The Institute of Chartered Accountants of India Conference on Hotel & Tourism Industry. Risk Management and Audit. Hotel and Tourism Industry
|
|
- Sheryl Wilkins
- 5 years ago
- Views:
Transcription
1 The Institute of Chartered Accountants of India Conference on Hotel & Tourism Industry Risk Management and Audit in Hotel and Tourism Industry CA Dipak Ghose 10 th December, 2011
2 Agenda Module 1 : Risk Management an important element of Corporate Governance Module 2 : Risk Definition, Categories, Examples of Risks Module 3 : Enterprise Risk Management (ERM) Concept & Process Module 4 : Value Creation through ERM Module 5 : Risk Examples in Hotel & Tourism Industry Module 6 : Audit Objectives and Roles (a) Statutory Audit (b) Internal Audit 2
3 Risk Management An important concept in Corporate Governance 3
4 Risk Management An Element of Corporate Governance Corporate Governance..enhancement of shareholder value keeping in view the interests of all other stakeholders An important element of Corporate Governance includes that.. The Risk Management process enables continual improvements in decision making It is a well defined program that encompasses the culture, processes and structures dealing with effective management of both potential opportunities, as well as, adverse effects 4
5 Risk 5
6 What is Risk? What is risk? any threat or opportunity that can potentially prevent a corporate from meeting its objectives. In short, it is anything that prevents a company from protecting existing assets or increasing shareholder value. organisations should maintain a systematic methodology to identify risks and opportunities, and decide what (if anything) needs to be done. It is measured in terms of likelihood and consequences 6
7 Examples of Risks Environmental e.g. Noise, contamination, pollution. Financial e.g. Contractual risks, misappropriation of funds, fraud, fine. Economic e.g. Currency fluctuations, interest rates, share market. Human e.g. Riots, strikes, sabotage, error. Natural Hazards e.g. Climatic conditions, earthquakes, bushfires, vermin, volcanic activity. Professional Liability e.g. Wrong advice, negligence, design error Regulatory e.g. Statutory and legal compliance, code of conduct, intellectual property/ trademarks. Technological e.g. Innovation, obsolescence, dependability. Security e.g. Cash arrangements, vandalism, theft, misappropriation of information, illegal entry. 7
8 Risk Formula Risk(Objectives) - Control = Exposure Objectives are what your organization aims to accomplish. Risks are everything that get in the way of sustainable achievement of your objectives. Controls are any action or activity that increases the likelihood of achieving your business objectives. 8
9 Risk Management Objective Objective of risk management process is to bring the inherent level of risks to a desired level of acceptable risks Inherent risk Controls Controls Effective controls Residual Risk Treatment Plan(s) ACCEPTABLE Residual Risk Desired level of residual risk 9
10 Enterprise Risk Management (ERM) 10
11 What is Enterprise Risk Management? Enterprise Risk Management (ERM) is a process effected by an entity s board of directors, management and other personnel applied in strategy setting and across the enterprise designed to identify potential events that may affect the entity manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives 11
12 - Strategic Alignment Mission/ Vision Approved Strategy Business Objectives Business Objectives Business Objectives Risks Risks Risks Risks Risks Risks Controls Controls Controls Controls Controls Controls Established by Management and refined by Company Board Considered as part of Risk Management process Identified, discussed and enhanced through the risk management process 12
13 Why is Enterprise Risk Management important Identify obstacles to achieving business objectives Allow management to make/evaluate decisions on a well informed, risk adjusted basis Determine accountability/ownership of all key risks Enable definition of realistic tolerances and measures of risk to support reasonable budgeting for risk (expected loss) and allocation of capital ( unexpected loss) Increase risk and control awareness of all employees, at all levels Proactively identify potential difficulties 13
14 Potential Benefits of Effective Enterprise Risk Management Early mover into new business areas Greater likelihood of achieving business objectives Higher share prices over the longer term Reduction in management time spent in fire fighting Fewer sudden shocks and unwelcome surprises POTENTIAL BENEFITS Increased likelihood of change initiatives being achieved Achievement of competitive advantage Better basis for strategy setting and decisions Lower cost of capital More focus internally on doing the right things properly Source: Implementing Turnbull a Boardroom Briefing 14
15 Risk Management Process 15
16 Global ERM standard Risk Management Process Overview Establish the context Identify risks Analyse risks Evaluate risks Communicate and consult Monitor and review Assess risks Treat risks Risk management overview (AS/NZS 4360:1999) 16
17 Risk Identification Comprehensive risk identification using a well-structured systematic process is critical. Risks can be identified in a number of ways, like: Workshop Brainstorming Interviews Press and media searches Discussion with peers Seminars 17
18 Risk Assessment 3 Key Risk Assessment Components EVENT IMPACT PROBABILIT Y 18 Before any risk analysis can begin, these three risk components must be defined in some systematic and meaningful way - Event: An incident / activity which may happen leading to some loss Probability: A qualitative description of probability or frequency Impact: The outcome of an event expressed qualitatively or quantitatively, being a loss, injury, disadvantage or gain. There may be a range of possible outcomes associated with an event.
