Sustainability at Suncor

Risk management

Risk management is fundamental to achieving our business goals and requires a culture of operational discipline.

We make risk-informed decisions that reflect our culture of embedding sustainability considerations and are governed by our guiding principles for risk management. This requires ongoing identification, assessment, treatment and monitoring of risks inherent to our assets, activities and operations. Some risks are common to operations, while some are unique to Suncor.

Two workers at the permit office at Extraction Plant 86

Our risk management program is aligned with the International Organization for Standardization guidelines (the ISO 31000 Risk management – Guidelines). The guidelines provide principles, a framework and a process for managing risk.

Our risk management practice is governed by our risk management policy, and supported through processes such as risk management standards and risk matrix.  

Over the years, increased political and policy changes, activism and uncertainty about regulatory processes have added significant financial, social and climate risk to Suncor. To address these risks, we have an integrated policy and regulatory issues management process that takes a disciplined approach to managing these issues. 

Identifying principal risks

Principal risks are risks that have the potential to materially impact our strategic objectives. New risks can emerge and established risks can take on new forms or orders of magnitude. These risks are outlined in our Management’s Discussion and Analysis.

Risk governance

Suncor’s Board of Directors and Audit Committee are accountable for oversight of our principal risks and ensure systems are in place to manage their impact. All principal risks are reported annually to the Board and include details on what’s being done to address the risks, how they are being monitored and any changes in the risk profile.

Individual business units and functional teams mitigate and report on critical risks in their areas of business. Risk responsibility, accountability and ownership are appropriately assigned to ensure management of identified risks and are supported by a dedicated risk coordinators per business area. Measures are in place to ensure risk management decisions are properly and effectively implemented and monitored. 

Principle risks

Our 2020 Annual Information Form (dated Feb. 24, 2021) (100 pp., 1.2 MB) provides a comprehensive overview of significant risks applicable to Suncor and its businesses. Since 2016, carbon risk has been included as a principal risk and undergoes an annual review by the Environment, Health, Safety and Sustainable Development committee of the board.

Risk assessment and evaluation  

We use a single risk matrix tool to consistently assess risks in terms of magnitude of impact, consequence and likelihood. Having a single risk matrix allows the company to be aligned on terminology and approach. It also helps to assign responsibility for different levels of residual risk. The consequences are based on the following five receptors on the risk matrix:

  • Health and safety  
  • Environmental  
  • Regulatory  
  • Reputation  
  • Financial impact  

We also use the matrix to evaluate emerging risks and the impact they might have on the business. Examples of emerging risks include cyber security relating to supply chain and employee burnout and privacy.  

Operational Excellence Management System (OEMS)

OEMS establishes the requirements to operate in a way that is safe, reliable, cost-efficient and aligned with our purpose to continually improve our performance. It further promotes:

  • systematic management of operation risk
  • achievement of our operational objectives
  • prevention and mitigation of environmental and social impacts
  • development and sharing of best practices

The management review cycle, with leadership engagement and support, ensures continual improvement and identification of material opportunities to progress. Our ISO 14001 and 9001 certified facilities, primarily our refineries, are also subject to regular external audits.

Sustainability considerations in project development

Integrating sustainability into project development promotes organizational understanding and competency related to emerging policy, environmental and societal considerations. It leverages technology and advances the sustainability mindset to drive toward our purpose. Our governance framework ensures we’re systematically embedding sustainability considerations into planning and decision-making for new projects. We’re committed to environmental performance, thoughtful collaboration and meaningful stakeholder relationships that underpin our performance and align with our purpose. Strategic guidance is further integrated into our investment evaluation process that includes a focus on environmental, social and governance considerations and support our objectives. 

Suncor’s strategic priorities drive decisions at the portfolio level that are consistent with project development and execution efforts. Our Asset Development Execution Model ensures collaboration and engagement early in the project development cycle and articulates multi-criteria requirements including:  

  • early categorization and screening of environmental and social impact risks, as well as opportunities  
  • differentiating development options based on alignment with strategic priorities, goals and established sustainability criteria through the concept selection process  
  • incorporate sustainability risks into the project’s risk management process and identify related enterprise risks or opportunities  
  • define project sustainability performance impacts as part of stewardship, work element guide documentation and stage gate reviews for leadership decision making
On this page
On this page

Read more in the Report on Sustainability

Download the PDF