Best Practices in ENTERPRISE RISK MANAGEMENT. [ Managing Risks Holistically ]
|
|
- Jeffrey Moody
- 5 years ago
- Views:
Transcription
1
2 Best Practices in ENTERPRISE RISK MANAGEMENT [ Managing Risks Holistically ]
3 INTRODUCTIONS MODERATOR: Bob Lipps, JD, CPA PANELISTS: Ron Wilcox Abel Pomar Karen Gordon, Esq.
4 THE EVOLUTION OF RISK
5 Traditional definitions: RISK The possibility that something bad or unpleasant will happen. [ Merriam-Webster ] Minimizing the adverse effects of accidental losses. [ The Institutes ]
6 Broadened definitions: RISK The effect of uncertainty on objectives. [ ISO ] Coordinated activities to direct and control an organization with regard to risk. [ ISO ]
7 TRADITIONAL RISK MANAGEMENT APPROACH
8 THE NEW VIEW OF RISK RISK can be a threat or an opportunity. Risk = Any uncertainty that can harm, prevent, delay, or enhance an organization s ability to achieve objectives.
9 Risk Treatment Strategies RISK Avoid Mitigate Transfer Retain/Accept Exploit
10 T H E C H A N G I N G F O C U S O F R I S K M A N A G E M E N T T R A N S A C T I O N A L Historic Risk Management Insurance Specific hazards No compliance input Separate safety & emergency management Silo approach Risk Manager = insurance buyer I N T E G R A T E D Advanced Risk Management Alternative risk transfer techniques Proactive prevention & risk reduction Integrated approach to claims, contracts, insurance, etc. Increased education & accountability Collaboration across departments Risk Manager may be the risk owner S T R A T E G I C Enterprise-Wide Risk Management Broad range of risks analyzed Combination of risk mitigation and opportunities ERM alignment with strategy Helps manage growth, allocate capital & resources Risks owned by SME s Greater availability of risk mitigation and analytical tools Risk Manager = risk moderator, partner, leader; not the owner of every risk Risk is bad focus is on transferring risk Risk is an expense focus is on reducing cost-of-risk Risk is uncertainty focus is on optimizing risk to achieve goals
11 WHAT IS ENTERPRISE RISK MANAGEMENT (ERM)? The Risk and Insurance Management Society defines ERM as: A strategic business discipline that supports the achievement of an organization s objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio.
12 ENTERPRISE RISK MANAGEMENT (ERM) Types of Questions to Ask What would cause us to be unable to achieve our objectives or allow us to operate according to our values? Describe a scenario of what could go wrong and how we would respond today? What controls are currently in place? What should be done better? What risks should we consider over the next months? What risks will be important for our sustainability ten years from now? How severe can the risk be and what is the likelihood of it occurring? What are the consequences to your organization if the risk occurs? What are the early warning signs that the risk may occur?
13 A HOLISTIC APPROACH TO MULTIFACETED RISKS, ERM Arms leaders with consolidated information to improve decision-making. Organizes risk information from across the organization. Involves creating a culture of risk management and risk ownership. Recognizes that one person alone cannot own every risk.
14 WHAT DOES ERM DO? In a nutshell, ERM is a process that: Identifies Evaluates Mitigates Assigns risk ownership and accountability Monitors risk mitigation strategies Reports to leadership potential and emerging risks to the organization and promotes a culture of risk awareness.
15 Scan Organizational Environment Enterprise Risk Management Framework and Process Model Top Leadership, Risk Appetite, & Accountability Monitor Risks; Assure Compliance & Continued Alignment with ABS Objectives. Revisit Mitigation Strategy, if needed [with legal & SLT] [Risk management w/ internal audit] Identify Risks & Risk Owners [w/ Business Managers] Align and Embed in Culture Mitigate or Eliminate Risks [w/ Business Managers & Others] Analyze Risks [w/ Business Operations & Risk Management/Legal] SWOT Analysis = Framework = Process = Recurring process Communications & Reporting to Stakeholders & Top Management Audit When Critical Risks Identified Resource Allocation
16 Governance Corporate Strategy C-Suite Examples of how Organizational Operations Relate to Enterprise Risk Management (ERM) Compliance Legal Finance Internal Audit Strategic Planning Corporate Strategy C-Suite Managers ERM Business Operations Managers Staff Performance Management HR Managers Staff Internal Control C-Suite Internal Audit Legal Risk Management Legal Internal Audit Process Management C-Suite Managers
17 ROLE OF THE ENTERPRISE RISK MANAGER OR CHIEF RISK OFFICER (CRO) To create a risk aware culture; To ensure ERM activities are aligned with mission objectives; To bring consideration of risk into strategic decision-making; To develop a center of excellence for managing risk, drawing on the expertise of SME s, who, in turn, are similar to risk managers for their unique areas; To facilitate and coordinate holistic risk management; To communicate clearly to stakeholders; and To be advisor and partner to other executives and managers.
18 WHY IS ENTERPRISE RISK MANAGEMENT IMPORTANT? 1. All organizations exist to achieve their objectives. 2. Many internal and external factors affect those objectives, causing uncertainty about whether the organization will achieve them. 3. The effect this uncertainty has on an organization s goals is risk.
19 WHY IS ENTERPRISE RISK MANAGEMENT IMPORTANT? 1. All organizations exist to achieve their objectives. 2. Many internal and external factors affect those objectives, 3. The effect this uncertainty has In summary, the holistic management of risk is on an organization s central to the success causing of all organizations. goals is risk. uncertainty about whether the organization will achieve them.
