Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Cybersecurity Risk Assessment and Management We take a multilayered approach to cybersecurity risk management and strategy. Our IT/OT Security Program integrates administrative, technical, and physical controls against evolving cybersecurity threats, and includes enterprise IT and OT security architecture, cybersecurity operations, data privacy and governance, supply chain security, and governance, risk, and compliance. Additionally, it is designed to identify, assess, and manage cybersecurity risks and protect the confidentiality, integrity, and availability of our data, IT, and OT. Cybersecurity is a component of our IT/OT Security Program, which we periodically review and adapt to respond to new and evolving circumstances, cybersecurity threats and regulations. We evaluate security, privacy, and resiliency risks, including those related to cybersecurity, in our overall Enterprise Risk Management (ERM) program's annual risk assessment process. This annual risk assessment process takes into account broader risks based on likelihood, potential consequences, and mitigations, such as operational and economic impact; health, safety and environmental impact; and reputational and financial implications. This risk assessment is discussed with members of the ELT, Audit and Finance Committee (AFC) of the Board of Directors, and Board of Directors on at least an annual basis. We consult recognized security frameworks, such as the National Institute of Standards and Technology Cybersecurity Framework to organize, improve, and assess our IT/OT Security Program to manage and reduce cybersecurity risk. We deploy, configure, and maintain various technologies designed to enforce security policies, detect and protect against cybersecurity threats, and help safeguard IT and OT assets. We operate a Cybersecurity Operation Center (CSOC) to ingest threat intelligence, monitor cybersecurity threats, coordinate incident response resources and manage response times. Our Global Computer Security Incident Response Plan (CSIRP) establishes the framework for our response to cybersecurity incidents. Under the CSIRP, cybersecurity incidents are escalated based on a defined incident categorization to the Chief Information Security Officer (CISO) and senior leaders, including the Chief Digital & Information Officer (CD&IO), General Counsel, Chief Financial Officer, and other cybersecurity program stakeholders, such as the AFC and/or the full Board of Directors. We also conduct incident response exercises at least annually, which are facilitated by internal team members and, in some instances, with assistance from third-party experts. Physical controls are designed to work in conjunction with digital and cybersecurity controls to help protect the company’s IT and OT assets from physical threats. Our Chief Security Officer is responsible for a physical security program including site plans, cameras, security systems monitoring, and access control and badging systems to manage physical security risks. Our governing policies, standards and procedures create a structured approach to managing cybersecurity risk. Information security requirements for employees, contractors and partners are detailed in the ConocoPhillips Information Security & Protection Policy. Our workforce is required to complete information security training annually, and we periodically communicate ways to recognize and avoid cybersecurity threats to our workforce. Engagement of Third Parties We engage third-party cybersecurity consultants and experts to supplement staffing of our CSOC, as well as to help us assess, validate, and enhance our security practices, including conducting cybersecurity maturity assessments, vulnerability assessments and penetration tests. As part of the cybersecurity incident response process described above, we engage third-party experts as needed to support incident response, such as external legal advisors, cybersecurity forensic firms and other specialists. Third-Party Service Provider Risk Management Our third-party risk management process is designed to identify, assess, and mitigate risks associated with third-party service providers, including cybersecurity risks. An initial assessment is conducted to assess the cybersecurity risks associated with a third-party provider based on various criteria, such as whether the third-party provider has access to our network, data, and information systems. Third-party providers that are identified through the initial assessment as warranting further review are subject to additional risk assessment. In parallel, we have designed a contracting process to mitigate cybersecurity risks by specifying the rights and responsibilities of the parties. Risks from Material Cybersecurity Threats While we are subject to ongoing cybersecurity threats, we do not believe that the risks from previous threats have materially affected or are reasonably likely to materially affect the company, including our business strategy, results of operations or financial condition. Nevertheless, we recognize cybersecurity threats are on-going and evolving, and our program is designed to identify and manage those threats. See item 1A. Risk Factors—Our technologies, systems and networks are subject to cybersecurity threats for more information on our risks relating to our technologies, systems, and networks.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We take a multilayered approach to cybersecurity risk management and strategy. Our IT/OT Security Program integrates administrative, technical, and physical controls against evolving cybersecurity threats, and includes enterprise IT and OT security architecture, cybersecurity operations, data privacy and governance, supply chain security, and governance, risk, and compliance. Additionally, it is designed to identify, assess, and manage cybersecurity risks and protect the confidentiality, integrity, and availability of our data, IT, and OT.