RU | EN
Back Back
    1. 4.1 The Memo of the Controlling Stockholder (PAO Rosseti) with Regard to the Controlled Grid Company
    2. 4.2 Corporate Governance Practices
    3. 4.3 General Meeting of Stockholders
    4. 4.4 Board of Directors’ Progress Report
    5. 4.5 Board of Directors Committees
    6. 4.6 Corporate Secretary
    7. 4.7 Executive Bodies
    8. 4.8 Remuneration and Compensation Policy
    9. 4.9 Settlement of Competing Interests
    10. 4.10 Risk Management, Internal Control and Internal Audit
    11. 4.11 Board of Internal Auditors
    12. 4.12 Auditor
    13. 4.13 Management of Subsidiaries and Affiliates
    14. 4.14 Stockholder Equity and Securities
Download center
Data analysis
Browsing history
Social networks
Feedback
Version for the visually impaired
Print out
Share
Send to E-mail Copy link
Add to downloads
View PDF
Document for 2024

For the operation of the site, we collect cookies, information about the IP address and location of users. If you do not want this data to be processed, please leave the site.

You didn't fill in the Email field

4.10 Risk Management, Internal Control and Internal Audit

A risk management and internal control system is in operation within the Company, aimed at ensuring reasonable assurance in achieving the Company’s objectives and the Rosseti Group’s development strategy, including the provision of reliable, high-quality, and affordable electricity supply to consumers, as well as operational objectives of financial and economic activities.

The principal documents regulating the organization and functioning of the RM&ICS within the Company comprise the Risk Management and Internal Control Policy, risk appetite statement, Risk Management and Internal Control Organization Procedure, risk assessment and monitoring methodology, risk appetite determination procedure, RM&ICS development program, risk management and internal control glossary, and risk register. To ensure the RM&ICS effectiveness and conformity with evolving requirements and conditions, the Company’s internal auditor conducts assessments of the RM&ICS reliability and efficiency against the target state and maturity level.

In the reporting year, the Company implemented the following principal measures to enhance the RM&ICS:

  1. Development/update of regulatory and methodological documents in risk management and internal control:
    • Risk appetite statement;
    • Risk Management and Internal Control Organization Procedure;
    • Risk Appetite Determination Procedure;
    • Risk Management and Internal Control Glossary;
    • External Control (Supervisory) Body Inspection Logging Regulation.
  2. Approval of the Company’s Business Process Model, organization of business process passport development, and update of business process risk matrices and control procedures.

The following measures to enhance the Risk Management and Internal Control System (RMICS) are planned for implementation in 2026:

  1. Documentation of business processes in accordance with the updated Company Business Process Model;
  2. Update of internal documents in the field of risk management and internal control;
  3. Enhancement of the financial stability control mechanism, including support for counterparty liquidation and bankruptcy procedures.
Indicator MU 2023 actual 2024 actual 2025 actual 2025/2024, %
Number of conducted control activities focused on risk exposure and mitigation pcs 410 431 388 -10.0 %
Number of examined procurement-related materials (items) pcs 4,177 2,514 1,972 -21.6 %
Number of eliminated violations following the inspections conducted by external watchdogs pcs 789 2,512 1,671 -33.5 %
Total sum of annulled fines after appeals against decisions to impose administrative sanctions RUBruble million 19.5 57.35 4.7 -1,120.2 %
Total funds received by the Company from contractors under liquidation and bankruptcy procedures RUBruble million 144.465 758.127 734.443 -3.1 %
The total amount of funds saved by the Company as a result of acquiring its own debt at auction from debtors undergoing bankruptcy proceedings RUBruble million 0 0 0

The department responsible for performing the internal audit function within the Company is the Internal Audit Department. Pursuant to the Internal Audit Policy of PAOPublic Joint-Stock Company Rosseti Ural, the Internal Audit Department is functionally subordinate to the Board of Directors, which oversees and coordinates its activities. The purpose of internal audit is to strengthen the Company’s capability to create, protect, and preserve Company value by providing the Board of Directors and executive bodies of the Company with independent, risk-based, objective assurances, opinions, recommendations, and forecasts. As of 31 December 2025, the headcount of employees performing the internal audit function comprises 8 full-time positions.

The principal internal documents regulating internal audit activities include:

The Head of the Internal Audit Department receives feedback from the sole executive body, the Audit Committee of the Board of Directors, and the Board of Directors through various forms of interaction with the sole executive body and the Audit Committee, including analysis of the Audit Committee and Board of Directors decisions/recommendations on matters within the competence of internal audit, as well as through surveys of the sole executive body and Audit Committee members. The Audit Committee satisfaction rating with the Internal Audit Department performance (weighted average score from surveys of participating Audit Committee members divided by the number of participating members) for 2025 corresponds to the «Fully Compliant» rating.

Following the external independent assessment conducted in 2024, in the opinion of OOOLimited Liability Company B1-Consult, the internal audit of PAOPublic Joint-Stock Company Rosseti Ural received the highest rating, indicating that the Company’s internal audit «generally conforms» to the International Standards for the Professional Practice of Internal Auditing, the Code of Ethics, and the Internal Audit Policy, specifically: it has an internal audit regulation, policies, and procedures, the execution and results of which are assessed as conforming to the International Standards for the Professional Practice of Internal Auditing.