the Risk Management Framework, the Business Control Framework and the Alliander Accounting Manual. The administrative responsibility for monitoring the quality of managing our top risks takes place by the Alliander Resilience Committee, the Executive Board and the Supervisory Board.