20 THREE LEVELS OF ERM IMPACT Strategic Operational Decision- Making
21 ERM IMPLEMENTATION PROCESS Design ERM Framework. Equip ERM Committee. Perform Initial Assessment. Assign Ownership. Develop Treatment Plans. Plan Data and Workflow Management. Set Procedures for Strategy & Decisions. Develop Reporting & Accountability.
22
23 ENTERPRISE RISK MANAGEMENT (ERM) Phase I Phase II Phase III Phase IV Advance Preparation Risk Identification / Assessment Process Data Analysis Risk Drill-Down
24 ENTERPRISE RISK MANAGEMENT (ERM) Phase I Phase II Phase III Phase IV Advance Preparation Risk Identification / Assessment Process Data Analysis Risk Drill-Down Develop initial risk profile with help from a professional Prepare a risk survey questionnaire Compile information from the questionnaire Prepare additional information as required
25 ENTERPRISE RISK MANAGEMENT (ERM) Phase I Phase II Phase III Phase IV Advance Preparation Risk Identification / Assessment Process Data Analysis Risk Drill-Down Identify key risks Prioritize risks Rate likelihood of severity for top risks Assess current risk management controls for key risks Discuss aggravating and mitigating risk factors Identify risk owners Develop potential action plan
26 RISK IDENTIFICATION & ASSESSMENT PROCESS Rating Criteria: Severity, Likelihood, and Manifestation Ratings Score Severity Description Likelihood Description Manifestation 1 Minimal significance 1 event per 10 years Greater than 5 years 2 Somewhat significant 1 event per 5 years Between 4 and 5 years 3 Significant 1 event per 2 years Between 3 and 4 years 4 Very significant 1 event per year Between 1 and 3 years 5 Extremely significant Regularly occurring Less than 1 year Your ministry Top Risks and Owners Risk Severity Likelihood Manifestation Total Meet Healthcare Needs Donor Longevity/Commitment Maintain Mission/Vision Having Quality Staff Manage Data Systems Legal Compliance Insufficient Funding Competition with Others Risk Description Current Risk Owner(s) Current Risk Management Activities Future Action Plan New Risk Owner(s) Legal Compliance Meeting Healthcare Needs Having Quality Staff Maintain Mission/Vision Competition GC/CFO VP HR VP HR CEO CEO/COO
27 ENTERPRISE RISK MANAGEMENT (ERM) Phase I Phase II Phase III Phase IV Advance Preparation Risk Identification / Assessment Process Data Analysis Risk Drill-Down You should prepare a summary of findings/results of activities from Phase II, including: Executive Summary Identified Risks Risk Ratings Proposed Action Plan
28 ENTERPRISE RISK MANAGEMENT (ERM) Phase I Phase II Phase III Phase IV Advance Preparation Risk Identification / Assessment Process Data Analysis Risk Drill-Down Specific risk areas may need to be further addressed
29 LOWER OVERALL COST OF RISK Remember to follow the ERM process Identify & Prioritize Risks Proactively manage risks through risk owners/managers Integrate risk management into the overall business plan
30 ERM INTEGRATED INTO EXISTING BUSINESS PRACTICES ERM becomes incorporated into: The Organization s Culture Strategic Planning Quality Improvement Budgeting Employee Engagement Committee Structure Decision-Making
31 ERM IMPLEMENTATION IN ACTION
32 Evangelical Christian Credit Union Abel Pomar President, Chief Executive Officer
33 RISK PHILOSOPHY We strive to do the right thing as we seek to fully understand and manage risk in the pursuit of value for our members. This is an ongoing process, where everyone in the organization is responsible for understanding and managing risk.
34 Credit Interest Rate Liquidity Operational Compliance Concentration Market Strategic Reputational TOOLS USED Risk Matrix Enterprise Risk Management Committee KRI/KPI Reporting System Business Area Membership Funding Sources Sub-Business Area Risk Ratings Ministry L L L L L M M H M Small Business L L L M L L M H L Consumer M L L L L L M H M Foreign Small Business Insured Deposits L L L L L L L M L Small Business Uninsured Deposits L L L L L L L L L Consumer Insured Deposits L L L L L L H H L Consumer Uninsured Deposits L L L L L L L L L MBL Participations M L M M L L L M M CU Certificates L L L L L H L L L
35 OBSERVABLE OUTCOMES Improved Business Monitoring Stronger Business Processes Intentional Focus for Strategic Planning Improved Business Prioritization Minimizes Financial Losses for the Organization Identifying Emerging Risks
36 Samaritan s Purse Ron Wilcox Chief Operating Officer
37 KEY ELEMENTS OF THE PROCESS Establishment of leadership groups, ground rules and commitment to process Identification of risks and contributing factors Leadership to agree and rank major risks and assign owners Risk owners develop written goals and plans for addressing risks Review and approval of goals and plans by CEO, reporting to board for oversight Communication and implementation Monitoring and reporting
38 HISTORY OF RISK MANAGEMENT AT SAMARITAN S PURSE Step 1 Director Group Meetings: This group s task is to take information identifying ministry risks from past RM efforts, updated submissions by the SP VPs, and their own lists of ministry risks; review and discuss it all, and consolidate it into one list of ministry risks. Each member of the group must agree on or support each risk in order for it to remain on the list. The Director Group met multiple times, in person and via exchanges, during April and May to discuss and clarify the nature of each risk and the factors contributing to the risks; and to compile a final Risk List.The Director Group finalized the Risk List and forwarded to the COO for distribution to the VP Group.