19 Example Driving to Work What are the risks in driving to work? 19
20 Example OBJECTIVE Driving to workplace RISK Not reaching the workplace on time CONSEQUENCE Work not accomplished / Boss is upset at you / You get fired / Lose face with clients or peers THREAT LIKELIHOOD IMPACT CONTROL Run out of petrol Low Low Always fill at ½ Mark Traffic Jam High High Leave Early/Alt Route Accident Low High Defensive driving Blown Tire Low Low Rotate tires / Spare Overheating Low High Maintenance Groupings: Internal and External Within my Control (Petrol), outside my Control (Others) 20
21 Risks Statement, Contributing Factors & Impact Risk Statement: The Risk Statement gives a brief description of the risk issue that the company is faced with Contributing Factors: The Contributing Factors are the factors that contribute to the risks mentioned in the Risk Statements Impact: The Impact indicates the outcome that the company might face if a particular risk event mentioned in the Risk Statement materializes 21
22 Relationship between Risks, Potential Impacts and Contributory Factors An issue can be either a risk, a contributory factor or a potential impact, depending on the level used. Eg. A house keeping department of a Hotel is worried about inadequate safety measures being adopted in the premises. They raise the following points: Electrical Shock Electrical Equipment Malfunctioning Lack of regular inspection of electrical safety features Possible liability issues Reputational Damage How risks are identified alongwith impact and Contributing factor 22
23 Some Possibilities Risk Impact Contributing Factor Electrical Shock Injury & Liability Electrical Equipment Malfunctioning Electrical Equipment Malfunctioning Electrical Shock Lack of regular inspection of electrical safety features Lack of regular inspection of electrical safety features Possible liability issues & Reputational Damage Electrical Equipment Malfunctioning 23
24 Risk Assessment - Methodologies A combination of two risk assessment methodologies is used across an enterprise: Quantitative assessment is possible when sufficient data are available. Quantitative- Qualitative- Used where potential likelihood and impact are low or where numerical data and expertise for quantitative assessments are not available. Also be used for high-impact events that require substantive expertise for assessment. 24
25 Risk Assessment In determining what constitutes a given level of risk the following scale may be used for likelihood and Impact assessment: Levels / Ratings Descriptors (Likelihood) 1 Very low likelihood 2 Low likelihood 3 Moderate likelihood 4 High likelihood 5 Very high likelihood Levels / Ratings Descriptors (Impact) 1 Very low impact 2 Low impact 3 Moderate impact 4 High impact 5 Very high impact 25
26 Risk Assessment Example for Calculation of Group Score: Rating of Risk X : Likelihood (A) Impact (B) Participant Participant Participant Total 9 15 Group Score for risk X i.e. Simple Average ( Total / No. of Participants) Combined Score for risk X (Group Score A*Group Score B)
27 Risk Evaluation Process Likelihood probability or frequency of an event occurring Consequences/ Impact the outcome of an event expressed qualitatively or quantitatively, being a loss, injury, disadvantage, or gain. Risk Evaluation the process to determine Risk Management priorities by comparing the level of risk, as assessed using the above two scales, against predetermined standards, benchmarks, target risk levels Overall Risk Rating Overall Risk Rating is defined as Likelihood Rating*Impact Rating 27
28 Risk Prioritization The output of risk evaluation leads to generation of a prioritized list of risks for further action The Risk Statement alongwith Contributing Factors and Overall Risk Rating are captured in the form of a Risk Register and are prioritized in three categories: High (Red zone or unacceptable Average score more than 11) Medium (Yellow zone or cautionary Average score between 6 to 11) Low (Green zone or acceptable Average score upto 6) The Risk Register is prepared in a specific format to document the results of risk identification and risk assessment exercise using the two parameters viz. Likelihood and Impact Rating 28
29 Risk Prioritization LIKELIHOOD IMPACT 29 Most Critical Need active monitoring High Impact/ Likelihood Need periodic monitoring Low likelihood & Impact Need Annual Review
30 Risk Treatment, Communication and Monitor & Review Treat Risks Select and implement appropriate options for dealing with risk i.e. Avoid exit that activity that entails the particular risk Accept choose to accept the risk as in the case of changing policies Share form a joint venture for a new business Transfer insure and transfer the risk to the insurance company Reduce hedging in case of foreign currency exposure Control install safety equipment for safety related risks Diversify spread to new markets or move into new businesses Implement action plans and validate mitigation of risks Communicate & Consult Communicate and consult with internal and external stakeholders as appropriate at each stage of the risk management process concerning the process as a whole Review & Monitor Review and monitor the action plans 30
31 Risk Flow Diagram Board Risk Diagnostic Steering Committee Board BU risk diagnostic to determine focus BU BU BU BU BU BU BU BU Department Department Department Department Department Group Group Group Group Group BU Risk Framework 31
32 Risk Management Organization Risk Management Organisation Audit Committee Board of Directors Risk Management Steering Committee Chief Risk Officer (CRO) Risk Owner Risk Owner Risk Owner Risk Owner Risk Champion Risk Champion Risk Champion Risk Champion 32
33 Value Creation through ERM 33
34 ERM - Value Creation Activities ERM Areas Expected Risk Management Practices Risk Management Culture and Governance Management understands and intends to manage all of their risks Stakeholders have trust in the risk management program Decision making reflects the impact of risk on the particular decision Managers understand risk tolerance The Board is involved in discussions on risk and risk management Long term planning and resource allocation incorporates risk/ reward and cost/ benefit trade-offs; and Management has allocated sufficient (in amount and quantity) resources to ensure risk management meets its objectives 34
35 ERM - Value Creation Activities ERM Areas Expected Risk Management Practices Strategic Risk Management Integration of risk management and return into strategic decision-making Understanding and addressing changes in risk profile Integration of risk management capability into budgeting, asset allocation, product and new venture decisions, M&As and divestitures, and incentive compensation 35
36 Risk : Examples in Hotel & Tourism Industry 36
37 Risks in Hotel Industry Hotel industry, which entirely depends on the services it offers, should be able to identify and manage its risks effectively It should be noted that, while control of physical risks is important, liability with respect to services provided should not be overlooked Recently evolved risk assessment techniques have been recognized as meaningful and important tools for integrating and internalizing the Safety, Health and Environment aspects in business operations 37
38 Specific Objectives of Risk Management Study in Hotel Industry Identify hazards in various operations and tasks performed at the facility Establish underlying causes for hazard initiations Assess the strengths and weaknesses in the existing SHE systems Estimate risk levels after analyzing the effects and consequences of hazard events and likelihood of its occurrence Evaluate risk levels and initiate risk control measures, if required 38
