Internal and external events may pose a risk to our continuity or strategic goals. We monitor these risks closely, calculate their probability, and take action to mitigate their impact.

Because we are transparent about our risk exposure, we can adjust more rapidly to achieve our goals. It also allows us to comply promptly with statutory and regulatory requirements.

Risk management

We use Enterprise Risk Management to achieve our goals responsibly. Our ERM policy is based on the COSO Enterprise Risk Management model and covers all aspects of our business, ranging from strategic and operational risks to (financial) reporting reliability and legal and regulatory compliance.

Across all levels of the organisation, line management is responsible for identifying risks and implementing controls in a timely fashion. This decentralised responsibility is an essential element of the way in which Enexis Holding N.V. addresses its risk exposure.

At group level, compliance with the ERM policy implementation is monitored by the Management Consultation body, which comprises the Executive Board, the directors of INFRA, Asset Management, Finance, HR, ICT, Customers & Markets, Fudura and the Secretary. The Strategic Risk Analysis results and the status of the LOR issues are also reported to and discussed by the Audit Committee. The Executive Board issues its ‘In Control’ statement on the basis of this process.

Tools, procedures & control systems

    To identify events that threaten the company’s continuity or its ability to achieve its strategic goals in a full or timely fashion.
    To identify, design, set up, implement and continuously improve the business processes.
    To identify risks that may affect the process objectives. The risks identified and controls implemented are documented in the Internal Control Framework.
    Semi-annual assessment of key controls by all departments. Key risks are reported to the Executive Board in an internal Letter of Representation (LOR).
    To ensure the continuity of our services.
    To discuss progress and relevant developments regarding strategic risks, LOR issues, and actions to be taken following internal audits.
    To draw up the asset maintenance and investment programme for the company’s assets.

In addition to Enterprise Risk Management, we use internal audits and the external auditors’ reports as a safety net.

Internal auditors

Enexis Holding N.V. has an internal audit function with independent auditors. They provide management and the Executive Board with additional assurance about operational control, effectiveness, efficiency and compliance.

The internal auditors report to the chairman of the Executive Board and are subject to supervision by the Audit Committee. The Audit Committee advises the Executive Board on the role and performance of the internal auditors.

The annual audit plan, adopted by the Supervisory Board, provides a description of the internal audits to be conducted. The progress achieved and the key audit findings are discussed by the Audit Committee. The Internal Audit & Risk findings are also reported to the external auditor.

External auditor

Ernst & Young Accountants LLP is the company’s external auditor. The Supervisory Board’s Audit Committee monitors the relationship with the external auditor, who also attends the Audit Committee meetings.

Working safe and healthy

The Executive Board of Enexis Groep feels responsible at all times and in all places for the Health, Safety, Welfare and Environment (HSWE) of all employees working for or on behalf of Enexis. Our policy is aimed at realising an optimal safe and healthy working climate. In general our ambition is:

  • to avoid any accident;
  • every employee goes home healthy every day – we all make sure of that together;
  • moving towards a higher safety culture.

Code of conduct

Respect for one another, integrity, honesty, and safety and security form the basis of our operations and the way we work together. Legal compliance and corporate social responsibility are also key to our code of conduct.


We encourage our employees to report to management any – suspected – wrongdoing within the organisation that may have a wider social impact. Our whistleblowing policy describes how a wrongdoing is to be reported and handled. Our code of conduct also contains the whistle blowing policy. If you want to report a wrongdoing, you can do it here.