Risk Management: Roles and Responsibilities
Our board of directors and its committees oversee corporate risk management, while Marathon Oil executive and senior management is responsible for day-to-day risk management at the enterprise level.
Each board committee has specific risk oversight responsibilities:
- The Audit and Finance Committee annually reviews our Enterprise Risk Management (ERM) process, the latest assessment of risks and key mitigation strategies. It regularly reviews risks associated with financial and accounting matters and reporting; financial strategies and capital structure; and operational risks, including cybersecurity. The committee also monitors compliance with legal and regulatory requirements and internal control systems.
- The Corporate Governance and Nominating Committee reviews the board’s and company’s governance policies and procedures to ensure adherence to best practices and legal requirements. This committee also reviews director succession planning and committee assignments to ensure the directors’ skills and backgrounds are utilized to the best interests of the Company.
- The Compensation Committee reviews the executive compensation program to prevent excessive risk-taking, along with our incentive compensation program and succession plans to promote best practices for talent retention and development.
- The Health, Environmental, Safety and Corporate Responsibility (HES&CR) Committee regularly reviews and oversees operational risks, including those relating to climate change, HES and security. It reviews risks associated with social, political and environmental trends, issues and concerns, domestic and international, which affect or could affect our business activities, performance and reputation.
Our board receives regular updates from these committees and reviews additional strategic risks not specifically within the purview of any particular committee. Key risks associated with the strategic plan are reviewed annually at our board’s strategy meeting and periodically throughout the year.
ERM roles and responsibilities are identified for clear oversight and accountability as follows:
ERM Roles and Responsibilities
|Board of directors and committees of the board||Oversight of enterprise risks|
|Audit and Finance Committee||Oversight of ERM process|
|CEO and Executive Committee||Management of enterprise risks|
|CFO||Executive sponsor for ERM|
|VP and Treasurer||ERM process owner|
|Internal Audit||Incorporates ERM risks and mitigations into the annual Internal Audit Plan|
|Risk Owners||Ownership and accountability of particular ERM risks|
Enterprise Risk Management
Marathon Oil employs the ERM process to identify and effectively manage the most significant risks to our business. Led by treasury, the process includes group interviews with senior leaders and key personnel in their organizations, biannual internal risk assessments and risk owner meetings, and an annual board update and discussion. Feedback from the board and senior managers serves as an input into strategy discussions. Enterprise risks are managed through existing and new mitigations and controls supported by the Marathon Oil business plan. ERM ensures accountability by validating risk controls and mitigations, with metrics where possible.
ERM identifies and evaluates risk based on the impact to the organization from an enterprise value perspective and from the perspective of our employees, customers, suppliers, communities where we operate and other stakeholders. Each identified enterprise risk has an owner and an assessor to ensure ownership, accountability and transparency. The risks identified in February 2020, prior to the COVID-19 pandemic, are below:
Identified ERM Risks
|Top Risks||Medium Risks||Low Risks|
|Climate Change||Compliance||Financial Strength|
Marathon Oil describes our material risks in our forward-looking statement, in the Risk Factors section of our Annual Report on Form 10-K, our Quarterly Reports on Form 10-Q, and other public filings and press releases. These resources are available at www.marathonoil.com.
Responsible Operations Management System
The Responsible Operations Management System (ROMS) is the framework to drive continuous improvement, ensure regulatory compliance and reduce operational risk across Marathon Oil. Business units must meet the minimum standards for HES&S performance set within ROMS.
The ROMS ownership structure assures accountability and transparency, and promotes knowledge sharing across the enterprise. An executive steering committee oversees ROMS implementation, with business unit-level ROMS committees further driving accountability. Each of the 14 elements has an executive owner, technical advisors and subject-matter experts who drive progress.
|ROMS ELEMENT||ELEMENT OWNER¹||TECHNICAL ADVISOR²|
|Leadership and Accountability||SVP, Operations||VP, HES&S|
|Regulatory Compliance||Regional VP, Permian||HES Manager|
|Risk Assessment and Management||VP, Operations (Oklahoma and Land)||Corporate HES Training and Risk Manager|
|Management of Change||RVP, Equatorial Guinea||Corporate HES Training and Risk Manager|
|Design and Construction||VP, Operations (Bakken and IPO)||Production Manager|
|Safe Work Practices||VP, HES&S||Corporate Health and Safety Manager|
|Training and Competency||VP, HES&S||Corporate HES Training and Risk Manager|
|Operations, Maintenance and Integrity Management||VP, Operations (Bakken and IPO)||Surface Solutions Manager|
|Operational Readiness||Operations Director||HES Manager|
|Emergency Preparedness and Community Awareness||VP, Operations (Oklahoma and Land)||Corporate Security and Emergency Preparedness Manager|
|Event Management||RVP, Eagle Ford||Corporate Health and Safety Manager|
|Third-Party Services||Operations Director||HES Manager|
|Governance and Document Control||Production Manager||ROMS Coordinator|
|Audit and Improvement||SVP, Operations||HES Manager|
Mandatory health, environmental, safety and security (HES&S) policies, standards and procedures drive consistency across Marathon Oil, communicate expectations and set performance requirements. Our policies and standards cover a range of activities including Stop Work Authority, Event Management, Control of Hazardous Energy and Hot Work. We update the standards to reflect changes in laws or regulations, and incorporate recommendations arising from audits, incident investigations and lessons learned sharing to drive continuous improvement in HES performance.
Through programs such as Lessons Learned Sharing and Contractor Management, we raise awareness of our requirements among employees, contractors and suppliers.
The ROMS Audit and Improvement element promotes adherence to our standards and regulatory requirements that focus on:
- Tier I: Physical checks of facilities and equipment to ensure conditions are satisfactory
- Tier II: Risk-based audit to monitor effectiveness of processes, procedures and systems
- Tier III: Management system audit to determine conformance and effectiveness of management system expectations
Business units develop plans to address audit findings, track the plans through completion of corrective actions and share lessons learned. Key audit findings and trends are communicated to HES&S leadership and executive management, who then set priorities to seek solutions for gaps or issues that are identified.
How are we doing?
Your opinion matters. Please take a moment to let us know how useful you find the content on this page.
If you’d like to give us your feedback on the entire report, please fill out the complete survey for the 2019 report.