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Management's Role A dedicated CISO leads the IT/OT Security Team and is responsible for our cybersecurity risk management and strategy. The CISO has over 20 years of experience in security, of which 15 years is specific to cybersecurity and has served as a CISO since 2013, having joined ConocoPhillips as CISO in 2022. The CISO holds a master’s degree and is a Certified Information Security Professional. The CISO reports to the CD&IO, who holds a master’s degree in information technology and has served as Chief Information Officer/Chief Technology Officer and various roles in information technology for over 28 years. The CD&IO reports to the Executive Vice President and Chief Financial Officer. This management team assesses and manages risks associated with cybersecurity. Board of Directors' Oversight While our cybersecurity management team is responsible for the day-to-day assessment and management of material risks from cybersecurity threats, the ConocoPhillips Board of Directors has oversight responsibility for our ERM program and the individual risk management programs comprising our ERM program, including cybersecurity risk management. To help maintain effective Board of Directors' oversight across the entire enterprise, the Board of Directors delegates certain elements of its oversight function to individual committees. The AFC assists the Board of Directors in fulfilling its oversight of our ERM program and cybersecurity. The Board of Directors receives a report on cybersecurity annually, and the AFC receives reports on cybersecurity multiple times a year. For meetings where cybersecurity is not on the formal agenda, the AFC will receive a pre-read that includes cybersecurity updates or discussion topics. During these reviews, management discusses various topics, including information relating to IT/OT Security strategy, program management, cybersecurity risks and threats, and provides briefings on notable cybersecurity attacks, including those relating to third-party service providers, if known. In addition to this regular reporting, significant cybersecurity risks or threats may also be escalated on an as needed basis to the AFC and Board of Directors.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	A dedicated CISO leads the IT/OT Security Team and is responsible for our cybersecurity risk management and strategy.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board of Directors receives a report on cybersecurity annually, and the AFC receives reports on cybersecurity multiple times a year. For meetings where cybersecurity is not on the formal agenda, the AFC will receive a pre-read that includes cybersecurity updates or discussion topics. During these reviews, management discusses various topics, including information relating to IT/OT Security strategy, program management, cybersecurity risks and threats, and provides briefings on notable cybersecurity attacks, including those relating to third-party service providers, if known. In addition to this regular reporting, significant cybersecurity risks or threats may also be escalated on an as needed basis to the AFC and Board of Directors.
Cybersecurity Risk Role of Management [Text Block]	A dedicated CISO leads the IT/OT Security Team and is responsible for our cybersecurity risk management and strategy. The CISO has over 20 years of experience in security, of which 15 years is specific to cybersecurity and has served as a CISO since 2013, having joined ConocoPhillips as CISO in 2022. The CISO holds a master’s degree and is a Certified Information Security Professional. The CISO reports to the CD&IO, who holds a master’s degree in information technology and has served as Chief Information Officer/Chief Technology Officer and various roles in information technology for over 28 years. The CD&IO reports to the Executive Vice President and Chief Financial Officer. This management team assesses and manages risks associated with cybersecurity.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	A dedicated CISO leads the IT/OT Security Team and is responsible for our cybersecurity risk management and strategy. The CISO has over 20 years of experience in security, of which 15 years is specific to cybersecurity and has served as a CISO since 2013, having joined ConocoPhillips as CISO in 2022. The CISO holds a master’s degree and is a Certified Information Security Professional. The CISO reports to the CD&IO, who holds a master’s degree in information technology and has served as Chief Information Officer/Chief Technology Officer and various roles in information technology for over 28 years. The CD&IO reports to the Executive Vice President and Chief Financial Officer. This management team assesses and manages risks associated with cybersecurity. Board of Directors' Oversight While our cybersecurity management team is responsible for the day-to-day assessment and management of material risks from cybersecurity threats, the ConocoPhillips Board of Directors has oversight responsibility for our ERM program and the individual risk management programs comprising our ERM program, including cybersecurity risk management. To help maintain effective Board of Directors' oversight across the entire enterprise, the Board of Directors delegates certain elements of its oversight function to individual committees. The AFC assists the Board of Directors in fulfilling its oversight of our ERM program and cybersecurity.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	A dedicated CISO leads the IT/OT Security Team and is responsible for our cybersecurity risk management and strategy. The CISO has over 20 years of experience in security, of which 15 years is specific to cybersecurity and has served as a CISO since 2013, having joined ConocoPhillips as CISO in 2022. The CISO holds a master’s degree and is a Certified Information Security Professional. The CISO reports to the CD&IO, who holds a master’s degree in information technology and has served as Chief Information Officer/Chief Technology Officer and various roles in information technology for over 28 years.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Board of Directors receives a report on cybersecurity annually, and the AFC receives reports on cybersecurity multiple times a year. For meetings where cybersecurity is not on the formal agenda, the AFC will receive a pre-read that includes cybersecurity updates or discussion topics. During these reviews, management discusses various topics, including information relating to IT/OT Security strategy, program management, cybersecurity risks and threats, and provides briefings on notable cybersecurity attacks, including those relating to third-party service providers, if known. In addition to this regular reporting, significant cybersecurity risks or threats may also be escalated on an as needed basis to the AFC and Board of Directors.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity Risk Assessment and Management