39 HISTORY OF RISK MANAGEMENT AT SAMARITAN S PURSE Step 2 - Continued Meetings with VP Group VP Group Tasks:1st task go through the list, score and plot each risk on a scale. The parameters for each risk are Likelihood of Occurrence and Severity of Impact. 2nd task assign individual risks to owners. The owner of each risk should be the Operational Department that has the greatest ability to manage the risk in question. Some risk owners acknowledge collaborative efforts with other departments, but for accountability purposes, each risk needs one designated owner.3rd task each risk owner develops a Summary Risk Management Plan for each risk it owns. These plans answer the question of how do you go about addressing this risk if you are its owner. Each owner turned in their plans.
40 HISTORY OF RISK MANAGEMENT AT SAMARITAN S PURSE Step 3: RM list and plans are presented to senior leadership. Appropriate revisions are made and decision is finalized to move forward with full support. Step 4: Quarterly meetings are calendared with all staff who were involved in the process. At the meetings, risk owners present their plans and give updates on their process to the group. Accountability remains with the group, with oversight by the COO.
41 Severity of Impact RISK MAPPING Risk Map 5 Extreme #4 Reputation -2.6, #8 Mission Focus -2.2, #1 Cybersecurity-4.2, #5 Workplace Safety -2.8, #7 Major Crisis2.6, Very High #12 Insurance,2.6,3.8 #11 Vendor Instability 2.8, #2 Hiring Difficulty-4.4, #10 Theft and Fraud -3.2, #9 Volunteer Issues -3.4,3.2 #6 Communication-3.8,3.2 #3 Bureaucracy-4.6,3.2 Moderate #13 Training Low Negligible Rare Unlikely Moderate Almost Certain Likely Likelihood of Occurrence
42 CREATION OF RISK MANAGEMENT SYNOPSIS Risk Management Synopsis Ranking Risk Title Assigned Owner 1 Cyber-Security threats Information Technology 2 Hiring or placing qualified candidates in necessary positions Human Resources 3 4 Avoidance of procedures or "work - around" actions by staff to get their work done Damage to the ministry s reputation significantly erodes donor support. COO/ Legal Quality Control/ Donor Ministries 5 Workplace safety and security threats, including physical threats to employees and facilities, domestic and international. Security
43 OVERVIEW OF OUR ERM APPROACH We recommend an approach that focuses on a culture of risk management within the organization: Both a top down and bottom up enculturated in all team members. Oversight by the board. Monitoring and accountability owned by the CEO. Ownership at the VP level. Training and development of a process that includes intentional identification, consideration and documentation of all risks and priorities that can be insured, mitigated, accepted, or eliminated. Quarterly review and update by risk owners. Quarterly coordination between risk owners and COO. Periodic review and advice by subject matter experts.
44 American Bible Society Karen Gordon, Esq. Director of Enterprise Risk Management & Compliance
45 ERM IMPLEMENTATION AT ABS Nascent Stage C-suite Support Critical Obtaining C-suite buy-in Combination of Business Continuity Planning & ERM Capitalizing on similarities Volunteer test group Track investment of time and people Process overview and outcomes to C-suite
46 BUSINESS CONTINUITY
47 BCP & ERM COMMONALITIES Critical Typically led by Risk Management Highly recommended Must be done Legal involvement Risk assessment Vital to sustainability BCP Ensures Mission Continuance Far reaching consequences if not done right Centrally managed but individual risk owners Business impact analysis Should be done Promotes strategic alignment with mission ERM
48 TIMELINE Enterprise Risk Management Disaster Recovery Business Continuity Pre-incident Immediate Incident Response Post Disaster Recovery (Hours) Post Disaster Operations and Restoration (days to weeks) Resumption of Business (on-site and/org alternate site) Disaster Strikes
49 SAMPLE RISK INVENTORY LOG Risk Category Sub-Category Risk Element Risk Tolerance Likelihood (L) INHERENT RISK Impact (I) Severity (LxI) Risk Response Risk Response Tactics Value of Response Tactics Residual Risk Further Action Required & Plan Risk Ownership Status Operational Technology System outages Mitigate System monitoring; service level agreements; back-up & recovery procedures; system testing; database mirroring; firewalls. Uninterruptable power supply. Moderate. (7) 18Institute rigorous testing of recovery procedures CTO Monitor Operational Personnel Attracting & retaining qualified staff Mitigate Performance evaluations; HR development & training; hiring criteria; compensation plans. High (8) 12SLT approval of risk SVP, HR Monitor
50
51 CASE STUDY THE PROCESS Tables identified by name of department: Human Resources Legal Risk Management IT Internal Audit Finance Attendees collaborate in identifying and addressing issues.
