Our Company

Governance and Risk Oversight

  • Home
  • Our Company
  • Governance and Risk Oversight

Most of what goes right with an enterprise — and most of what goes wrong with it — can be traced back to decisions made at the top. Good corporate governance and risk oversight ensure that Dominion Energy remains a reliable steward of the resources in our care and a trusted partner to our customers and communities.

On this page
What you should know

Ultimate responsibility for the oversight of company performance and strategic direction rests with the Board of Directors, including on sustainability and Environmental, Social, and Governance (ESG) matters.

The Board has a separate committee dedicated to sustainability and corporate responsibility.

Dominion Energy has a firm commitment to human rights that is consistent with our company’s core values and cuts across all our operations.

We expect our suppliers to meet the same standards we impose on ourselves.

Governance Structure

Good corporate governance ensures that Dominion Energy remains a proficient and trustworthy steward of the resources entrusted to our care. This accountability goes hand-in-hand with our core values of Safety, Excellence, Ethics, Embrace Change, and One Dominion Energy and is essential to preserving the long-term sustainability of Dominion Energy for our shareholders, employees, customers, the communities in which we work, and the natural environment in which we operate.

At the top of the leadership pyramid sits the Board of Directors. It has a fiduciary duty to oversee the management of the company’s business and uphold shareholder interests. Accordingly, our Board of Directors has oversight of the company’s environmental performance and sustainability initiatives, along with our long-term growth strategy — which addresses the interests of shareholders and other stakeholders, including customers, employees, suppliers, our neighbors in the communities we serve, and the environment.

We have a well-rounded and diverse board in the broadest sense — one that reflects a diversity of gender, race, age, board tenure, professional experience, community involvement, skills, geography, and other attributes. In accordance with our Corporate Governance Guidelines, the Compensation, Governance and Nominating (CGN) Committee recommends director candidates who represent a mix of backgrounds and experiences that will enhance the quality of the Board’s deliberations and decisions. For biographical information, including key experience, attributes, skills and qualifications, for each of our directors, see our proxy statement.

The Board operates through four committees: Audit, CGN, Sustainability and Corporate Responsibility (SCR), and Finance and Risk Oversight. All four committees are composed entirely of independent directors, and we have an independent lead director who chairs the executive session of our independent, non-management directors at each regularly scheduled Board meeting.

The Board’s structure and responsibilities are outlined in its Corporate Governance Guidelines, which also include the duties and responsibilities of our lead director and our director independence standards. The SCR Committee had its first full year in 2019, with each meeting agenda devoted to ESG matters. The meetings covered the company’s charitable-contribution and community-service program, environmental justice, ESG risk assessment, updates on carbon and methane emission targets, and other ESG-related matters. The SCR Committee also reviewed the SCR Report and received updates on the company’s performance against its commitments.

During 2019, the full Board received reports on innovation, technology, and sustainability initiatives across the company, including offshore wind generation, renewable natural gas (RNG) projects, an electric school bus pilot project, and a company-wide workplace sustainability program, among other items. The chief environmental officer and chief innovation officer also provided reports to the full Board in 2019. The full Board will continue to discuss ESG matters at each regularly scheduled meeting.

We review our governance documents and policies regularly and propose changes whenever new rules or regulations are introduced; or whenever changes are consistent with good governance practice and in the best interests of our company and our shareholders.

The Corporate Governance Guidelines, each committee’s charter, and other governance policies can be found on our Governance webpage.

Stakeholders may contact our non-management directors by clicking here for more information.

OR at

Board of Directors
c/o Corporate Secretary
Dominion Energy, Inc.
P.O. Box 26532
Richmond, VA 23261



Sustainability and Corporate Responsibility Committee

In 2018, the Board formed the Sustainability and Corporate Responsibility Committee, which assists the Board by:

  • Overseeing strategies, activities, and policies regarding environmental sustainability, human talent management, corporate social responsibility, and public issues of significance and related innovation matters that may affect the company’s stakeholders;
  • Reviewing sustainability and corporate responsibility reports and similar communications and reporting to stakeholders on environmental and social responsibility initiatives and activities;
  • Reviewing sustainability targets and receiving progress reports on achieving those commitments; and
  • Overseeing the company’s initiatives to support innovation, technology, and sustainability.