We take a multilayered approach to cybersecurity risk management and strategy. Our IT/OT Security Program integrates administrative, technical, and physical controls against evolving cybersecurity threats, and includes enterprise IT and OT security architecture, cybersecurity operations, data privacy and governance, supply chain security, and governance, risk, and compliance. Additionally, it is designed to identify, assess, and manage cybersecurity risks and protect the confidentiality, integrity, and availability of our data, IT, and OT.

Cybersecurity is a component of our IT/OT Security Program, which we periodically review and adapt to respond to new and evolving circumstances, cybersecurity threats and regulations. We evaluate security, privacy, and resiliency risks, including those related to cybersecurity, in our overall Enterprise Risk Management (ERM) program's annual risk assessment process. This annual risk assessment process takes into account broader risks based on likelihood, potential consequences, and mitigations, such as operational and economic impact; health, safety and environmental impact; and reputational and financial implications. This risk assessment is discussed with members of the ELT, Audit and Finance Committee (AFC) of the Board of Directors, and Board of Directors on at least an annual basis.

We consult recognized security frameworks, such as the National Institute of Standards and Technology Cybersecurity Framework to organize, improve, and assess our IT/OT Security Program to manage and reduce cybersecurity risk. We deploy, configure, and maintain various technologies designed to enforce security policies, detect and protect against cybersecurity threats, and help safeguard IT and OT assets. We operate a Cybersecurity Operation Center (CSOC) to ingest threat intelligence, monitor cybersecurity threats, coordinate incident response resources and manage response times.

Our Global Computer Security Incident Response Plan (CSIRP) establishes the framework for our response to cybersecurity incidents. Under the CSIRP, cybersecurity incidents are escalated based on a defined incident categorization to the Chief Information Security Officer (CISO) and senior leaders, including the Chief Digital & Information Officer (CD&IO), General Counsel, Chief Financial Officer, and other cybersecurity program stakeholders, such as the AFC and/or the full Board of Directors. We also conduct incident response exercises at least annually, which are facilitated by internal team members and, in some instances, with assistance from third-party experts.

Physical controls are designed to work in conjunction with digital and cybersecurity controls to help protect the company’s IT and OT assets from physical threats. Our Chief Security Officer is responsible for a physical security program including site plans, cameras, security systems monitoring, and access control and badging systems to manage physical security risks.

Our governing policies, standards and procedures create a structured approach to managing cybersecurity risk. Information security requirements for employees, contractors and partners are detailed in the ConocoPhillips Information Security & Protection Policy. Our workforce is required to complete information security training annually, and we periodically communicate ways to recognize and avoid cybersecurity threats to our workforce.

Engagement of Third Parties

We engage third-party cybersecurity consultants and experts to supplement staffing of our CSOC, as well as to help us assess, validate, and enhance our security practices, including conducting cybersecurity maturity assessments, vulnerability assessments and penetration tests.

As part of the cybersecurity incident response process described above, we engage third-party experts as needed to support incident response, such as external legal advisors, cybersecurity forensic firms and other specialists.