39 Examples of Risks Associated with Hotel Industry During the last several years, hospitality companies -- like many other industries -- have increased the utilization of outsourcing arrangements for items such as procurement services, network and other data host sites, and food and beverage. Hotel owners and managers need to measure and monitor the risk to their organizations should these business partners not be in a position to honor their contractual obligations It should be realized that there are many operations in hotels, which involve use of chemicals and hazardous material (Dry-cleaning, LPG and HSD storage, plating and polishing etc.,) and other related operations like in any other industry Food contamination and environmental releases are some of the other major hazards associated with hotel operations 39
40 Examples of Risks Faced by the Hotel Industry Property & Environment: Fire and Explosion Natural disaster like Hurricanes or rise in sea level and third party Security Environment Threats from terrorism People: Key personnel Health and Safety Reputation: Erosion of Brand Value Commercial: Corporate reputation Food Poisoning Services liability Air conditioning Kitchen Safety Microbiological risks Political risk Financial: Exchange rate risk Financial risk Operational: Business interruption Project risk IT and communications Product liability Catastrophe recovery Industry risks Legal: Regulatory compliance Tenant s legal liability Contractual Liability 40
41 Relevance of Risk Management in Tourism Industry Although adequate insurance coverage is a necessary response to many related risks, yet Relying exclusively on insurance to cover the risks associated with this industry is no longer viable. Business organizations worldwide have adopted "risk management" principles to address the increasing legal, ethical and financial obligations to manage the principal risks of the tourism industry Risk management is required in order to make optimum insurance purchasing decisions. Even insurers will offer their best terms and conditions to those businesses that are well managed and considered to be a good risk 41
42 Risks Pertaining to Tourists. With millions of people travelling daily, diseases, crime, acts of terrorism, questions of violence or natural disasters directly impact these industries ability to promote a safe and worry free experience Travellers should be encouraged to take adequate travel insurance some of which includes: Adequate medical insurance required to meet expenses incase of emergency hospitalization and/or medical expenses Accident benefits to be covered through adequate insurance policy coverage Adequate coverage incase of loss of personal belongings due to theft or burglary 42
43 Risks Associated with the Tourism Industry The specific risks associated with the Tourism Industry can originate broadly from four source areas viz : The human and institutional environment outside the tourism sector; Which includes common delinquency (theft, burglary, fraud, deception), terrorism, hijacking, wars, social conflicts and political and religious unrest The tourism sector and related commercial sectors; Through defective operation, tourism and sectors related to tourism such as transport, sports and retail trade, can endanger visitors' personal security, physical integrity and economic interests through poor safety standards in tourism establishments (fire, construction errors, lack of anti-seismic protection), poor waste management systems and disrespect for the environment s sustainability, non-compliance with contracts and strikes by staff. The individual traveller (personal risks) Travellers or visitors can endanger their own safety and security by practicing dangerous or risky sports and leisure activities, consuming unsafe food and drink, sudden illness or injuries Physical or environmental risks (natural, climatic, epidemic) 43
44 Examples of Risks Faced by the Tourism Industry Safety & Environment : Fire and Explosion Natural disaster and third party Security Financial : Exchange rate risk Financial risk Foreign exchange risk People : Key personnel Sudden illness/injury Health and Safety Political & Geographical : Riots Strikes Wars 44
45 Audit 45
46 Statutory Audit 46
47 Objectives of Statutory Audit Major objectives of statutory audits are: To convey professional opinion on the financial statements of the companies For comprehensive review of the accounting and internal control system of the client For continuous dialogue with the management, concerning any material weakness in the internal control system 47
48 Role of Statutory Auditor The primary role of external auditors is to : express an opinion on whether an entity's financial statements are free of material misstatements and issue a certificate of compliance under Clause 49 of Corporate Governance Normally, external auditors review the entity's information technology control procedures when assessing its overall internal controls They must also investigate any material issues raised by inquiries from professional or regulatory authorities, such as the local taxing authority 48
49 Compliance Requirements Under Clause 49 Basis of Related Party Transactions Related party transactions to be disclosed as transactions in ordinary course & others that are not in normal course Additionally transactions not at arms length to be disclosed separately & placed before Audit Committee with Management Justification Disclosure of Accounting Treatment Disclosure of differential treatment of financial statements from that prescribed in an Accounting Standard, together with the management s explanation for such alternative treatment All listed companies are required to prepare consolidated financial statements as per Accounting Standards, namely, AS21, AS23 and AS27 issued by the ICAI in relation to the Consolidation of Financial Statements In addition, all listed companies are required to publish segment wise profit and loss as per Accounting Standard 17 Segment Reporting issued by ICAI. 49
50 Migration to International Financial Reporting Standards International Financial Reporting Standards (IFRS) are Standards, Interpretations and the Framework adopted by the International Accounting Standards Board (IASB). The IFRS is an international effort to harmonize financial reporting globally. In India, the Institute of Chartered Accountants of India (ICAI) has said that all companies and banks should draw up their accounts in conformity with IFRS from
51 Internal Audit 51
52 Objectives of Internal Audit Aim of internal auditing is to assist the organization to achieve its objectives Evaluating emerging technologies Assessing risks, controls, ethics, quality, economy, and efficiency Assuring that controls in place are adequate to mitigate the risks Communicating information and opinions with clarity and accuracy 52
53 Role of Internal Auditor The primary role internal auditors is : To provide independent, objective assurance and consulting activity designed to add value and improve an organization's operations To help an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of : risk management, control, and governance processes. 53