Human Rights

Dominion Energy believes every person has a right to be treated with dignity and respect; to exercise autonomy and self-determination; to receive fair and equal treatment; and to work in a safe and supportive workplace regardless of individual attributes or membership in a demographic class. This commitment to human rights is consistent with our company’s core values and cuts across all of our operations. It has earned Dominion Energy a perfect score on the Human Rights Campaign’s Corporate Equality Index, as well as recognition as a top employer for diversity and for women.

Workplace Expectations

Dominion Energy demands a humane workplace free from discrimination, harassment, physical coercion, hazing, and any form of violence. Our values of Ethics and One Dominion Energy motivate us to promote an inclusive, productive, and welcoming work environment. We expect our employees — especially our leaders — to act in a professional manner and treat one another with respect, honesty, and decency. Respect in the workplace includes fostering a culture of diversity and inclusion. An inclusive environment encourages the acceptance and appreciation of all talents, thoughts, and energies.

Under no circumstance should any employee, contractor or other agent, or job applicant be treated less favorably because of race, color, ancestry, sex, gender, religion (including religious dress and grooming practices), national origin, age, actual or perceived physical or mental disability, medical condition, genetic information, sexual orientation, gender identity or expression, military or veteran status, marital status, status as a victim of domestic violence, or any other classification protected by state, federal, or local law.

As part of our commitment to safety, we will not tolerate any form of workplace violence. Violence includes any verbal or physical conduct that causes someone to fear for his or her personal safety, the safety of coworkers, or the safety of company property.

Supervisors have an additional responsibility to set an example through their own conduct. Leaders are expected to keep lines of communication open so that employees feel comfortable asking questions and reporting concerns. Leaders must ensure that employees are fully trained about the company’s policies regarding individual rights, non-discrimination, diversity, and inclusion.

Employees who have concerns can contact the Dominion Energy Compliance Line (1-800-628-1798) 24 hours a day, seven days a week or go online to visit our Dominion Energy Compliance Line Online. Employees who know of workplace violence or suspect it might be imminent are directed to contact corporate security.

Dominion Energy values openness and respects the contributions of employees who help enforce its code of business conduct. The company does not tolerate retaliation against any employee who in good faith reports suspected unethical conduct or violation of laws, rules, regulations, or company policies, or anyone who cooperates with the investigation of a concern.

Supplier Expectations

Dominion Energy contracts with thousands of vendors including diverse suppliers. For more details, see the Supplier Diversity section of our chapter on “Community Development.”

We hold all our suppliers to the same expectations, beginning with full adherence to all applicable legal and regulatory obligations, including those governing consumer and environmental protection, labor relations, and employee welfare. In addition, we have our own Supplier Code of Ethics and Business Conduct. It outlines our standards and expectations with regard to safety, workplace conduct, supplier diversity, conflicts of interest, environmental stewardship, human rights, antitrust, and privacy.

Suppliers must comply with Dominion Energy’s commitment to a humane workplace free from discrimination, harassment, physical coercion, and any form of workplace violence. Suppliers have a responsibility to uphold Dominion Energy’s commitment and report any acts of harassment, intimidation, or coercion related to race, color, ancestry, sex, gender, religion (including religious dress and grooming practices), national origin, age, actual or perceived physical or mental disability, medical condition, genetic information, sexual orientation, gender identity or expression, military or veteran status, marital status, status as a victim of domestic violence, or any other classification protected by law.