52 CASE STUDY THE PLAYERS
53
54
Energize Your Enterprise Risk Management
Energize Your Enterprise Risk Management Presented By Mark Caiazzo, CISA, CISM, CRISC Tammy Michaud, CPA May 15, 2017 Reviewed: Agenda Enterprise Risk Management Defined Benefits of ERM Key Components
More informationUnderstanding Enterprise Risk Management: An Overview
Understanding Enterprise Risk Management: An Overview 05/2016 What is Risk? An uncertain event It exists in the future Has a cause and effect Impacts objectives Its effect may be positive and/or negative
More informationD7 Risk Management Policy
D7 Risk Management Policy Purpose and scope The aim of Kelda s policy is to establish and embed effective risk management in normal business process and culture. This will improve Kelda s ability to predict
More informationENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals
Purpose This Enterprise Risk Management Policy (the ERM policy) provides the framework for managing risks across ( RGHC or the Company ). It contains the policies to guide employees, management and the
More information1st Capacity Building Seminar on Enterprise Risk Management
1st Capacity Building Seminar on Enterprise Risk Management Hotel Sea Princess, Mumbai 10 th August 2018 ERM as a Business Enabler N K V Roop Kumar, EVP, Chief of Risk, Info & Cyber Security Management,
More informationRisk Management Framework
Risk Management Framework Anglican Church, Diocese of Perth November 2015 Final ( Table of Contents Introduction... 1 Risk Management Policy... 2 Purpose... 2 Policy... 2 Definitions (from AS/NZS ISO 31000:2009)...
More informationก ก Tools and Techniques for Enterprise Risk Management (ERM)
ก ก Tools and Techniques for Enterprise Risk Management (ERM) COSO ERM ISO ERM 31 2554 10:45 12:15.. 301, 302, 307 ก ก COSO Internal Control ERM Integrated Framework Application Technique ISO 31000 Guide
More informationRisk Management Policy and Framework
Risk Management Policy and Framework Risk Management Policy Statement ALS recognises that the effective management of risks is a fundamental component of good corporate governance and is vital for the
More informationWhat Is Enterprise Risk Management?
What Is Enterprise Risk Management? April 24, 2006 Marty Przygoda AVP, Enterprise Risk Management 2002 Allstate Insurance Company Before we start talking about ERM, it might be helpful to know who we are...
More informationRisk Management Strategy
Risk Management Strategy 2016 2019 Version: 6 Policy Lead/Author & Deputy Director of Quality position: Ward / Department: Nursing Directorate Replacing Document: Version 5 Approving Committee Quality
More informationENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework
ENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework ENTERPRISE RISK MANAGEMENT (ERM) ERM Definition The Conceptual Frameworks: CAS and COSO Risk Categories Implementing ERM Why ERM? ERM Maturity
More informationOMB Update Enterprise Risk Management. April, 2018
OMB Update Enterprise Risk Management April, 2018 1 Current Risk Environment Facing Federal Government The Federal government is facing greater change than at any other point in time Current budget realities
More informationPractical aspects of determining and applying a risk appetite for SMEs
Practical aspects of determining and applying a risk appetite for SMEs By Tim Timchur acis, Director, ActivePro Consulting Pty Ltd Important to determine appetite for risk before determining what risk
More informationApproved by: Diocesan Council 17 December 2015
DIOCESAN COUNCIL POLICY 39 Risk Management Approved by: Diocesan Council 17 December 2015 1 PREAMBLE The Perth Diocesan Trustees under the authority of the Diocesan Trustees Statute 1952 have the responsibility
More informationRisk Management Policy Adopted by:
Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009
More informationM_o_R (2011) Foundation EN exam prep questions
M_o_R (2011) Foundation EN exam prep questions 1. It is a responsibility of Senior Team: a) Ensures that appropriate governance and internal controls are in place b) Monitors and acts on escalated risks
More informationBERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework
BERGRIVIER MUNICIPALITY Risk Management Risk Appetite Framework APRIL 2018 1 Document review and approval Revision history Version Author Date reviewed 1 2 3 4 5 This document has been reviewed by Version
More informationAlexander Hamilton Best Practices Summit. USAA Enterprise Risk Management
BUSINESS FINANCIAL OPERATIONAL Alexander Hamilton Best Practices Summit USAA Enterprise Risk Management Chris Mandel, CCSA, CPCU, ARM, AVP, Enterprise Risk Management Chris.mandel@usaa.com 210-498-0825
More informationDelivering Clarity to Credit Unions Through Expertise and Experience
Jeff Owen, The Rochdale Group September 2012 Delivering Clarity to Credit Unions Through Expertise and Experience Enterprise Risk Management Lending Execution and Risk Management Merger Strategy and Realization
More informationGOV : Enterprise Risk Management Policy
Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management GOV-080-005: Enterprise Risk Management Policy Draft Date: November 2006; January 2012 Revised
More informationEnterprise Risk Management Program
Enterprise Risk Management Program David W Sundvall, Risk Manager 3/2/2016 Page 0 of 12 Table of Contents Introduction... 2 Approach... 2 Risk Appetite... 3 Roles and Responsibilities... 3 Process... 4
More informationMEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework
MEMORANDUM To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 Re: ERM Policy and Framework Executive Summary Attached are the draft Enterprise Risk Management
More informationExecutive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B
Executive Board Annual Session Rome, 25 28 May 2015 POLICY ISSUES Agenda item 5 For approval ENTERPRISE RISK MANAGEMENT POLICY E Distribution: GENERAL WFP/EB.A/2015/5-B 10 April 2015 ORIGINAL: ENGLISH
More informationEnhanced Cyber Risk Management Standards. Advance Notice of Proposed Rulemaking
Draft 11/29/16 Enhanced Cyber Risk Management Standards Advance Notice of Proposed Rulemaking The left column in the table below sets forth the general concepts that the federal banking agencies are considering
More informationExcellence in Risk Management via Enterprise Risk Management. Presentation to: Audit Committee Ashok K. Roy, Ph.D., CIA, CFSA, CBA September 18, 2015
Excellence in Risk Management via Enterprise Risk Management Presentation to: Audit Committee Ashok K. Roy, Ph.D., CIA, CFSA, CBA September 18, 2015 We need to migrate to ERM for holistic view of Risks.
