The company's general risk management processes and policies

3.2 The company's general risk management processes and policies

The objective of Fingrid's risk management is to make preparations for cost-effective measures providing protection against damage and loss relating to risks and to ensure the commitment of the entire personnel to considering the risks pertaining to the company, its various organisational units and each employee. In order to fulfil these objectives, risk management is continuous and systematic. The significance of individual risks or risk entities is assessed against the present level of protection, taking into account the probability of a harmful event, its financial impact and impact on corporate image or on the attainment of the business goals.

Risk management is planned as a whole with the objective of comprehensively identifying, assessing, monitoring and safeguarding the company’s operations, the environment, personnel and assets from various threats and risks. Due to the nature of the company’s basic mission, risks are also assessed from a societal perspective.

The Board approves the key principles of internal control and risk management and any amendments to them. The Board of Directors approves the primary actions for risk management as part of the corporate strategy, indicators, action plan, and budget. The Board of Directors (Audit Committee) receives a situation report on the major risks relating to the operations of the company and on the management of such risks.