A proactive approach to auditing risk management
|
|
- Herbert McCormick
- 6 years ago
- Views:
Transcription
1 A proactive approach to auditing risk management Anthony Garnett Head of Internal Audit, HM Government, Department for International Development 10 October 2017 Crown Copyright 2017
2 Agenda 1. What s the issue? 2. Solutions 3. Questions
3 The issue
4 1. Organisations struggle with risk management
5 2. Management teams issue manage Why? Don t value risk management Think it s too complex See failures and think not worth it No reward in preventing something far off Rewarded for solving problems Have poor MI and data Almost certain Likely Possible Unlikely Rare Issue Issue Issue Risk Insignificant Minor Moderate Major Severe
6 3. Internal Audit does not audit risk What does assurance mean here? Assurance over risk (as uncertainty?) In relation to what? In whose judgement? i.e. is IA imposing a risk appetite? Limited what? Assurance? Risk? Control? Is this conflating control as adequate risk mitigation? Something can be well risk managed but poorly controlled if there is no conflation Coverage Governance, risk management and control framework Assurance Opinion on mitigating controls over the risk to the delivery of objectives Core Definitions for Annual and Engagement Opinions Substantial The framework of governance, risk management and control is adequate and effective. Moderate Some improvements are required to enhance the adequacy and effectiveness of the framework of governance, risk management and control. Limited There are significant weaknesses in the framework of governance, risk management and control such that it could be or could become inadequate and ineffective. Unsatisfactory There are fundamental weaknesses in the framework of governance, risk management and control such that it is inadequate and ineffective or is likely to fail. Optional RAG Green Yellow Amber Red Factors influencing choice of opinion Adequacy and Effectiveness of the governance, risk management and control framework Impact of any weakness on delivery of objectives Extent of risk exposure Risk tolerance Materiality: by value to the entity, by value in the engagement context and by nature (e.g. irregularity and reputational risk) We may also take account of Management responses to recommendations/ management actions If there is no risk appetite, this scale drives risk aversion as green means risk is low. Or is there no risk appetite and only the most certain things score green? If the fixed scale is not risk but performance in relation to risk mitigation, this makes report ratings relative. i.e. thus a high risk area could be both green and red (depending on risk appetite applied). But something high risk could be satisfactory if there is a high risk appetite. So if not applying risk appetite then driving risk aversion.
7 4. Or offer risk based opinions? Good Full Minor Low Acceptable Partial Moderate Medium Weak Limited Major High Unacceptable Nil Severe Good what? Control? Assurance? Risk management? Full what? Assurance? Risk management? Control? Risk aversion? Sensitive enough? Meaningful?
8 5. Or worse no opinion No annual opinion too difficult, organisation too weak No assignment opinion Missing dialectic process with management and audit committee Dialectic or dialectics (Greek: διαλεκτική, dialektikḗ), also known as the dialectical method, is a discourse between two or more people holding different points of view about a subject but wishing to establish the truth through reasoned arguments. Cannot govern direct and control
9 6. Control risk management If control risk management then: Drive risk aversion Audit someone else s definition of risk appetite (i.e. compliance) Belie reality Almost certain Likely Possible Unlikely Rare Insignificant Minor Moderate Major Severe
10 My solution
11 1. Standalone audit risk management Audit risk management Then audit again And again Use a maturity framework Qualify or caveat your opinion
12 2. Recognise risks organisational structures
13 3. Change your underlying assumptions socially scientific internal audit Science Social Science Art Model implications There is a right and wrong Inclination to compliance audit Focus on doing things right, not are they the right things? Audits like experiments to discover the truth Auditors make recommendations that must be followed A lack of risk appetite and judgement in work Audits like experiments Model implications There is objective knowledge, but people have different views on it There is a substantively right but can be differing views on it Audit work will ask not just compliance questions, do we do things right? but do we do the right things? Audits like investigative research, taking various views, evidence etc. and forming an independent view over what feels right Model implications There is no right. All people are right, knowledge only exists as constructed by people. Audits more qualitative and describe what IA has been told No formal structured opinions or conclusions Narrative reports difficult to compare No formal recommendations Auditors listen to clients and are primarily passive