More informationRisk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic
Document uncontrolled when printed Policy No. 14 Risk Management DOCUMENT CONTROL Version: Date approved by Board: On behalf of Board: Jack Wegman 17 March 2015 26 March 2015 Denis Moroney President Next
More informationUNITED NATIONS JOINT STAFF PENSION FUND. Enterprise-wide Risk Management Policy
UNITED NATIONS JOINT STAFF PENSION FUND Enterprise-wide Risk Management Policy 15 April 2016 Page 1 Table of Contents Page Preface I. Introduction 3 II. Definition 4 III. UNSJFP Enterprise-wide Risk Management
More informationJeffrey A. Slotnick CPP, PSP Ron Worman, The Sage Group The ESRM Commission
1 E N T E R P R I S E S E C U R I T Y R I S K M A N A G E M E N T : A N I N T R O D U C T I O N A N D P R O B L E M B A S E D E X E R C I S E Jeffrey A. Slotnick CPP, PSP Ron Worman, The Sage Group The
More informationApplying COSO s Enterprise Risk Management Integrated Framework
Applying COSO s Enterprise Risk Management Integrated Framework COSO COSO stands for the Committee Of Sponsoring Organizations of the Treadway Commission. The sponsoring organizations are: Institute of
More informationAn Introductory Presentation for ECU Staff
Risk Management at ECU An Introductory Presentation for ECU Staff Phillip Draber Manager, Risk and Assurance Outcomes By the end of this session you should: Be able to complete and document risk management
More informationINTERNAL AUDIT AND OPERATIONAL RISK T A C K L I N G T O D A Y S E M E R G I N G R I S K S T O G E T H E R
INTERNAL AUDIT AND OPERATIONAL RISK T A C K L I N G T O D A Y S E M E R G I N G R I S K S T O G E T H E R Operational Risk Management Today Companies are struggling to obtain a holistic view of risk and
More informationEnterprise Risk Management: A Practical Approach
Enterprise Risk Management: A Practical Approach Presented by: Ellen M. Labita, CPA, Partner, Not-for-Profit Services Baker Tilly Virchow Krause, LLP Ellen.Labita@bakertilly.com 631-719-3232 Agenda Overview
More informationApplying COSO s Enterprise Risk Management Integrated Framework. September 29, 2004
Applying COSO s Enterprise Risk Management Integrated Framework September 29, 2004 Today s organizations are concerned about: Risk Management Governance Control Assurance (and Consulting) ERM Defined:
More informationFIRMA Nashville Tennessee April 21, 2015
FIRMA Nashville Tennessee April 21, 2015 Brian J. Pinkerton T. Kevin Whalen Enterprise risk management (ERM) is the process of planning, organizing, leading, and controlling the activities of an organization
More informationJourney of a Compliance Officer in ERM Implementation. SCCE Regional Conference September 8, Introduction
Journey of a Compliance Officer in ERM Implementation SCCE Regional Conference September 8, 2017 1 Introduction Is there a formal ERM program within your institution? Is their alignment/coordination between
More informationBusiness Auditing - Enterprise Risk Management. October, 2018
Business Auditing - Enterprise Risk Management October, 2018 Contents The present document is aimed to: 1 Give an overview of the Risk Management framework 2 Illustrate an ERM model Page 2 What is a risk?
More informationCITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY GROUP RISK AND ASSURANCE SERVICES GROUP RISK MANAGEMENT POLICY
CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY Effective Date 1 July 2015 TABLE OF CONTENTS 1. POLICY STATEMENT... 3 2. POLICY CONTEXT... 4 3. PURPOSE... 5 4. POLICY SCOPE AND APPLICATION... 6 5. RISK
More informationRisk Management. Webinar - July 2017
Risk Management Webinar - July 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Adapted and Facilitated by: Professor Enslin J. van Rooyen Risk Management - June 2017 2 Defining Risk
More informationProcedure: Risk management
Procedure: Risk management Purpose To outline the procedures involved for identification, assessment and management of risks. Procedure Introduction 1. This procedure outlines the University s Risk Awareness
More informationRisk Management. Seminar June Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small
Risk Management Seminar June 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Defining Risk Risk reflects the chance that the actual event may be different than the planned / expected
More information7/25/2013. Presented by: Erike Young, MPPA, CSP, ARM. Chapter 2. Root Cause Analysis
Presented by: Erike Young, MPPA, CSP, ARM 1 Chapter 2 Root Cause Analysis 1 Introduction to Root Cause Analysis Root Cause The event or circumstance that directly leads to an occurrence Root Cause Analysis
More informationThe Components of a Sound Emerging Risk Management Framework
North American CRO Council The Components of a Sound Emerging Risk Management Framework December 6, 2012 2012 North American CRO Council Incorporated chairperson@crocouncil.org North American CRO Council
More informationTONGA NATIONAL QUALIFICATIONS AND ACCREDITATION BOARD
TONGA NATIONAL QUALIFICATIONS AND ACCREDITATION BOARD RISK MANAGEMENT FRAMEWORK 2017 Overview Tonga National Qualifications and Accreditation Board (TNQAB) was established in 2004, after the Tonga National
More informationGuide to an ERM Risk Map and Working in Practice
