Our unified enterprise risk management (ERM) framework and standard bring together issues related to health, safety, environment, climate, financial and operational risks, within one management system, driving consistency in our risk management practices across the group. This includes an updated risk breakdown structure which defines the risk categories applicable across our entire business operations. Our ERM framework defines a systematic approach to identifying, analyzing, evaluating, prioritizing, monitoring and responding to risks, supported through bespoke processes and enabled by a digital risk management platform serving as a single source of truth for managing risks. Risk management tools, such as and not limited to a unified corporate risk matrix, defined risk attitude statements and established interface across all risk assurance functions. Our risk assurance functions include: Health, Safety and Environment (HSE), Sustainability Executive Function, Information Security, Corporate Business Continuity, Emergency Response & Crisis Management, Corporate Compliance, Legal, Governance & Compliance, Financial Risk Management, Project Risk Management, Fraud Risk Management, and Asset Integrity & Profess Safety. Risk governance Our Board of Directors provides ultimate risk oversight. The Audit Committee assists the ADNOC Board in overseeing the Company’s governance, financial reporting, risk management and internal control activities. It reviews the company’s strategies and policies with respect to risk assessment and risk management systems and the effectiveness of controls in place to mitigate material business risks. The ELT requires risk assessments and mitigation plans to be completed for each matter it reviews, endorses and approves, which includes HSE matters such as ADNOC’s business continuity plans, HSE policies, strategic objectives, strategies and the disclosure of company information relating to production and emissions. The Investment Committee (IC) reviews and endorses the ERM framework and oversees risk data documentation and maintenance, that Risk Action Plans are implemented where appropriate, according to the processes and workflows defined in the ERM standard, and where appropriate, that risk data is communicated effectively to the ADNOC Board of Directors. Risk assessments are performed for matters presented to each Business Leadership Committee, including in respect of organizational matters, non-procurement commercial matters and significant investments matters, and material risks are identified, documented and communicated, along with risk mitigation plans. The Group Chief Financial Officer, in collaboration with each Group company CEO, is responsible for ensuring adequate support for the implementation of ERM activities and providing periodic updates to the ADNOC IC regarding the most significant risks. The CSO is responsible for ensuring that sustainability-related risks are governed through established processes, controls and procedures. The responsibilities related to sustainability oversight are often delegated to specific management- level positions or committees. The Group ERM function is responsible for the effective implementation of the ERM framework across the group. This involves providing guidance and support to Group company ERM departments, facilitating integrated risk and performance reviews and monitoring top risks on a ongoing basis. Group companies have risk management committees and ERM departments in place and continuously maintain and update their respective risk registers and monitor risks to identify Group company risks and their impact on objectives. Risk champions and risk owners are responsible for risk management of specified business functions and for managing action plans respectively. Risk management Risk identification exercises are conducted at least annually. The corporate risk matrix is utilized to consistently assess and prioritize risk based on their potential impact and likelihood against five impact types: HSE, society and reputation, financial, investment value and objectives. For certain risk assurance functions, such as Sustainability Executive Function, bespoke assessment scales are used and calibrated to ERM reporting. We maintain continuous visibility of the top risks across the Group through quarterly reporting from Group companies to their respective business directorates, providing updates on the effective management of risks and their impact on the organization's strategic objectives and business plans. A dedicated in-house ERM training program has been established to promote consistent implementation of ERM activities across the organization and improve the overall risk culture. 131 ADNOC Sustainability Report 2024 HOW WE OPERATE KEEPING OUR PEOPLE SAFE ADVANCING NET ZERO EMPOWERING LIVES SUSTAINABILITY AT ADNOC ABOUT ADNOC PROTECTING NATURE AND BIODIVERSITY