14 4. Rebalance 3 lines of defence SMART rules changes Country and programme teams Whitehall and AH IAD Country and programme teams Whitehall and AH IAD
15 Business / process risks 5. Broaden your types of review Strategic Secretariat SENIOR MANAGEMENT TEAM Governance Dept 1 Dept 2 Dept 3 Dept 4 Dept 5 Dept 6 Thematic and tactical Country, department, programme and project Consultancy audit to support development of DFID s systems
16 6. Implement a real RBIA planning model
17 7. Recognise audit simplifies Reality Audit opinion
18 8. Use risk layers
19 9. Issue a risk based opinion 1/3 Assessment of net risk An objective assessment of net risk and level of assurance (after application of management controls) faced by DFID in the area under review. Net Risk Rating Description [delete as required] Assurance Assessment Minor Moderate Major Severe The framework of governance, risk management and control provides substantial assurance over the achievement of objectives. Risks to objectives are minor (combined impact and likelihood). The framework of governance, risk management and control provides moderate assurance over the achievement of objectives. Risks to objectives are moderate (combined impact and likelihood). The framework of governance, risk management and control provides limited assurance over the achievement of objectives. Risks to objectives are major (combined impact and likelihood). The framework of governance, risk management and control provides very limited to nil assurance over the achievement of objectives. Risks to objectives are severe (combined impact and likelihood). Substantial Moderate Limited Nil
20 9. Issue a risk based opinion 2/3 Adequacy of controls compared to risk appetite With opinion and explanatory narrative
21 9. Issue a risk based opinion 3/3 Control awareness maturity Control awareness Optimised Mature Managed Baseline Developing We found controls to be comprehensive, consciously designed, with a risk basis, suitable oversight and governance over their implementation and a strong consideration of proportionality and value for money in their application. We found key controls to be in place, consciously designed, with a risk basis and suitable oversight and governance over their implementation. We found key controls to be in place, with some consciously designed and some consideration of risk. Oversight and governance was provided over key controls. We found controls to be in place, but not consciously designed. The controls in whole or part lacked a clear risk basis and oversight and governance over their implementation was partial or limited. We found some controls, but these were not consciously designed, and lacked a clear risk basis. Oversight and governance over their operation was limited.
22 9. Issue a risk based opinion Assignment assurance 3 opinions Net risk Whether risk mitigation brings risk within appetite / tolerance How well has the management team got there Annual assurance opinion In the IAD s opinion DFID had adequate and effective frameworks for: Governance Risk management Control covering the period 1 April to 31 March.
23 10. Understand what risk based auditing should achieve Objectives Risk mitigation Risk Appetite
24 Conclusion Audit needs to speak in risk terms Do not demonise risk Do not wait for management teams to risk manage Understand risk is complex and avoid a logicodeductive approach to audit Do not be afraid to qualify your opinion
Bournemouth Primary MAT Risk Management Policy
Bournemouth Primary MAT Risk Management Policy 1. Introduction The Bournemouth Primary Multi-Academy Trust (the Trust) operates a risk management system in order to identify and manage key exposures and
More informationEffective Assurance Frameworks
Effective Assurance Frameworks NIGEL IRELAND, HEAD O F BARCUD S HARED S E R VICES @ barcudss w w w.barcudsharedservices.org.uk Today What an Assurance Framework is How an Assurance Framework can add value
More informationRisk Management Framework
Risk Management Framework Anglican Church, Diocese of Perth November 2015 Final ( Table of Contents Introduction... 1 Risk Management Policy... 2 Purpose... 2 Policy... 2 Definitions (from AS/NZS ISO 31000:2009)...