Guide to an ERM Risk Map and Working in Practice Edith Pfister Chief Financial Officer & Chief Risk Officer RGA Reinsurance Company of Australia Ltd 2 nd ASHK Risk Management Regional Conference, February
More informationRISK MANAGEMENT POLICY October 2015
RISK MANAGEMENT POLICY October 2015 1. INTRODUCTION 1.1 The primary objective of risk management is to ensure that the risks facing the business are appropriately managed. 1.2 Paringa Resources Limited
More informationRisk Management at Central Bank of Nepal
Risk Management at Central Bank of Nepal A. Introduction to Supervisory Risk Management Framework in Banks Nepal Rastra Bank(NRB) Act, 2058, section 35 (a) requires the NRB management is to design and
More informationSenior Director, Fire Life Safety & Risk Management
Page 1 of 3 Enterprise Risk Management Policy Item 4 November 15, 2018 Building Investment, Finance and Audit Committee Report: To: From: BIFAC:2018-66 Building Investment, Finance and Audit Committee
More informationEnterprise Risk Management for Water Utilities. Justin Carlton, CMA, MBA Financial Analyst Tualatin Valley Water District
Enterprise Risk Management for Water Utilities Justin Carlton, CMA, MBA Financial Analyst Tualatin Valley Water District Enterprise Risk Management for Water Utilities Washington County, Oregon 2 Presentation
More informationENTERPRISE RISK MANAGEMENT (ERM) GOVERNANCE POLICY PEDERNALES ELECTRIC COOPERATIVE, INC.
1. Purpose: 1.1. Pedernales Electric Cooperative ( PEC ) is committed to delivering low-cost, reliable and safe energy solutions for the benefit of our members. In order to improve the likelihood of achieving
More informationThirty-Second Board Meeting Risk Management Policy
Thirty-Second Board Meeting Risk Management Policy 00 Month 2014 Location, Country Page 1 Board Decision THE RISK MANAGEMENT POLICY Purpose: 1. This document, Risk Management Policy (), presents: i) a
More informationSection Defining Risk Management. 11. Principles of Risk Management
Section 2 10. Defining Risk Management Enterprise risk management is the process, affected by an entity's board of directors, management and other personnel, applied in strategy setting and across the
More informationPerpetual s Risk Management Framework
Perpetual s Risk Management Framework Perpetual s Risk Management Framework Context Perpetual Limited (Perpetual) is a diversified financial services firm, listed on the Australian Securities Exchange.
More informationAn Update On Association Policies, Health Checks & Guidelines To A Safer Hockey Association. Lauren Woods Member Engagement & Operations
An Update On Association Policies, Health Checks & Guidelines To A Safer Hockey Association Lauren Woods Member Engagement & Operations Association Health Checks Issues arising from the health check: 3/27
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company s risk management framework is an important tool to guide the organisation towards achieving
More informationScouting Ireland Risk Management Framework
No. SID 124A/15 Gasóga na héireann/scouting Ireland Issued Amended 20 th June 2015 Deleted Source: National Management Committee Scouting Ireland Risk Management Framework Revision Date Description # 20/06/2015
More informationUSF System Compliance & Ethics Program. Risk Assessment Process. Enterprise-Wide Risk Assessment
USF System Compliance & Ethics Program Risk Assessment Process Enterprise-Wide Risk Assessment Risk Assessment Process Risk Assessment: A disciplined, documented, and ongoing process of identifying and
More informationLeveraging an organization s current risk management to create a sustainable ERM program. Thursday, January 15, 2015
Leveraging an organization s current risk management to create a sustainable ERM program Thursday, January 15, 2015 Augustine Doe Ron Marx AGENDA Pg 1 Pg 2 Pg 3 Pg 4 Pg 5 Pg 6 Pg 7 Pg 8 Pg 9 Pg 10 Pg 11
More informationKidsafe NSW Risk Management Plan. August 2014
Kidsafe NSW Risk Management Plan August 2014 Document Control Document Approval Name & Position Signature Date Document Version Control Version Status Date Prepared By Comments Document Reviewers Name
More informationSOLID GROUP INC. ENTERPRISE RISK MANAGEMENT POLICY
SOLID GROUP INC. ENTERPRISE RISK MANAGEMENT POLICY SECTION 1. PURPOSE This Policy establishes the standards, processes and accountability structure to identify, assess, prioritize and manage key risk exposures
More informationRisk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY
NHS Education for Scotland RISK MANAGEMENT STRATEGY January 2016 1 Contents 1. NES STATEMENT ON RISK MANAGEMENT 2 RISK MANAGEMENT STRATEGY 3 RISK MANAGEMENT STRUCTURES 4 RISK MANAGEMENT PROCESSES 5 RISK
More informationProcedures for Management of Risk
Procedures for Management of Policy Sponsor: Name of Parent Policy: Policy Contact: Procedure Contact: Vice President Finance and Administration Enterprise Management Policy Vice President Finance and
More informationPOLICY. Policy Title: Integrated Risk Management. Director, Strategic and Governance Services Centre
POLICY Policy Title: Integrated Risk Management Policy Owner: Keywords: Policy Code: Director, Strategic and Governance Services Centre Risk Management PL201 [rm001] Intent Organisational Scope Definitions
More informationRisk Management Policy and Procedures.
