Key reporting lines and the three most common risk operating models: energy & utilities sectors

4 min read
Jun 23, 2022

Our latest benchmarking report, Risk operating modelsenergy and utilities sectors, is providing risk leaders with effective material to drive change at their organisation and boost their risk function’s resources. Here we distil the key findings from the report.

Download now [Free Excerpt]: Benchmark report: Risk operating models in the energy and utilities sectors

Data is knowledge, and knowledge gives you options.

It can be difficult to understand the structure of risk teams at other organisations both within and outside of your sector, and this can make it difficult to strive for change at your own company. Is your risk team above average in terms of headcount? Do other organisations make use of risk champions and risk partners like yours does? How do your risk function’s main responsibilities compare to others’?

Based on member requests made through the network assistance opportunities included in membership, Risk Leadership Network has developed a benchmark report, Risk operating models – energy and utilities sectors, that’s empowering risk leaders to compare their risk operating models against others in their sector and against the main operating models used outside of their sector.

Members are using the benchmark report as leverage to gain greater resource internally; as blueprints to evolve their risk function and its responsibilities; or even as a tool to push back on operating model recommendations made by external consultants.

We’ve interviewed more than 50 risk leaders across diverse industries and around the world to develop a robust framework against which we can now benchmark sector trends and divergences between participants within a particular sector.

Our energy and utilities report is the latest sector benchmark we’ve developed for, and with, risk leaders.

The report reveals, for example, policy governance, BCM, crisis management and compliance are often found in the group risk function at energy and utilities companies, which is not necessarily seen at the broader market level.

The benchmark report comprises three main sections:

  1. Where does Risk sit – a deep-dive into the four most common reporting lines across this sector, including the positives and negatives as experienced by risk leaders themselves
  2. How is Risk structured – the three most common risk operating models for this sector plus outliers, compared to the four most commonly found across other sectors
  3. Key risk team components – key trends by company size revealed in the benchmarking data, including group risk headcount averages; frequency of risk reporting to board committees; and size of risk champion network, plus more

You can download an excerpt of the report, which details the benchmark’s key findings on reporting lines and a deep-dive of the pros and cons of the most popular reporting line across the sector, by clicking here.

Key reporting lines

Across the energy and utilities sectors, Legal has emerged as the most common current reporting line (see the chart below for the top four).


However, this does not mean the area is necessarily viewed as the “ideal solution,” with a number of trade-offs explored further in the report.


The report dives into each of the four main reporting lines, detailing the pros and cons of each, as experienced by practising risk leaders across organisations in the energy and utilities sectors.


Three most common operating models across the sector

Our research has identified three main operating models used across the energy and utilities sector, including one centralised model and two decentralised.


Alongside the models as organisational diagrams, the report also provides analysis on the different team structures and trends evident in the data collected.

Here are just five of the key findings explored further in the report:

  1. Like the broad cross-sector market, the energy and utilities sectors’ group risk functions commonly include ERM and assurance. Unlike the broader market, however, policy governance, BCM, crisis management and compliance are also typically found within Risk in energy and utilities
  2. Policy governance appears to be a growing area of ownership for Risk in this sector – over half of the participants said Risk owns the function, with the majority of them having recently acquired it
  3. Some 60% of companies in the sector use a risk champion network, and the size of the organisation seems to impact the effectiveness of the network
  4. A medium-sized organisation in the sector (annual turnover between US$1 bn and US$4.9 bn) has on average 5.5 FTEs dedicated to ERM – the average is quite different for small and large companies
  5. Risk in smaller companies is more likely to report to Finance, and is less likely to have formal exec-level reporting arrangements in place

Want to read the full report?

To find out more and download an excerpt of the report, which details the key findings on reporting lines and a deep-dive of the pros and cons of the most popular reporting line across the sector, click here.

To learn more about Risk Leadership Network membership, click here.

Get new posts by email