54 Changing Paradigm of Internal Audit-Evolution Traditional Internal Auditing Find & Fix: Reactive Reengineering of Internal Auditors Integrated Internal Auditing Anticipate & Prevent: Proactive Risk Assessment: An Ad-hoc Activity Risk Assessment : Continuous Activity Focus only on Financial and Accounting Controls Minimum use of technology Multifunctional Knowledge Techno Savvy New Tools Benchmarking Use Industry/External data Focus on Risk Management Have Persuasive Skills Audit Business Processes; not just Controls Tech./Knowledge Leveraged Perceived as Policing Perceived as Partner in Business Compliance Focus Profit Optimization 54
55 Internal Auditor s Role in ERM Core Internal Audit Roles in ERM Giving assurance on the risk management process Giving assurance that risks are correctly evaluated Evaluating risk management processes Evaluating the reporting of key risks Reviewing the management of key risks 55
56 Internal Auditor s Role in ERM Roles Internal Audit should Not Undertake Setting the risk appetite Imposing risk management process Management assurance on risks Taking decisions on risk responses Implementing risk responses on management s behalf Accountability for risk management 56
57 Internal Auditor s Role in ERM Play an important role in monitoring ERM, but do NOT have primary responsibility for its implementation or maintenance. Assist management and the board or audit committee in the process by : Monitoring - Evaluating Examining - Reporting Recommending improvements 57
58 Role : Internal Audit vis-à-vis Risk Management Role Enterprise Risk Management Group Internal Audit Purpose Coordinate an integrated enterprise wide view of significant risks and responses Support risk assessment planning and monitoring, as applicable Activities Provide support and facilitate overall risk management process Provide assurance on risk assessment process, mitigation activities, test results, monitor action plans Deliverables Escalate key risk exposures, risk policies and metrics Independent testing of risk assessment results & action plan; reports to management and audit committee 58
59 Internal Auditor s Responsibility Risk Based Audit Plan Identify the risks Prioritize the risk Identify the controls Evaluate the effectiveness of the Control This risk assessment is to serve as the basis from which audit plans are devised and against which internal controls are tested. 59
60 Risk Based Internal Audit (RBIA) 60
61 Definition of Risk Based Internal Audit (RBIA) RBIA provides an independent and objective opinion to an organisation s management as to whether its risks are being managed to acceptable levels 61
62 Risk Based Internal Audit Methodology An Overview 62
63 ERM and Risk Based Internal Audit Methodology An Overview ERM process supports Risk Identification, Assessment and Prioritization The Prioritized list of risks is the input for development of risk based internal audit strategy / plan 63
64 Risk Related Controls Risk assessment Exercising controls based on risk evaluation Appropriate and effective Internal control system - COSO framework 64
65 COSO Framework of Internal Control Control Environment It deals with soft issues of control Management Philosophy Commitment to Competence Risk Assessment Identify and analyze risk Prioritize the risk according to impact and probability Control Activities Ensure controls are exercised to address risk to achieve entities objective Information & Communication Relevant information should be identified and communicated - enabling informed decision making Monitoring Measuring the control effectiveness. Assess the quality of the system s performance Prepare report identifying deficiency 65
66 Questions? 66
67 Thank You 67
Risk Management: Principles, Methodologies and Techniques. Peter Getugi Internal Audit Manager ILRI
Risk Management: Principles, Methodologies and Techniques Peter Getugi Internal Audit Manager ILRI NAIROBI 22 JUNE, 2010 Session Objectives What is Risk Management? Why is Risk Management importance rising?
More informationENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework
ENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework ENTERPRISE RISK MANAGEMENT (ERM) ERM Definition The Conceptual Frameworks: CAS and COSO Risk Categories Implementing ERM Why ERM? ERM Maturity
More informationRisk Management Policy. Apollo Hospitals. Risk Management Policy
Apollo Hospitals Risk Management Policy Table of Contents 1. Introduction...1 2. Risk Management Policy...2 2.1 Applicability... 2 2.2 Risk Management Objectives... 2 2.3 Definitions... 2 2.3.1 Risk...
More informationRisk Evaluation, Treatment and Reporting
Chapter 8 Risk Evaluation, Treatment and Reporting In the previous chapter we looked at how risks are identified, described and estimated using a likelihood and consequences matrix. This is an essential
More informationRisk Management Framework
Risk Management Framework Anglican Church, Diocese of Perth November 2015 Final ( Table of Contents Introduction... 1 Risk Management Policy... 2 Purpose... 2 Policy... 2 Definitions (from AS/NZS ISO 31000:2009)...
More informationUSF System Compliance & Ethics Program. Risk Assessment Process. Enterprise-Wide Risk Assessment
USF System Compliance & Ethics Program Risk Assessment Process Enterprise-Wide Risk Assessment Risk Assessment Process Risk Assessment: A disciplined, documented, and ongoing process of identifying and
More informationRisk Management at the Deutsche Bundesbank March 2011
Risk Management at the Deutsche Bundesbank March 2011 (C) Deutsche Bundesbank - Division Organisation 1 Agenda Definition of risk management [3] Factors of influence to review the RM set up [4] The Framework
More informationENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals
Purpose This Enterprise Risk Management Policy (the ERM policy) provides the framework for managing risks across ( RGHC or the Company ). It contains the policies to guide employees, management and the
More informationExecutive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B
Executive Board Annual Session Rome, 25 28 May 2015 POLICY ISSUES Agenda item 5 For approval ENTERPRISE RISK MANAGEMENT POLICY E Distribution: GENERAL WFP/EB.A/2015/5-B 10 April 2015 ORIGINAL: ENGLISH
More informationApplying COSO s Enterprise Risk Management Integrated Framework
Applying COSO s Enterprise Risk Management Integrated Framework COSO COSO stands for the Committee Of Sponsoring Organizations of the Treadway Commission. The sponsoring organizations are: Institute of
More informationก ก Tools and Techniques for Enterprise Risk Management (ERM)
ก ก Tools and Techniques for Enterprise Risk Management (ERM) COSO ERM ISO ERM 31 2554 10:45 12:15.. 301, 302, 307 ก ก COSO Internal Control ERM Integrated Framework Application Technique ISO 31000 Guide
More informationApplying COSO s Enterprise Risk Management Integrated Framework. September 29, 2004
Applying COSO s Enterprise Risk Management Integrated Framework September 29, 2004 Today s organizations are concerned about: Risk Management Governance Control Assurance (and Consulting) ERM Defined:
More informationUnderstanding Enterprise Risk Management: An Overview
Understanding Enterprise Risk Management: An Overview 05/2016 What is Risk? An uncertain event It exists in the future Has a cause and effect Impacts objectives Its effect may be positive and/or negative
More informationRISK MANAGEMENT POLICY October 2015
RISK MANAGEMENT POLICY October 2015 1. INTRODUCTION 1.1 The primary objective of risk management is to ensure that the risks facing the business are appropriately managed. 1.2 Paringa Resources Limited
More informationPerpetual s Risk Management Framework
Perpetual s Risk Management Framework Perpetual s Risk Management Framework Context Perpetual Limited (Perpetual) is a diversified financial services firm, listed on the Australian Securities Exchange.