More informationUNIVERSITY OF ABERDEEN RISK MANAGEMENT FRAMEWORK
UNIVERSITY OF ABERDEEN RISK MANAGEMENT FRAMEWORK 1 TABLE OF CONTENTS FIGURES AND TABLES... 3 1. INTRODUCTION... 4 2. KEY TERMS AND DEFINITIONS... 5 2.1 Risk... 5 2.2 Risk Management... 5 2.3 Risk Management
More informationUniversity of Greenwich Risk Management Guide Revised October 2017
University of Greenwich Risk Management Guide Revised October 2017 Purpose of the Guide 1. This document supplements the Risk Management Policy of the University of Greenwich. It explains why risk management
More informationRISK MANAGEMENT POLICY AND STRATEGY
1 RISK MANAGEMENT POLICY AND STRATEGY Version No: Reason for Update Date of Update Updated By 1 Review Timeframe September 2014 2 Review June 2017 Governance Manager Governance Manager 3 4 5 6 7 8 Introduction
More informationJFSC Risk Overview: Our approach to risk-based supervision
JFSC Risk Overview: Our approach to risk-based supervision Contents An Overview of our approach to riskbased supervision An Overview of our approach to risk-based supervision Risks to what? Why publish
More informationAn introduction to Operational Risk
An introduction to Operational Risk John Thirlwell Finance Dublin, 29 March 2006 Setting the scene What is operational risk? Why are we here? The operational risk management framework Basel and the Capital
More informationRisk assessment concept and practical guidance
Risk assessment concept and practical guidance FOR THE IMPLEMENTATION OF The EEA Financial Mechanism & The Norwegian Financial Mechanism 2004-2009 adopted by the EEA Financial Mechanism Committee and the
More informationNagement. Revenue Scotland. Risk Management Framework
Nagement Revenue Scotland Risk Management Framework Table of Contents 1. Introduction... 2 1.2 Overview of risk management... 2 2. Policy statement... 3 3. Risk management approach... 4 3.1 Risk management
More informationApproved by: Diocesan Council 17 December 2015
DIOCESAN COUNCIL POLICY 39 Risk Management Approved by: Diocesan Council 17 December 2015 1 PREAMBLE The Perth Diocesan Trustees under the authority of the Diocesan Trustees Statute 1952 have the responsibility
More informationNagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0
Nagement Revenue Scotland Risk Management Framework Revised [ ]February 2016 Table of Contents Nagement... 0 1. Introduction... 2 1.2 Overview of risk management... 2 2. Policy Statement... 3 3. Risk Management
More informationRisk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY
NHS Education for Scotland RISK MANAGEMENT STRATEGY January 2016 1 Contents 1. NES STATEMENT ON RISK MANAGEMENT 2 RISK MANAGEMENT STRATEGY 3 RISK MANAGEMENT STRUCTURES 4 RISK MANAGEMENT PROCESSES 5 RISK
More informationScouting Ireland Risk Management Framework
No. SID 124A/15 Gasóga na héireann/scouting Ireland Issued Amended 20 th June 2015 Deleted Source: National Management Committee Scouting Ireland Risk Management Framework Revision Date Description # 20/06/2015
More informationThe OfS approach to risk management
The OfS approach to risk management Introduction The attached paper was discussed at a meeting of the Risk and Audit Committee (RAC) on 26 January. The Committee would welcome comments from the Board on
More informationRisk Management. Policy and Procedures
Risk Management Policy and Procedures POLICY SCHEDULE Policy title Policy owner Policy lead contact Approving body Date of approval/review Related Guidelines and Procedures Review interval Risk Management
More informationKidsafe NSW Risk Management Plan. August 2014
Kidsafe NSW Risk Management Plan August 2014 Document Control Document Approval Name & Position Signature Date Document Version Control Version Status Date Prepared By Comments Document Reviewers Name
More informationHSC Business Services Organisation Board
Paper BSO 25/2009 HSC Business Services Organisation Board Risk Management 1. Purpose of this report The purpose of this report is to brief the Board on the BSO Risk Management process. 2. Background HSC
More informationRisk Management Policy and Processes
Management Policy and Processes Purpose of this document This document sets out IMPRESS s arrangements for risk management, as well as the definition of risk and how it is assessed, managed and reported.
More informationBest Practices in Project Risk Management. Presented by: Jeff Miller, PMP - Director of Project Management Interstates Control Systems, Inc.
