8 THE STANDARD | June 2019, Revision 5 ELEMENT 3 EXPECTATIONS PERFORMANCE MEASURES 3.1 HSES risks are identified, assessed, prioritized and managed to As Low As Reasonably Practicable (ALARP), with controls in place based on potential consequences prior to commencing operations. The appropriate level of risk assessment is conducted in accordance with the Kosmos Global Standard for HSES Risk Management Operations and Project HSES Risk Registers are developed and form the basis for controls that will be maintained HSES risks are incorporated into the Kosmos Corporate Enterprise Risk Management process for corporate goals planning and performance scorecards Actions required to implement controls identified during risk assessments are verified and tracked through to closure prior to commencement of associated operations 3.2 The design of new facilities and wells are reviewed to verify the appropriate HSES protection measures are incorporated. Risks associated with the design of wells and production systems are identified and controlled in accordance with the Kosmos Global Standard for HSES Risk Management Well planning and design reviews are conducted in accordance with the Well Integrity Management Standard (WIMS) 3.3 HSES implications of temporary or permanent changes in personnel, operation, and/or facilities are properly managed. Relevant changes are managed in accordance with the Kosmos Global Standard for Management of Change 3.4 Risks associated with the acquisition, closure, and divestment of assets and operations are assessed and managed. Prospective new venture acquisitions are assessed for potential HSE and social, political, and reputation risks and liabilities Risk assessments are performed as part of asset divestment and site closure planning to ensure current and future operational liabilities are managed RISK AND CHANGE MANAGEMENT INTENT: Risk identification, assessment, and prioritization can reduce risk and mitigate hazards to employees, contractors, vendors, the community, and the environment. Management of risk is a continuous process which includes evaluation and proper management of changes to avoid unintended consequences.