More informationRisk Management Policy & Procedures. Premier Ltd.
Risk Management Policy & Procedures Premier Ltd. [1] Risk management is attempting to identify and then manage threats that could severely impact the organization. Generally, this involves reviewing operations
More informationPolicy Number: 040 Risk Management August 2018
Policy Number: 040 Risk Management August 2018 Policy Details 1. Owner Manager, Business Services 2. Compliance is required by Staff, contractors and volunteers 3. Approved by The Commissioner 4. Date
More informationApproved by: Diocesan Council 17 December 2015
DIOCESAN COUNCIL POLICY 39 Risk Management Approved by: Diocesan Council 17 December 2015 1 PREAMBLE The Perth Diocesan Trustees under the authority of the Diocesan Trustees Statute 1952 have the responsibility
More informationRISK MANAGEMENT POLICY
AMTEK AUTO LIMITED RISK MANAGEMENT POLICY Introduction Oxford Dictionary defines the term risk as a chance or possibility of danger, loss, injury or other adverse consequences Risk management attempts
More informationMEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework
MEMORANDUM To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 Re: ERM Policy and Framework Executive Summary Attached are the draft Enterprise Risk Management
More informationRisk Management Policy and Framework
Risk Management Policy and Framework Risk Management Policy Statement ALS recognises that the effective management of risks is a fundamental component of good corporate governance and is vital for the
More informationPractical aspects of determining and applying a risk appetite for SMEs
Practical aspects of determining and applying a risk appetite for SMEs By Tim Timchur acis, Director, ActivePro Consulting Pty Ltd Important to determine appetite for risk before determining what risk
More informationEnergize Your Enterprise Risk Management
Energize Your Enterprise Risk Management Presented By Mark Caiazzo, CISA, CISM, CRISC Tammy Michaud, CPA May 15, 2017 Reviewed: Agenda Enterprise Risk Management Defined Benefits of ERM Key Components
More informationKidsafe NSW Risk Management Plan. August 2014
Kidsafe NSW Risk Management Plan August 2014 Document Control Document Approval Name & Position Signature Date Document Version Control Version Status Date Prepared By Comments Document Reviewers Name
More informationHSC Business Services Organisation Board
Paper BSO 25/2009 HSC Business Services Organisation Board Risk Management 1. Purpose of this report The purpose of this report is to brief the Board on the BSO Risk Management process. 2. Background HSC
More informationRisk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic
Document uncontrolled when printed Policy No. 14 Risk Management DOCUMENT CONTROL Version: Date approved by Board: On behalf of Board: Jack Wegman 17 March 2015 26 March 2015 Denis Moroney President Next
More informationRisk Management. Seminar June Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small
Risk Management Seminar June 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Defining Risk Risk reflects the chance that the actual event may be different than the planned / expected
More informationCORPORATE RISK MANAGEMENT POLICY
11/8/2017 INFORMAÇÃO INTERNA ÍNDICE 1 PURPOSE... 3 2 SCOPE... 3 3 REFERENCES... 3 4 CONCEPTS... 4 5 GUIDELINES... 6 6 RESPONSABILITIES... 8 7 CONTROL INFORMATION... 14 2 INFORMAÇÃO INTERNA 1 PURPOSE The
More informationWest Coast District Municipality. Risk Management Policy
West Coast District Municipality Risk Management Policy TABLE OF CONTENTS Page No. RISK MANAGEMENT POLICY 5 1. OVERVIEW 6 1.1. Policy Objective 6 1.2. Policy Statement 6 1.3. Risk Management Approach 6
More informationNagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0
Nagement Revenue Scotland Risk Management Framework Revised [ ]February 2016 Table of Contents Nagement... 0 1. Introduction... 2 1.2 Overview of risk management... 2 2. Policy Statement... 3 3. Risk Management
More informationENTERPRISE RISK MANAGEMENT (ERM) POLICY
ENTERPRISE RISK MANAGEMENT (ERM) POLICY November 2014 TABLE OF CONTENTS I. INTRODUCTION.... 3 A. Purpose... 3 B. Scope. 3 C. Enterprise Risk Management Vision 3 D. ERM Goals and Objectives. 4 II. RISK
More informationNagement. Revenue Scotland. Risk Management Framework
Nagement Revenue Scotland Risk Management Framework Table of Contents 1. Introduction... 2 1.2 Overview of risk management... 2 2. Policy statement... 3 3. Risk management approach... 4 3.1 Risk management
More informationRisk Management Framework. Metallica Minerals Ltd
Risk Management Framework Metallica Minerals Ltd Risk Management Framework 23 March 2012 Table of Contents Contents 1. Introduction... 3 2. Risk Management Approach... 3 3. Roles and Responsibilities...
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Assessment Part 2 2017 Association of Certified Fraud Examiners, Inc. Fraud Risk Assessment Frameworks Frameworks are helpful for performing, evaluating, and reporting
More informationPOLICY ON RISK MANAGMENET
1. INTRODUCTION CREST VENTURES LIMITED CIN: L99999MH1982PLC102697 (Formerly known as Sharyans Resources Limited) Registered Office: 04 th Floor, Kalpataru Heritage, 127, M.G.Road, Fort, Mumbai 400001 Website:
More informationBusiness Auditing - Enterprise Risk Management. October, 2018
Business Auditing - Enterprise Risk Management October, 2018 Contents The present document is aimed to: 1 Give an overview of the Risk Management framework 2 Illustrate an ERM model Page 2 What is a risk?
More informationBERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework
BERGRIVIER MUNICIPALITY Risk Management Risk Appetite Framework APRIL 2018 1 Document review and approval Revision history Version Author Date reviewed 1 2 3 4 5 This document has been reviewed by Version
More informationRISK MANAGEMENT POLICY VARDHMAN SPECIAL STEELS LIMITED
1 RISK MANAGEMENT POLICY OF VARDHMAN SPECIAL STEELS LIMITED (U/s 134 (3) (n) of the Companies Act, 2013 and Clause 49 (VI) of the Amended Listing Agreement) 1. PREFACE: Oxford Dictionary defines the term
More informationUNITED NATIONS JOINT STAFF PENSION FUND. Enterprise-wide Risk Management Policy
UNITED NATIONS JOINT STAFF PENSION FUND Enterprise-wide Risk Management Policy 15 April 2016 Page 1 Table of Contents Page Preface I. Introduction 3 II. Definition 4 III. UNSJFP Enterprise-wide Risk Management
More informationCertified Enterprise Risk Professional (CERP) Test Content Outline
Certified Enterprise Risk Professional (CERP) Test Content Outline SECTION 1: RISK GOVERNANCE Domain 1: Board and Senior Management Oversight (8%) Task 1: Provide relevant, timely, and accurate information
More informationRISK AND BUSINESS CONTINUITY MANAGEMENT
RISK AND BUSINESS CONTINUITY MANAGEMENT EFFECTIVE: 18 MAY 2010 VERSION: 1.4 FINAL Last updated date: 29 September 2015 Uncontrolled when printed 2 Effective: 18 May 2010 CONTENTS 1 POLICY STATEMENT...
More informationThere are many definitions of risk and risk management.
Definition of risk There are many definitions of risk and risk management. The definition set out in ISO Guide 73 is that risk is the effect of uncertainty on objectives. In order to assist with the application
More informationRisk Management Plan PURPOSE: SCOPE:
Management Plan Authority Source: Vice-Chancellor Approval Date: 16/05/2018 Publication Date: 17/05/2018 Review Date: 17/05/2021 Effective Date: 16/05/2018 Custodian: General Counsel and University Secretary
More informationProcedures for Management of Risk
Procedures for Management of Policy Sponsor: Name of Parent Policy: Policy Contact: Procedure Contact: Vice President Finance and Administration Enterprise Management Policy Vice President Finance and
More informationEscorts Limited. Risk Management Policy
Escorts Limited Risk Management Policy Version Effective From Approved By 1.0 25 05 2016 BOARD OF DIRECTORS 1 Table of Contents 1. Introduction 4 1.1 Preamble 4 1.2 Objective 4 1.3 Importance of Risk Management
More informationMINDA INDUSTRIES LIMITED RISK MANAGEMENT POLICY
` MINDA INDUSTRIES LIMITED RISK MANAGEMENT POLICY MINDA INDUSTRIES LIMITED RISK MANAGEMENT POLICY 1. Vision To develop organizational wide capabilities in Risk Management so as to ensure a consistent,
More informationRisk Management. Webinar - July 2017
Risk Management Webinar - July 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Adapted and Facilitated by: Professor Enslin J. van Rooyen Risk Management - June 2017 2 Defining Risk
More informationAn Update On Association Policies, Health Checks & Guidelines To A Safer Hockey Association. Lauren Woods Member Engagement & Operations
An Update On Association Policies, Health Checks & Guidelines To A Safer Hockey Association Lauren Woods Member Engagement & Operations Association Health Checks Issues arising from the health check: 3/27
More informationSenior Director, Fire Life Safety & Risk Management
Page 1 of 3 Enterprise Risk Management Policy Item 4 November 15, 2018 Building Investment, Finance and Audit Committee Report: To: From: BIFAC:2018-66 Building Investment, Finance and Audit Committee
More informationINTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS
Guidance Paper No. 2.2.x INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS GUIDANCE PAPER ON ENTERPRISE RISK MANAGEMENT FOR CAPITAL ADEQUACY AND SOLVENCY PURPOSES DRAFT, MARCH 2008 This document was prepared
More informationThirty-Second Board Meeting Risk Management Policy
Thirty-Second Board Meeting Risk Management Policy 00 Month 2014 Location, Country Page 1 Board Decision THE RISK MANAGEMENT POLICY Purpose: 1. This document, Risk Management Policy (), presents: i) a
More informationRISK MANAGEMENT. Budgeting, d) Timing, e) Risk Categories,(RBS) f) 4. EEF. Definitions of risk probability and impact, g) 5. OPA
RISK MANAGEMENT 11.1 Plan Risk Management: The process of DEFINING HOW to conduct risk management activities for a project. In Plan Risk Management, the remaining FIVE risk management processes are PLANNED
More informationENTERPRISE RISK MANAGEMENT (ERM) GOVERNANCE POLICY PEDERNALES ELECTRIC COOPERATIVE, INC.
1. Purpose: 1.1. Pedernales Electric Cooperative ( PEC ) is committed to delivering low-cost, reliable and safe energy solutions for the benefit of our members. In order to improve the likelihood of achieving
More informationDelivering Clarity to Credit Unions Through Expertise and Experience
Jeff Owen, The Rochdale Group September 2012 Delivering Clarity to Credit Unions Through Expertise and Experience Enterprise Risk Management Lending Execution and Risk Management Merger Strategy and Realization
More informationScouting Ireland Risk Management Framework
No. SID 124A/15 Gasóga na héireann/scouting Ireland Issued Amended 20 th June 2015 Deleted Source: National Management Committee Scouting Ireland Risk Management Framework Revision Date Description # 20/06/2015
More informationINTERNATIONAL AUDITING PRACTICE STATEMENT 1010 THE CONSIDERATION OF ENVIRONMENTAL MATTERS IN THE AUDIT OF FINANCIAL STATEMENTS
INTERNATIONAL AUDITING PRACTICE STATEMENT 1010 THE CONSIDERATION OF ENVIRONMENTAL MATTERS IN THE AUDIT OF FINANCIAL STATEMENTS (This Statement is effective) CONTENTS Paragraph Introduction... 1 12 Guidance
More informationIntroduction. The Assessment consists of: Evaluation questions that assess best practices. A rating system to rank your board s current practices.