Best Practices in Project Risk Management Presented by: Jeff Miller, PMP - Director of Project Management Interstates Control Systems, Inc. What is Project Risk Management? PMBOK Definition of Project
More informationVersion: th November 2010 RISK MANAGEMENT POLICY
Version: 1.2-25th November 2010 RISK MANAGEMENT POLICY Document History Document Location To be completed. Revision History Date of this revision: 17/09/2010 Date of next revision: N/A Revision Number
More informationConceptualisation Stage Continued
Conceptualisation Stage Continued Conceptualisation Inputs to conceptualisation stage Influencing factors Stakeholder analysis Feasibility Risk Outputs from conceptualisation stage Risk Structured Approach
More informationMeeting of Bristol Clinical Commissioning Group Governing Body
Meeting of Bristol Clinical Commissioning Group Governing Body To be held on Tuesday 30 June 2015 commencing at 13:30pm at the Greenway Centre, 119 Doncaster Road, BS10 5PY Title: Risk Appetite Statement
More informationRisk Management Policy
Risk Management Policy April 2017 1 Introduction 1.1 The primary objective of risk management is to ensure that the risks facing the business are appropriately managed. 1.2 Force is committed to ensuring
More informationRisk Management Policy and Procedures.
Risk Management Policy and Procedures. Rev Date Purpose of Issue/Description of Change Date 1. June 2006 Initial Issue 2. November 2009 Revised and updated 6 th November 2009 3. September 2010 Revised
More informationGuide. Risk Management For Community Service Organisations
Guide Risk Management For Community Service Organisations April 2010 Contents 1. Managing risk in community services... 3 1.1. What is risk management?... 3 1.2. Managing risk is about knowing your objectives...
More informationRisk Management Procedure. Version Number: 6.0 Controlled Document Sponsor: Controlled Document Lead:
Risk Management Procedure CONTROLLED DOCUMENT CATEGORY: CLASSIFICATION: PURPOSE Controlled Document Number: Procedure Governance To detail the procedure for the management of risk 419 Version Number: 6.0
More informationInvestigation into the acceptance of gifts and hospitality
Report by the Comptroller and Auditor General Cross-government Investigation into the acceptance of gifts and hospitality HC 797 SESSION 2015-16 9 FEBRUARY 2016 4 What this investigation is about Investigation
More informationUniversity of the Sunshine Coast (USC) Risk Appetite Statement
Vision and strategic goals University of the Sunshine Coast (USC) Risk Appetite Statement The University of the Sunshine Coast will be a university of international standing, a driver of capacity building
More informationGOV : Enterprise Risk Management Policy
Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management GOV-080-005: Enterprise Risk Management Policy Draft Date: November 2006; January 2012 Revised
More informationStrategic flood risk management
Report by the Comptroller and Auditor General Department for Environment, Food & Rural Affairs and Environment Agency Strategic flood risk management HC 780 SESSION 2014-15 5 NOVEMBER 2014 4 Key facts
More informationRisk Management Policy
Risk Management Policy October 2014 Risks 1. Risks can be identified under four principal headings a. Financial risks b. Strategic Risks c. Operational Risks, and d. Hazard Risks 2. These are either externally
More informationSouth Lanarkshire College Risk Management Policy and Procedures
1. Purpose This policy and its procedures detail and communicate the College s approach to risk management. 2. Policy Statement South Lanarkshire College will effectively manage risk, taking all reasonable
More informationBoard Paper summary sheet
Board Paper summary sheet DETAILS Title of Paper Part 1 (Open) X Part 2 (Closed) Partnership Risk Register Quarterly Review Meeting Board Date 26 May 2016 Board Member Tracey Cox, Chief Officer Author
More informationIntegrated Risk Management Framework Sept Page 1 of 17
Integrated Risk Management Framework 2017-2018 Sept 2017 Page 1 of 17 Reference: Title: Author/Nominated Lead: Approval Date: Approving Committee: Review Date: Target Audience: Circulation List: Cross
More informationRisk Management Policy
Risk Management Policy May 2018 Contents 1.0 Purpose... 3 2.0 Scope... 3 3.0 Risk appetite... 3 4.0 Risk management process... 4 5.0 Measuring success... 7 6.0 Review of policy... 7 Appendix A Definitions
More informationPST Board Assurance Framework
PST Board Assurance Framework 14 th January 2016 PST Board Assurance Framework Registered Address (No: IP030872) Fratton Park Frogmore Road Portsmouth PO4 8RA Prepared by Dr Mark Farwell PST Secretary