Dominion Energy’s Supplier Code of Ethics and Business Conduct stipulates that suppliers must support and respect internationally recognized human rights. Suppliers may not use, or participate in, the exploitation of workers, or forced or involuntary labor, including the use of child labor. Suppliers cannot employ any person under the minimum legal age for employment as prescribed by local authority, and no workforce members under age 18 can perform work that may expose them to inappropriate hazards. Suppliers are expected to ensure that wages, benefits, and hours of work comply with all applicable laws and regulations.

Dominion Energy has a responsibility to safeguard the personal information of its stakeholders, and it expects its suppliers to do the same. Suppliers who are provided with confidential information regarding Dominion Energy’s customers, shareholders, or employees have an ethical and legal responsibility to preserve the privacy, confidentiality, and security of this information, and use it only for appropriate business reasons and in compliance with applicable privacy laws and contractual requirements. At Dominion Energy, privacy is an important part of how we do business, and we expect our suppliers with access to personal information to protect it and collect, maintain, and transmit such information securely.

If a supplier becomes aware of any violation of legal requirements, Dominion Energy policies, or the Supplier Code of Ethics and Business Conduct, the supplier should notify Dominion Energy’s Supply Chain Management by calling the Dominion Energy Compliance Line at 1-800-628-1798 or by using the Dominion Energy Compliance Line Online.

Privacy

At Dominion Energy, we value the trust customers place in us when they provide us with their personal information. We take customers’ privacy seriously and are committed to protecting it.  In 2020, we adopted a comprehensive new Privacy Notice which describes the privacy practices of Dominion Energy, Inc., and its subsidiaries, divisions, and affiliates.



Just Transition

“Sustainability, but only for some” is an oxymoron. The transition to a clean-energy economy will impose costs, and those costs should not be borne disproportionately by any one group, least of all the most vulnerable. Dominion Energy’s core value of ethics impels us to consider questions of equity, and a low-carbon development strategy must take into consideration the needs of those who traditionally have worked in carbon-focused occupations. It is important that they have the opportunity, means, and training to obtain decent work when, for example, a coal-fired power plant is closed down.

For these reasons, our company is committed to ensuring a just transition of its energy business. As we shift to net zero and beyond, we will be intentional about listening to all perspectives and considering the interests of all our stakeholders. Taking actions to protect the environment and advance equitable solutions are not mutually exclusive; to the contrary, they work in tandem: The common aim is to ensure that all people and communities can continue to flourish. Dominion Energy’s robust system of community engagement, its above-and-beyond approach to tribal engagement, and its formal policy on environmental justice can help ensure that nobody is left behind as we advance our shared vision of a clean and sustainable energy future.



Risk Oversight

Dominion Energy’s Board of Directors oversees our long-term strategy and the various risks the company faces, including climate-related risk. The Board believes that the company’s interests are advanced by responsibly addressing these risks, whether they are operational, financial, regulatory, or strategic in nature.

While the Board and its committees oversee risk policies, company management carries them out. The company has robust enterprise risk management (ERM) processes embedded throughout the organization that help identify and manage risk. The Board and its committees regularly receive and discuss reports from members of management, including the chief risk officer and other members of management who are involved on a daily basis in risk assessment and risk management. These reports cover a wide range of topics including safety; environmental, employee, and customer concerns; social responsibility; and financial performance, economic issues, and long-term strategy.

We identify and assess, at least annually, major risks associated with each of our key business units. Risk assessments also are conducted at a corporate level for Dominion Energy, Inc. These assessments include a wide range of educated assumptions about what the future will look like, especially in regard to external factors outside the company’s control. The company’s approach has always been to employ the Precautionary Principle — which is to minimize known risks and mitigate risks that are not yet fully understood, but for which there are indications of possible future events or outcomes.

We are committed to discussing our approach to risk management in our external reporting, including in our regular Securities and Exchange Commission (SEC) filings. We detail our approach to climate-related risks specifically in our Climate Report published in late 2018. Here are links to those reports. We expect to publish an updated Climate Report in 2021.

SEC Filings 2018 Climate Report

Opportunities

Our analysis of risk is closely linked to opportunities — especially those related to the ongoing clean-energy transition.