ESG / Sustainability Governance Assessment: A Roadmap to Build a Sustainable Board By Coro Strandberg President, Strandberg Consulting www.corostrandberg.com November 2017 Introduction This is a tool for
More informationGarville Netball Club Inc
logo Garville Netball Club Inc RISK MANAGEMENT POLICY CONTENTS...1 INTRODUCTION...2 RESPONSIBILTY FOR RISK MANAGEMENT...3-4 POSSIBLE GENERIC SOURCES OF RISK AND THEIR AREAS OF IMPACT...5-6 DEFINITION OF
More informationINTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS
Guidance Paper No. 2.2.6 INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS GUIDANCE PAPER ON ENTERPRISE RISK MANAGEMENT FOR CAPITAL ADEQUACY AND SOLVENCY PURPOSES OCTOBER 2007 This document was prepared
More informationBournemouth Primary MAT Risk Management Policy
Bournemouth Primary MAT Risk Management Policy 1. Introduction The Bournemouth Primary Multi-Academy Trust (the Trust) operates a risk management system in order to identify and manage key exposures and
More informationBest Practices in ENTERPRISE RISK MANAGEMENT. [ Managing Risks Holistically ]
Best Practices in ENTERPRISE RISK MANAGEMENT [ Managing Risks Holistically ] INTRODUCTIONS MODERATOR: Bob Lipps, JD, CPA PANELISTS: Ron Wilcox Abel Pomar Karen Gordon, Esq. THE EVOLUTION OF RISK Traditional
More informationAPPENDIX 1. Transport for the North. Risk Management Strategy
APPENDIX 1 Transport for the North Risk Management Strategy Document Details Document Reference: Version: 1.4 Issue Date: 21 st March 2017 Review Date: 27 TH March 2017 Document Author: Haddy Njie TfN
More informationThe University of North Texas at Dallas Policy Manual Chapter
The University of North Texas at Dallas Policy Manual Chapter 12.000 12.004 Risk Management Campus Safety & Security Policy Statement. The University is committed to protecting and conserving university
More informationRisk Management Policy
Risk Management Policy Version: 3 Board Endorsement: 11 January 2014 Last Review Date: 3 January 2014 Next Review Date: July 2014 Risk Management Policy 1 Table of Contents 1 Introduction... 3 2 Overview...
More informationRisk Management Procedure
Risk Management Procedure 2017 Number: Date Written: Authorised by: Review Date: Version 4.0 15 December 2016 Bernie Wilson 30 December 2018 Contents Amendment and Review... 2 Document Control / Amendments...
More informationEnterprise Risk Management Integrated Framework
ISACA S IT Audit, Information Security & Risk Insights Africa 2014, Alisa Hotel Enterprise Risk Management Integrated Framework Tony Bediako May 20, 2014 Today s organizations are concerned about: Risk
More informationRISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS
RISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS Presenter CLAIRE GOMEZ MILLER CIA CRMA FCCA CA BOARD DIRECTOR/AUDITCOMMITTEE MEMBER UNITEDINDEPENDENT PETROLEUM MARKETING COMPANY LIMITED TRINIDAD AND TOBAGO
More informationENTERPRISE RISK MANAGEMENT Framework
STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES ENTERPRISE RISK MANAGEMENT Framework January 2018 Ce document est également disponible en français. Notice This document is intended as a reference tool
More informationSCCE 2012 COMPLIANCE & ETHICS INSTITUTE. Workshop Agenda
SCCE 2012 COMPLIANCE & ETHICS INSTITUTE October 14, 2012 l Las Vegas, NV Ethics & Compliance Risk Management 101: Program Essentials and Effective Practice Key Steps to Implementing and Championing an
More informationEnterprise Risk Management process at Dragon Oil
Enterprise Risk Management Risk Management Process Dragon Oil s business is potentially exposed to different risks. However, some business risks can be accepted by the Group provided that acceptance of
More informationRISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS
RISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS Presenter CLAIRE GOMEZ MILLER CIA CRMA FCCA CA BOARD DIRECTOR/AUDIT COMMITTEEMEMBER UNITEDINDEPENDENTPETROLEUM MARKETINGCOMPANYLIMITED TRINIDAD AND TOBAGO
More informationHazard Identification, Risk Assessment and Control Procedure
Hazard Identification, Risk Assessment and Control Procedure 1. Purpose To ensure that there is a formal process for hazard identification, risk assessment and control to effectively manage workplace and
More informationRisk Management at Central Bank of Nepal
Risk Management at Central Bank of Nepal A. Introduction to Supervisory Risk Management Framework in Banks Nepal Rastra Bank(NRB) Act, 2058, section 35 (a) requires the NRB management is to design and
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company s risk management framework is an important tool to guide the organisation towards achieving
More informationI would like to thank the following organizations for sponsoring the course, which allows their employees/members to have the registration fee waived:
Presented by: Erike Young, MPPA, CSP, ARM 1 I would like to thank the following organizations for sponsoring the course, which allows their employees/members to have the registration fee waived: University
More informationPolicy No. Contact Brian Orpin Version 3.0 Issue Date 28/11/2014 Telephone Review Date IA Date 09/08/2013
Information Governance Management of Risk Policy Policy No. Contact Brian Orpin Version 3.0 Email Brian.orpin@nhs.net Issue Date 28/11/2014 Telephone 0131 314 5360 Review Date IA Date 09/08/2013 Change
More informationEvery project is risky, meaning there is a chance things won t turn out exactly as planned.