More informationNOTTINGHAM CITY HOMES. THE BOARD REPORT OF Ian Rabett Head of Health & Safety 26 November 2015
ITEM 9 NOTTINGHAM CITY HOMES THE BOARD REPORT OF Ian Rabett Head of Health & Safety 26 November 2015 RISK MANAGEMENT 1 SUMMARY 1.1 A review of our risk management arrangements was carried out earlier this
More informationRisk Management Framework
Risk Management Framework Introduction The outgoing Corporate Strategy 2013-18 and incoming University Strategy 2018-23 continues on a trajectory towards Vision 2025 in an increasingly competitive Higher
More informationAnti-money laundering Annual report 2017/18
Anti-money laundering Annual report 2017/18 Anti-money laundering Contents 1 Introduction 4 2 Policy developments 5 3 OPBAS 7 4 How our AML supervision is evolving 8 5 Findings and outcomes 9 6 Financial
More informationRisk. Protocol for the Management of Risk
Risk Protocol for the Management of Risk Instr No Contact Brian Orpin Version 4.0 Email brian.orpin@nhs.net Issue Date 27/04/2015 Telephone 0131 314 5360 Review Date 27/04/2016 Status Issued Change Control
More informationLONDON BOROUGH OF ENFIELD RISK MANAGEMENT STRATEGY
LONDON BOROUGH OF ENFIELD RISK MANAGEMENT STRATEGY JANUARY 2013 1 Version Control Reference Comments Approval date 05 09 12 19 11 12 10 01 13 2 FOREWORD Welcome to the Council s Risk Management Strategy.
More informationDraft risk-based planning principles
Draft risk-based planning principles Overview of the risk management standard 1. The ISO 31000:2009 standard (Risk management Principles and guidelines) is an internationally recognised framework used
More informationProcess summary TAFE NSW Hunter Institute Sponsorships, Donations and Contributions Guidelines
This process summary and Guidelines cover the receipt, analysis and acceptance of offers of sponsorship, donation and contributions by members of Industry, Business and/or the Community of the Hunter Region.
More informationRISK REGISTER POLICY AND PROCEDURE
RISK REGISTER POLICY AND PROCEDURE Lead Manager: Head of Clinical Governance Responsible Director: Board Medical Director Approved by: Date Approved: Date for Review: Feb 2012 Replaces Version: 1.0 Page
More informationMEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework
MEMORANDUM To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 Re: ERM Policy and Framework Executive Summary Attached are the draft Enterprise Risk Management
More informationCASE STUDY DEPOSIT GUARANTEE FUNDS
CASE STUDY DEPOSIT GUARANTEE FUNDS 18 DECEMBER FINANCIAL SERVICES Section 1 Introduction to Oliver Wyman Oliver Wyman has been one of the fastest growing consulting firms over the last 20 years Key statistics
More informationPOLICY RISK MANAGEMENT AND REPORTING. Introduction
POLICY RISK MANAGEMENT AND REPORTING Introduction Managing risk is a part of our everyday responsibilities for all of us. It enables us to make decisions about what we do and how we do things both strategically
More informationInsurance regulation and operational risk
Insurance regulation and operational risk John Thirlwell Non-executive Director, Novae Syndicates Limited London, 7 June 2006 What do we mean by operational risk? The operational risk framework and the
More informationRisk Management Policy and Framework
Risk Management Policy and Framework Risk Management Policy Statement ALS recognises that the effective management of risks is a fundamental component of good corporate governance and is vital for the
More informationRISK MANAGEMENT POLICY October 2015
RISK MANAGEMENT POLICY October 2015 1. INTRODUCTION 1.1 The primary objective of risk management is to ensure that the risks facing the business are appropriately managed. 1.2 Paringa Resources Limited
More informationNHS North Somerset Clinical Commissioning Group Risk Management Strategy and Framework
NHS North Somerset Clinical Commissioning Group Risk Management Strategy and Framework An Integrated Risk Management Framework Clinical Risk Management Financial Risk Management Corporate Risk Management
More informationAUDIT MONITORING PROGRAMME. Public Report
AUDIT MONITORING PROGRAMME Public Report 2016-2017 CONTENTS CHIEF EXECUTIVE STATEMENT 2 DUBAI FINANCIAL SERVICES AUTHORITY 3 ABOUT THIS REPORT 4 DFSA S AUDIT MONITORING PROGRAMME 5 INSPECTIONS RESULTS
More informationRisk Management Policy
Risk Management Policy Date Published 6 th July 2016 Version 1 Approved Date 6 th July 2016 Review Cycle Annually Review Date June 2017 Learning together; to be the best we can be 1. Introduction 1.1.