Third-Party Service Provider Risk Management

Our third-party risk management process is designed to identify, assess, and mitigate risks associated with third-party service providers, including cybersecurity risks. An initial assessment is conducted to assess the cybersecurity risks associated with a third-party provider based on various criteria, such as whether the third-party provider has access to our network, data, and information systems. Third-party providers that are identified through the initial assessment as warranting further review are subject to additional risk assessment. In parallel, we have designed a contracting process to mitigate cybersecurity risks by specifying the rights and responsibilities of the parties.

Risks from Material Cybersecurity Threats

While we are subject to ongoing cybersecurity threats, we do not believe that the risks from previous threats have materially affected or are reasonably likely to materially affect the company, including our business strategy, results of operations or financial condition. Nevertheless, we recognize cybersecurity threats are on-going and evolving, and our program is designed to identify and manage those threats. See item 1A. Risk Factors—Our technologies, systems and networks are subject to cybersecurity threats for more information on our risks relating to our technologies, systems, and networks.

Cybersecurity Risk Management Processes Integrated [Text Block]

We take a multilayered approach to cybersecurity risk management and strategy. Our IT/OT Security Program integrates administrative, technical, and physical controls against evolving cybersecurity threats, and includes enterprise IT and OT security architecture, cybersecurity operations, data privacy and governance, supply chain security, and governance, risk, and compliance. Additionally, it is designed to identify, assess, and manage cybersecurity risks and protect the confidentiality, integrity, and availability of our data, IT, and OT.

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Board of Directors Oversight [Text Block]

Management's Role

A dedicated CISO leads the IT/OT Security Team and is responsible for our cybersecurity risk management and strategy. The CISO has over 20 years of experience in security, of which 15 years is specific to cybersecurity and has served as a CISO since 2013, having joined ConocoPhillips as CISO in 2022. The CISO holds a master’s degree and is a Certified Information Security Professional. The CISO reports to the CD&IO, who holds a master’s degree in information technology and has served as Chief Information Officer/Chief Technology Officer and various roles in information technology for over 28 years. The CD&IO reports to the Executive Vice President and Chief Financial Officer. This management team assesses and manages risks associated with cybersecurity.

Board of Directors' Oversight

While our cybersecurity management team is responsible for the day-to-day assessment and management of material risks from cybersecurity threats, the ConocoPhillips Board of Directors has oversight responsibility for our ERM program and the individual risk management programs comprising our ERM program, including cybersecurity risk management. To help maintain effective Board of Directors' oversight across the entire enterprise, the Board of Directors delegates certain elements of its oversight function to individual committees. The AFC assists the Board of Directors in fulfilling its oversight of our ERM program and cybersecurity.

The Board of Directors receives a report on cybersecurity annually, and the AFC receives reports on cybersecurity multiple times a year. For meetings where cybersecurity is not on the formal agenda, the AFC will receive a pre-read that includes cybersecurity updates or discussion topics. During these reviews, management discusses various topics, including information relating to IT/OT Security strategy, program management, cybersecurity risks and threats, and provides briefings on notable cybersecurity attacks, including those relating to third-party service providers, if known. In addition to this regular reporting, significant cybersecurity risks or threats may also be escalated on an as needed basis to the AFC and Board of Directors.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Board of Directors receives a report on cybersecurity annually, and the AFC receives reports on cybersecurity multiple times a year. For meetings where cybersecurity is not on the formal agenda, the AFC will receive a pre-read that includes cybersecurity updates or discussion topics. During these reviews, management discusses various topics, including information relating to IT/OT Security strategy, program management, cybersecurity risks and threats, and provides briefings on notable cybersecurity attacks, including those relating to third-party service providers, if known. In addition to this regular reporting, significant cybersecurity risks or threats may also be escalated on an as needed basis to the AFC and Board of Directors.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

A dedicated CISO leads the IT/OT Security Team and is responsible for our cybersecurity risk management and strategy. The CISO has over 20 years of experience in security, of which 15 years is specific to cybersecurity and has served as a CISO since 2013, having joined ConocoPhillips as CISO in 2022. The CISO holds a master’s degree and is a Certified Information Security Professional. The CISO reports to the CD&IO, who holds a master’s degree in information technology and has served as Chief Information Officer/Chief Technology Officer and various roles in information technology for over 28 years.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true