Risk Management Policy and Procedures. Rev Date Purpose of Issue/Description of Change Date 1. June 2006 Initial Issue 2. November 2009 Revised and updated 6 th November 2009 3. September 2010 Revised
More informationBournemouth Primary MAT Risk Management Policy
Bournemouth Primary MAT Risk Management Policy 1. Introduction The Bournemouth Primary Multi-Academy Trust (the Trust) operates a risk management system in order to identify and manage key exposures and
More informationERM Implementation in Local Government
ERM Implementation in Local Government Sean Catanese, ARM, C31000 Enterprise Risk Management Program Manager King County, Washington Greg Wallig, CISA, CGEIT Principal Grant Thornton LLP 1 King County
More informationCORPORATE RISK MANAGEMENT POLICY
11/8/2017 INFORMAÇÃO INTERNA ÍNDICE 1 PURPOSE... 3 2 SCOPE... 3 3 REFERENCES... 3 4 CONCEPTS... 4 5 GUIDELINES... 6 6 RESPONSABILITIES... 8 7 CONTROL INFORMATION... 14 2 INFORMAÇÃO INTERNA 1 PURPOSE The
More informationRisk Management Procedure
Risk Management Procedure 2017 Number: Date Written: Authorised by: Review Date: Version 4.0 15 December 2016 Bernie Wilson 30 December 2018 Contents Amendment and Review... 2 Document Control / Amendments...
More informationSections of the ORSA Report
Lessons Learned From Orsa Reviews Impact on Risk Focused Examination NAIC Insurance Summit INS Companies Joe Fritsch, Director INS Companies Don Carbone, Exam Manager INS Companies Sections of the ORSA
More informationHow Internal Audit Can Help Promote Effective ERM
How Internal Audit Can Help Promote Effective ERM Alan N. Siegfried, MBA, CPA, CIA, CISA, CBA, CRMA, CFSA, CCSA, CITP, CGMA, CSP June 18, 2014 Alan Siegfried Professional Bio Principal and Managing Director,
More informationUsing Meaningful KRI s for Basel II Operational Risk Management
Using Meaningful KRI s for Basel II Operational Risk Management Presentation to: The Association of International Bank Auditors November 4, 2008 The Association of the Bar of New York City 3 What do these
More informationBritish Library Risk Management Policy Framework (2017)
Risk Management Policy Framework May 2017 1 British Library Risk Management Policy Framework (2017) 1. Introduction The Library defines risk as being the quantifiable level of exposure to the threat of
More informationSCCE 2012 COMPLIANCE & ETHICS INSTITUTE. Workshop Agenda
SCCE 2012 COMPLIANCE & ETHICS INSTITUTE October 14, 2012 l Las Vegas, NV Ethics & Compliance Risk Management 101: Program Essentials and Effective Practice Key Steps to Implementing and Championing an
More information1. Define risk. Which are the various types of risk?
1. Define risk. Which are the various types of risk? Risk, is an integral part of the economic scenario, and can be termed as a potential event that can have opportunities that benefit or a hazard to an
More informationPillar 3 As at 31st March 2011
Pillar 3 As at 31 st March 2011 Purpose of Disclosure This document sets out the Pillar 3 market disclosures for Threadneedle Asset Management Holdings an authorised and regulated limited license firm
More informationEnterprise Risk Management: Applications in the Private & Public Sectors
Enterprise Risk Management: Applications in the Private & Public Sectors Agenda 1. Presentation goals and panelists 2. ERM definition 3. Origins of enterprise risk management 4. Examples of creating value
More informationRisk Management at the Deutsche Bundesbank March 2011
Risk Management at the Deutsche Bundesbank March 2011 (C) Deutsche Bundesbank - Division Organisation 1 Agenda Definition of risk management [3] Factors of influence to review the RM set up [4] The Framework
More informationINTERNAL AUDIT PLAN OF ACTIVITIES
SDCERA INTERNAL AUDIT PLAN OF ACTIVITIES Fiscal Years 2012-2015 CHRISTINA MCGOUGH, INTERNAL AUDIT MANAGER 12 Table of Contents Executive Summary... 1 Overview... 2 Risk assessment... 2 The audit plan...
More informationEnterprise Risk Management Integrated Framework
ISACA S IT Audit, Information Security & Risk Insights Africa 2014, Alisa Hotel Enterprise Risk Management Integrated Framework Tony Bediako May 20, 2014 Today s organizations are concerned about: Risk
More informationImplementing A Risk Management Framework
Implementing A Risk Management Framework Dennis J Clark Clark Corporate Consulting Pty Ltd Room Day, Date Saturday 26 February 2011 Time 11.00am 12.00 pm Proudly supported by Blackbaud Session Outline
More informationRisk Management Framework
Risk Management Framework Risk Management Framework 1. The University views Risk Management as integral to the successful execution of its Strategy. In order to achieve the aims set out in our strategy,
More informationINTEGRATING RISK MANAGEMENT AND BUSINESS CONTINUITY
INTEGRATING RISK MANAGEMENT AND BUSINESS CONTINUITY June 2012 Sami Ahmed Assistant Vice President - MRC Paolo De Rosa Senior Vice President - MRC Introduction Purpose Raise your knowledge and awareness
More informationRISK MANAGEMENT POLICY AND STRATEGY
1 RISK MANAGEMENT POLICY AND STRATEGY Version No: Reason for Update Date of Update Updated By 1 Review Timeframe September 2014 2 Review June 2017 Governance Manager Governance Manager 3 4 5 6 7 8 Introduction
More informationRisk Management: Principles, Methodologies and Techniques. Peter Getugi Internal Audit Manager ILRI
Risk Management: Principles, Methodologies and Techniques Peter Getugi Internal Audit Manager ILRI NAIROBI 22 JUNE, 2010 Session Objectives What is Risk Management? Why is Risk Management importance rising?