More informationRisk Appetite Statement
Risk Appetite Statement Vision and strategic goals The University of the Sunshine Coast will be a university of international standing, a driver of capacity building in the Sunshine Coast and broader region,
More information28 July May October 2016
Policy Name Risk Management Policy & Procedure Related Policies and Legislation AISWA Guidelines Risk Management Policy Category Planning & Management Relevant Audience Date of Issue / Last Revision All
More informationA (personal) view. Philip Whittingham, European Chief Enterprise Risk Officer. 22 March 2010
The role of the risk profession in a Solvency II world A (personal) view Philip Whittingham, European Chief Enterprise Risk Officer XL Group plc 22 March 2010 Session Aims Successful Solvency II implementation
More informationInternal Audit Plan
Internal Audit Plan 1 Index - A quick guide to the audit and assurance planning process - Glossary of Terms 1 Introduction 2 Assessing the effectiveness of risk management and governance 3 Assessing the
More informationNHS BROMLEY CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY
NHS BROMLEY CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY 1 CONTENTS Page Number Introduction 3 Purpose 4 Objectives 4 Systematic Approach to Risk Management 4 The Risk Management Structure 5 Risk
More informationRisk Management Strategy Highland Council Pension Fund
Risk Management Strategy Highland Council Pension Fund Approved Pensions Committee 9 August 2018 3 1. Introduction 1.1 Risk management is a key element of Corporate Governance and the Highland Council
More informationLEGAL & GENERAL GROUP PLC risk management supplement
LEGAL & GENERAL GROUP PLC 2017 risk management supplement Supplement contents Within this supplement we set out descriptions of the risks we face, how our risk management framework operates, as well as
More informationRisk Assessment Tool. The Anglican Church of Australia Diocese of Wangaratta. Summary Information:
The Anglican Church of Australia Diocese of Wangaratta Risk Assessment Tool This tool is designed to assist* you to assess all events**, programs and other activities to ensure they are conducted safely
More informationGRINDROD SOUTH AFRICA//Policy Risk and opportunity governance framework
Document number GP24 Revision number 02 Issue date 23 May 2017 Author name Andrew Davies Approval Risk Committee 02 CONTENTS 1 Purpose 04 2 Objective 04 3 Risk and opportunity governance policy 04 4 Governance
More informationMeaningful, Coherent and Well Positioned Assurance. December 2014
Meaningful, Coherent and Well Positioned Assurance December 2014 1 Contents Page What is the exam question? 3 Assurance: What is it? 4 What is good practice? 5 Assurance in an Accounting Officer context
More informationThe Code s Seven Principles, and how and to what extent CIC Capital Fund Ltd incorporates them into our investment process, are described below.
UK Stewardship Code This statement sets out how CIC Capital Fund Ltd. applies the principles of the UK Stewardship Code. CIC Capital Fund Ltd Is a Canadian public close-ended fund with investee company
More informationRisk Management Policy Adopted by:
Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009
More informationNATIONAL RISK MANAGEMENT SYSTEM
Scouts Australia NATIONAL RISK MANAGEMENT SYSTEM 2003 First Published 2003 Reviewed August 2006 in consideration of AS/NZS 4360-2004 and Organisational Performance Since First Published. Amendment by Chair
More informationRisk Management Strategy
Resources Risk Management Strategy Successful organisations are not afraid to take risks; Unsuccessful organisations take risks without understanding them. Issue: Version 3 - November 2011 Group: Resources
More informationSOL PLAATJE MUNICIPALITY
RISK MANAGEMENT AND INTERNAL CONTROL Approved As Per Resolution CR 500 dd 17-11-05 INDEX 1. INTRODUCTION 2. PURPOSE AND SCOPE 3. OBJECTIVE OF THE RISK POLICY 4. RISK MANAGEMENT FRAMEWORK 5. ACCOUNTABILTY
More informationRisk Management Relevance to PAS 55 (ISO 55000) Deciding on processes to implement risk management
Risk Management Relevance to PAS 55 (ISO 55000) Deciding on processes to implement risk management Jeff Hollingdale DQS South Africa jeffh@dqs.co.za PAS 55 Risk Management The guideline states: (4.4.7);
More informationAPPENDIX 1. Transport for the North. Risk Management Strategy
APPENDIX 1 Transport for the North Risk Management Strategy Document Details Document Reference: Version: 1.4 Issue Date: 21 st March 2017 Review Date: 27 TH March 2017 Document Author: Haddy Njie TfN
More informationBack to the Future: Have we got the roles and accountabilities of the Three Lines right?