Our focus on these opportunities starts at the top. Our Innovation, Technology, and Sustainability (ITS) Council — chaired by our chief executive officer — drives the execution of strategic programs across the company. The ITS Council seeks input from a variety of sources, including our internal Innovation team and third-party technical advisors. It then ensures that teams throughout the company are deployed to carry out development and execution of the initiatives.


Many of our programs focus on the electrification of different sectors of the economy, where we see considerable opportunity both to reduce emissions and to advance the use of energy storage. Read more about energy advancements at Beyond Net Zero in this report.



Cybersecurity

Protecting Critical Infrastructure

Generating and transferring energy is necessary for health and safety, national security, maintaining the economy, and sustaining Americans’ way of life. If the energy grid is disrupted, people can lose their livelihoods, security, comfort, and way of life. That’s why we employ an extensive system of rigorous security protocols, overseen by experts responsible for protecting against cyberattacks. We continuously improve our security controls, going beyond compliance with regulations and identifying opportunities to improve our security posture.

Our Strategy

We deploy cybersecurity systems using a defense-in-depth approach, strengthening our posture to identify and prevent external attacks as well as insider threats. We revise the cybersecurity strategic plan at least annually, and provide status updates and performance metrics to the Board of Directors and senior leadership. We educate employees about cybersecurity threats through security-awareness training and test them regularly. We conduct vulnerability scans and penetration tests to find weak points in our defenses. We take part in cybersecurity drills and simulations to make us better at responding to cybersecurity threats and events. We validate recovery procedures and system resiliency to ensure we can return critical systems to normal operating levels in a timely manner.

Combating Threats

We prioritize cybersecurity investments and activities based on three primary components:

  • Situational Awareness: We cooperate with information-sharing organizations in the energy sector — as well as local, state, and federal agencies — to gain insight into, and actionable intelligence about, cyber threats.
  • Security Controls: Our controls include both digital defenses such as malware detection and human ones such as phishing simulations that teach employees how to be on guard against malicious emails.
  • Assessments: We use internal and external vulnerability assessments, penetration tests, drills, and simulations to search for security gaps and improvement opportunities. We rely on both internal resources and third parties that specialize in security services to perform the assessments. We conduct drills with other utilities, regulatory agencies, and law enforcement.

In 2019 we continued to educate employees on major cybersecurity topics, including phishing and information protection. To improve cybersecurity proficiency even further, we frequently published security-awareness articles on the company intranet.

We conducted drills to sharpen the communication between internal cybersecurity operations, physical security, and incident command to improve our response to a simultaneous attack on company assets across many areas of the company, and to advance communication response with industry groups. After each drill we identified the lessons learned and made appropriate changes to our response plan.

Vulnerability scans were performed on schedule, followed by the remediation of critical findings to protect our infrastructure. We executed penetration tests of a wide range of company assets, from industrial control systems to enterprise applications, allowing us to identify and address issues to protect critical systems. Cyber-vulnerability assessments conducted in accordance with the North American Electric Reliability Corporation (NERC) were completed according to schedule. 

Safeguarding Sensitive Information

Our customers, shareholders, and employees trust us to keep their information secure, and doing so forms an essential component of our cybersecurity strategy. Because our people provide the first and last line of defense, employees receive annual training on how to protect information. The more sensitive the data, the higher the level of security controls we apply. We have beefed up both the monitoring of threats and protections against them to help make sure that sensitive data, such as customer personal information, remain secure.

Managing Change

The threat landscape is constantly changing. As we deploy more intelligent devices to modernize the grid and improve reliability and efficiency, our risk profile changes. Because of that, we continuously seek to strengthen cyber defenses, secure critical system-to-system communications against unauthorized access, and increase the resiliency of business operations. We continue to improve awareness training to help workers better identify malicious communications and report suspicious activities. And we routinely use information gathered during drills and penetration tests to shore up any weaknesses we find and improve those defenses that are already robust.

Facebook Instagram LinkedIn Twitter Youtube