/ Compliance
Achieving Excellence
Furthermore, ensuring business continuity in accordance with best international practices and standards as well as ensuring compliance with the rules and regulations issued by legislative and regulatory bodies and apply the best comprehensive quality standards.
The division is also concerned with enhancing reputation, attracting customers and investors, reducing costs, maintaining profits, and providing analyses that enable decision-making.
/ Compliance
Towards...more resilience
The Governance, Risk and Compliance division has adopted several practices to support GASCO’s vision and strategy whereas the Enterprise Risk Management is responsible for protecting the interests of the company, its shareholders, employees, customers and all parties related to its business by managing potential risks in a way that enhances its strategy and ensures the continuity of its business.
The data management office is an important element in ensuring effective data management and providing possible analyses and predictions that enable the company to make informed decisions, in addition to the division’s role in preserving the company’s reputation by protecting it, raising the level of maturity of commitment to it, and ensuring the implementation of best practices to enhance relations with shareholders, investors, and all other company clients.
The division is also keen to raise the quality of products and services to customers by applying international standards for comprehensive quality, and raising the level of security and protection for the company’s assets by implementing the controls of the National Cyber security Authority.
/ Compliance
Achievements
In the past twelve months, the Governance, Risk and Compliance division achieved a number of important achievements. The division was also keen to apply the best standards of resilience and operational excellence, as it achieved the ISO 31000 certification in applying the principles and guidelines of the international standard for risk management and the ISO 9001 certification in quality management.
The division also achieved a significant increase in the percentage of compliance with controls and legislation issued by the National Cyber security Authority, which contributed to enhancing the level of security and protection for GASCO’s information and technical assets
This has been accomplished by promoting innovation and achieving excellence through investing in competencies and customer focus which has been by exceeding customer expectations, providing high-quality products, services, and working with stakeholders collaboratively to achieve sustainable development and mutual benefit.
One of the main focus areas in 2023 is supporting the transformation of the National Gas and Industrialization Company (GASCO) divisions into independent subsidiaries, which will increase flexibility and resilience, enhance innovation, support growth and achieve improved financial returns.
/ Compliance
VISION 2030
The Governance, Risk and Compliance division has significantly enhanced data governance and implemented effective data governance principles. Ensuring compliance with the controls of the National Cybersecurity Authority and managing potential risks in achieving Vision 2030 as well as enhancing the security of gas supply chains through periodic testing of business continuity plans, adopting standards and practices recommended by legislative and regulatory bodies, and applying them to all relevant areas of work in accordance with Vision 2030.
/ Compliance
Highlighted the Risks:
| Risks categories | Risk | Response Plan |
|---|---|---|
| Strategic risks | GASCO may face a decline in market share due to the entry of new competitors into the market. | The company is working to implement its strategy to keep it competitive, continuing to achieve technical progress and innovation in its operations, and working on initiatives to improve the quality of service provided to the consumer of gas supplies, while raising internal efficiency and launching strategic partnerships. |
| Operational risks | Risks associated with GASCO’s reliance on the reliability and security of IT systems | GASCO relies on information technology systems to facilitate its information, which makes it vulnerable to a variety of risks, starting from data loss or theft, electronic attacks, failure of control systems, and business interruption, all the way to system failure. The increasing global threats to information security and the most sophisticated electronic crimes pose a threat to the confidentiality of data and operations. The infrastructure of information technology systems, networks and services, their availability and security, and this may lead to a direct impact on GASCO’s business. Therefore, GASCO has developed business continuity plans and used manual procedures to contain the impact of such intrusions and adherence to the controls of the National Cyber security Authority, which ensures the safety of its systems from Breakthroughs. |
| Risks categories | Risks | Response Plan |
|---|---|---|
| Financial risks | The risks associated with the company’s profitability in setting the upper ceiling for liquefied petroleum gas and related to the state’s balanced policy to preserve the consumer’s standard of living with the fluctuation of the return on the investment portfolio. | GASCO is committed to meeting the entire local demand for liquefied petroleum gas in accordance with the regulatory regulations in effect in the Kingdom, according to the specified prices. These prices have led to achieving profits that are less than the profits that GASCO could have achieved. To reduce the expected impact, the focus was on strategic initiatives, which are mainly aimed at diversification, sources of income, and quality investments while rationalizing spending. |
| Risks related to the environment, health, safety and security | GASCO may be exposed to environmental, health, safety and security risks as a result of the nature of the company’s operations. | GASCO adheres to all laws and regulations related to the environment, health, safety and security. The latest standards for occupational safety and health and fire protection, and works to adhere to the requirements of The High Commission for Industrial Security, the standards of the National Fire Protection Association (NFPA) regarding extinguishing, and the standards of the Occupational Safety and Health Administration (OSHA), as well as the company was keen to obtain driver training certificates (ADR). Concerning the transport of hazardous materials on land roads. |