Back to the Future: Have we got the roles and accountabilities of the Three Lines right? Asian Institute of Chartered Bankers, Kuala Lumpur Wednesday, 19 th October 2016 Facilitators: Kimberley Whale,
More informationRisk Management Policy
Risk Management Policy Date First Published June 2016 Version 3 Date Last Approved 20 th June 2018 Review Cycle 1 Year Review Date June 2019 Learning together; to be the best we can be 1. Introduction
More informationFocus on Risk Management
Focus on Risk Management NZ Director Forum Presented by John Smeed & Jacob Mamutil 11 June 2014 2014 Finity Consulting Pty Limited Content Current requirements in New Zealand APRA s approach What are the
More informationBusiness Auditing - Enterprise Risk Management. October, 2018
Business Auditing - Enterprise Risk Management October, 2018 Contents The present document is aimed to: 1 Give an overview of the Risk Management framework 2 Illustrate an ERM model Page 2 What is a risk?
More informationBasel II Pillar 2 Supervisory Review Process. Simon Topping Hong Kong Monetary Authority
1 Basel II Pillar 2 Supervisory Review Process Simon Topping Hong Kong Monetary Authority 2 Outline of Presentation Rationale for Pillar 2 Key principles Banks internal capital adequacy assessment process
More informationRisk Management Policy
Version: 2.0 New or Replacement: Policy number: Document author(s): Replacement ULHT-MD-GOV-RM-PMIMSI Paul White, Risk Manager Contributor(s): Members of the Trust Board & Senior Leadership Team Approved
More informationNetwork Rail Limited (the Company ) Terms of Reference. for. The Audit and Risk Committee of the Board
Network Rail Limited (the Company ) Terms of Reference for The Audit and Risk Committee of the Board Membership of the Audit and Risk Committee 1 The Audit and Risk Committee (the Committee ) shall comprise
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company s risk management framework is an important tool to guide the organisation towards achieving
More informationINVEST NI RISK MANAGEMENT STRATEGY AND POLICY
INVEST NI RISK MANAGEMENT STRATEGY AND POLICY Page 1 of 40 Version Control Version: Issue Date: 6 th October 2017 Approver: Carol Keery Status: Approved Next Review Date: 30 th September 2019 Version Author
More informationRisk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic
Document uncontrolled when printed Policy No. 14 Risk Management DOCUMENT CONTROL Version: Date approved by Board: On behalf of Board: Jack Wegman 17 March 2015 26 March 2015 Denis Moroney President Next
More informationIndependent Auditors Report to the Members of DCC plc
Report on the Financial Statements Our opinion In our opinion: the Group financial statements give a true and fair view, in accordance with International Financial Reporting Standards ( IFRSs ) as adopted
More informationIOPS Toolkit for Risk-Based Pensions Supervision Kenya
Risk-based Pensions Supervision provides a structured approach focusing on identifying potential risks faced by pension funds and assessing the financial and operational factors in place to mitigate those
More informationHEALTH RESEARCH CAPACITY STRENGTHENING INITIATIVE. Program Risk Management Policy. September Imperial : +265 (0)
HEALTH RESEARCH CAPACITY STRENGTHENING INITIATIVE Program Risk Management Policy September 2012 Imperial : +265 (0) 111 924 335 Appendix II: Final Rating The rating for the Likelihood shall be multiplied
More informationEnergize Your Enterprise Risk Management
Energize Your Enterprise Risk Management Presented By Mark Caiazzo, CISA, CISM, CRISC Tammy Michaud, CPA May 15, 2017 Reviewed: Agenda Enterprise Risk Management Defined Benefits of ERM Key Components
More informationWolverhampton City Council
Agenda Item No: 10 Wolverhampton City Council OPEN DECISION ITEM Committee / Panel PENSIONS Date 17/04/2013 Originating Service Group(s) WEST MIDLANDS PENSION FUND Contact Officer(s)/ Telephone Number(s)