More informationRisk Management Policy
DYNAMIC ARCHISTRUCTURES LIMITED Risk Management Policy DYNAMIC ARCHISTRUCTURES LIMITED Regd. Address: 409, Swaika Centre, 4A Pollock Street, Kolkata - 700001 (West Bengal) CONTENTS Sr. Particulars Page
More informationGRINDROD SOUTH AFRICA//Policy Risk and opportunity governance framework
Document number GP24 Revision number 02 Issue date 23 May 2017 Author name Andrew Davies Approval Risk Committee 02 CONTENTS 1 Purpose 04 2 Objective 04 3 Risk and opportunity governance policy 04 4 Governance
More informationInsurance Contracts for 831(b) Enterprise Risk Captives Policies and Pooling Agreements
Insurance Contracts for 831(b) Enterprise Risk Captives Policies and Pooling Agreements Jeffrey K. Simpson John R. Capasso Brian Johnson Gordon, Fournaris & Mammarella, P.A. Captive Planning Associates,
More informationPolicy Number: 040 Risk Management August 2018
Policy Number: 040 Risk Management August 2018 Policy Details 1. Owner Manager, Business Services 2. Compliance is required by Staff, contractors and volunteers 3. Approved by The Commissioner 4. Date
More informationIdentification & Assessment of Risks Authors: Ali Basharat & Zeenoor Sohail Sheikh
Identification & Assessment of Risks 2018 Authors: Ali Basharat & Zeenoor Sohail Sheikh Risk Management for the Microfinance Sector (2018) Identification & Assessment of Risks 1) Risk Register Tool An
More informationIntroduction to Risk for Project Controls
Introduction to Risk for Project Controls By Eukeni Urrechaga, PE Quick view at Project Controls Project Controls, like project management, is much an art as it is a science. The secret of good project
More informationEnterprise Risk Management Focusing on the Right Risks
2014 CliftonLarsonAllen LLP Enterprise Risk Management Focusing on the Right Risks VGFOA 2015 Fall Conference October 22, 2015 CLAconnect.com Session Objectives 1.Identify factors driving the need for
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company faces a broad range of risks as a listed entertainment organisation. The Company s risk
More informationIntroduction. The Assessment consists of: Evaluation questions that assess best practices. A rating system to rank your board s current practices.
ESG / Sustainability Governance Assessment: A Roadmap to Build a Sustainable Board By Coro Strandberg President, Strandberg Consulting www.corostrandberg.com November 2017 Introduction This is a tool for
More informationChapter 7: Risk. Incorporating risk management. What is risk and risk management?
Chapter 7: Risk Incorporating risk management A key element that agencies must consider and seamlessly integrate into the TAM framework is risk management. Risk is defined as the positive or negative effects
More informationMaster Class: Construction Health and Safety: ISO 31000, Risk and Hazard Management - Standards
Master Class: Construction Health and Safety: ISO 31000, Risk and Hazard Management - Standards A framework for the integration of risk management into the project and construction industry, following
More informationERM Benchmark Survey Report
ERM Benchmark Survey Report A report on PACICC s fifth ERM benchmarking survey October 2017 2011 2013 2015 2016 2017 Member Survey on ERM Practices A report on PACICC s fifth ERM benchmarking survey October
More informationRisk Management Framework. Metallica Minerals Ltd
Risk Management Framework Metallica Minerals Ltd Risk Management Framework 23 March 2012 Table of Contents Contents 1. Introduction... 3 2. Risk Management Approach... 3 3. Roles and Responsibilities...
More informationBusiness Continuity Management and ERM
Business Continuity Management and ERM Partnership for Emergency Planning Kansas City Marshall Toburen GRC Strategist ERM, ORM, 3PM RSA A division of EMC 2 June 18, 2014 1 Agenda Intro State of ERM Today
More informationQuality Control & Compliance Initiative. This document is publicly available to any staff member on the following network path:
Quality Control & Compliance Initiative RISK ASSESSMENT Author: Phonovation Quality Control Group Gavin Carpenter Effective Date: 20 th Nov 2013 Revised: 20 th Jan 2015 Revised by: To: Pedro Quintas All
More informationAPPENDIX 1. Transport for the North. Risk Management Strategy
APPENDIX 1 Transport for the North Risk Management Strategy Document Details Document Reference: Version: 1.4 Issue Date: 21 st March 2017 Review Date: 27 TH March 2017 Document Author: Haddy Njie TfN
More informationENTERPRISE RISK MANAGEMENT IN HEALTH CARE. April 27, 2017
ENTERPRISE RISK MANAGEMENT IN HEALTH CARE April 27, 2017 Presenters Adam Marshall Director, Risk Advisory Services Jessika Garis Manager, Risk Advisory Services RSM US LLP Adam.Marshall@rsmus.com +1 410
More information