PMBOK 5 Ed. DEI- Every project is risky, meaning there is a chance things won t turn out exactly as planned. percent of runaway projects Did no risk management at all 38 percent did some, and 7 percent
More information1st Capacity Building Seminar on Enterprise Risk Management
1st Capacity Building Seminar on Enterprise Risk Management Hotel Sea Princess, Mumbai 10 th August 2018 ERM as a Business Enabler N K V Roop Kumar, EVP, Chief of Risk, Info & Cyber Security Management,
More informationSOLID GROUP INC. ENTERPRISE RISK MANAGEMENT POLICY
SOLID GROUP INC. ENTERPRISE RISK MANAGEMENT POLICY SECTION 1. PURPOSE This Policy establishes the standards, processes and accountability structure to identify, assess, prioritize and manage key risk exposures
More informationPRACTICE NOTE 1010 THE CONSIDERATION OF ENVIRONMENTAL MATTERS IN THE AUDIT OF FINANCIAL STATEMENTS
PRACTICE NOTE 1010 THE CONSIDERATION OF ENVIRONMENTAL MATTERS IN THE AUDIT OF FINANCIAL STATEMENTS (Issued December 2003; revised September 2004 (name change)) PN 1010 (September 04) PN 1010 (December
More informationEnterprise Risk Management Focusing on the Right Risks
2014 CliftonLarsonAllen LLP Enterprise Risk Management Focusing on the Right Risks VGFOA 2015 Fall Conference October 22, 2015 CLAconnect.com Session Objectives 1.Identify factors driving the need for
More informationM_o_R (2011) Foundation EN exam prep questions
M_o_R (2011) Foundation EN exam prep questions 1. It is a responsibility of Senior Team: a) Ensures that appropriate governance and internal controls are in place b) Monitors and acts on escalated risks
More informationIntroduction. The Assessment consists of: A checklist of best, good and leading practices A rating system to rank your company s current practices.
ESG / CSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting www.corostrandberg.com September 2017 Introduction This ESG / CSR / Sustainability Governance
More informationEnterprise Risk Management Program
Enterprise Risk Management Program David W Sundvall, Risk Manager 3/2/2016 Page 0 of 12 Table of Contents Introduction... 2 Approach... 2 Risk Appetite... 3 Roles and Responsibilities... 3 Process... 4
More informationHUBTOWN LIMITED REVISED RISK MANAGEMENT POLICY. (Effective from December 1, 2015)
HUBTOWN LIMITED REVISED RISK MANAGEMENT POLICY (Effective from December 1, 2015) HUBTOWN LIMITED REVISED RISK MANAGEMENT POLICY TABLE OF CONTENTS SR. NO. PARTICULARS PAGE NO. 1. Introduction 1 2. Preamble
More informationKnowledge, Certification, Networking
www.iacpe.com Knowledge, Certification, Networking Page :1 of 80 Rev 01 August 2016 IACPE No 19, Jalan Bilal Mahmood 80100 Johor Bahru Malaysia The of is providing the introduction to the Training Module
More informationGOV : Enterprise Risk Management Policy
Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management GOV-080-005: Enterprise Risk Management Policy Draft Date: November 2006; January 2012 Revised
More informationBusiness Continuity Management and ERM
Business Continuity Management and ERM Partnership for Emergency Planning Kansas City Marshall Toburen GRC Strategist ERM, ORM, 3PM RSA A division of EMC 2 June 18, 2014 1 Agenda Intro State of ERM Today
More informationFirst Informal Consultation on ERM Policy. 24 th July 2018
First Informal Consultation on ERM Policy 24 th July 2018 Agenda Introduction Interaction of 1 st / 2 nd Lines of Defense Risk Categories and Appetite Statements 2 nd Line Functional Risk Leads - examples
More informationCriteria for Establishing Objectives & Targets
Impacts and Hazards Projects Alignment Process Criteria for Establishing Objectives & Targets Legal & Other Requirements Legal & Other Requirements 2 14 Technological Options 1 1 2 1 8 Financial 1 1 1
More informationRisk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY
NHS Education for Scotland RISK MANAGEMENT STRATEGY January 2016 1 Contents 1. NES STATEMENT ON RISK MANAGEMENT 2 RISK MANAGEMENT STRATEGY 3 RISK MANAGEMENT STRUCTURES 4 RISK MANAGEMENT PROCESSES 5 RISK
More informationEnterprise Risk Management Sources. Universe. Tolerance. Appetite
Sources. Universe. Tolerance. Appetite Presentation Made at the ICPAK ERM Conference Wednesday, 20 th March 2013 Hilton Hotel, Nairobi Kenya Jona Owitti, CISA (jona.owitti@yahoo.com) Membership Director
More informationRISK REGISTER POLICY AND PROCEDURE
RISK REGISTER POLICY AND PROCEDURE Lead Manager: Head of Clinical Governance Responsible Director: Board Medical Director Approved by: Date Approved: Date for Review: Feb 2012 Replaces Version: 1.0 Page
More informationControlling Risk Ranking Variability Using a Progressive Risk Registry
Controlling Risk Ranking Variability Using a Progressive Risk Registry 32nd Annual National VPPPA Safety & Health Conference/Expo September 1, 2016 Agenda What is a Progressive Risk Registry? How does
More informationSecurity Risk Management
Security Risk Management Related Chapters Chapter 53: Risk Management Also Chapter 32 Security Metrics: An Introduction and Literature Review Chapter 62 Assessments and Audits 2 Definition of Risk According
More informationRisk Management Strategy (To be read in conjunction with strategic risk register)
Risk Management Strategy (To be read in conjunction with strategic risk register) Page 1 Background The Risk Management Strategy aims to ensure that TGAT complies with risk management best practice as
More information0470_022817_03_chap01.fm Page 11 Wednesday, September 8, :29 PM. Part I The basics of project risk management
0470_022817_03_chap01.fm Page 11 Wednesday, September 8, 2004 3:29 PM Part I The basics of project risk management 0470_022817_03_chap01.fm Page 12 Wednesday, September 8, 2004 3:29 PM 0470_022817_03_chap01.fm
More informationRisk Management Policy Adopted by:
Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009
More informationDocumentation Control. Hazard Identification, Risk Assessment and Management Procedure. (This document is linked GG/CM/007- Risk Management Policy)
Documentation Control Reference: Date approved: 24 November 2016 Approving Body: (This document is linked GG/CM/007- Risk Management Policy) Trust Board (Medical Director) Implementation Date: 24 November
More information28 July May October 2016
Policy Name Risk Management Policy & Procedure Related Policies and Legislation AISWA Guidelines Risk Management Policy Category Planning & Management Relevant Audience Date of Issue / Last Revision All
More information