More informationAudit Committee Annual Report to the Board
Audit Committee Annual Report to the Board Report to: Board Date: 28 September 2017 Report by: Report No: Mike Cairns, Convener of the Audit Committee Agenda Item: 13.3 PURPOSE OF REPORT This report represents
More informationInternal Audit Annual Report 2016/17
Pensions Committee Date: 13 th June 2017 Internal Audit Annual Report 2016/17 Report of the Corporate Director Business and Resources This report provides a summary of audit work completed by Internal
More informationRisk Management Framework. Group Risk Management Version 2
Group Risk Management Version 2 RISK MANAGEMENT FRAMEWORK Purpose The purpose of this document is to summarise the framework which Service Stream adopts to manage risk throughout the Group. Overview The
More informationNLG(18)407. DATE OF MEETING 27 November Trust Board of Directors Public. Wendy Booth, Trust Secretary
NLG(18)407 DATE OF MEETING 27 November 2018 REPORT FOR Trust Board of s Public REPORT FROM Wendy Booth, Trust Secretary CONTACT OFFICER Jeremy Daws, Head of Quality Assurance Kelly Burcham, Head of SUBJECT
More informationRisk Management Strategy
Risk Management Strategy Document Reference MLCSU CA_WL_V3 Version 3 Authors: Donna Bamber, Midlands & Lancashire Commissioning Support Unit Senior Risk Officer Smita Shetty, Service Redesign Manager,
More informationAssessing Credit Risk
Assessing Credit Risk Objectives Discuss the following: Inherent Risk Quality of Risk Management Residual or Composite Risk Risk Trend 2 Inherent Risk Define the risk Identify sources of risk Quantify
More informationRisk Management. Webinar - July 2017
Risk Management Webinar - July 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Adapted and Facilitated by: Professor Enslin J. van Rooyen Risk Management - June 2017 2 Defining Risk
More informationRisk Management Strategy
Risk Management Strategy 2016 2019 Version: 6 Policy Lead/Author & Deputy Director of Quality position: Ward / Department: Nursing Directorate Replacing Document: Version 5 Approving Committee Quality
More informationRisk Management. Seminar June Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small
Risk Management Seminar June 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Defining Risk Risk reflects the chance that the actual event may be different than the planned / expected
More informationBNY Mellon Investment Management Europe Holdings Limited. Pillar 3 Disclosure December 31, Pillar 3 Disclosure - 1
BNY Mellon Investment Management Europe Holdings Limited Pillar 3 Disclosure December 31, 2017 Pillar 3 Disclosure - 1 Contents 1 Introduction... 4 1.1. Purpose of Pillar 3 Disclosure... 4 2 Scope of Application...
More informationCrown Agents Investment Management Limited. Pillar 3 Disclosures. December 2014
Crown Agents Investment Management Limited December 2014 Page 0 CONTENTS Introduction... 2 Corporate Governance... 3 Risk Appetite... 7 Capital Resource... 9 Capital Management... 10 Risk Categories...
More informationPerpetual s Risk Management Framework
Perpetual s Risk Management Framework Perpetual s Risk Management Framework Context Perpetual Limited (Perpetual) is a diversified financial services firm, listed on the Australian Securities Exchange.
More informationWest Coast District Municipality. Risk Management Policy
West Coast District Municipality Risk Management Policy TABLE OF CONTENTS Page No. RISK MANAGEMENT POLICY 5 1. OVERVIEW 6 1.1. Policy Objective 6 1.2. Policy Statement 6 1.3. Risk Management Approach 6
More informationSponsorship Guidelines. Contents Sponsorship Guidelines Introduction Background ADSA Sponsorship Policy...
Sponsorship Guidelines Contents Sponsorship Guidelines... 1 1 Introduction... 2 2 Background... 2 3 ADSA Sponsorship Policy... 3 4 Guiding Principles for Partnerships... 5 5 Types of ADSA Partnerships...
More information