Romanian Court of Accounts RISK MANAGEMENT 24 April 2012 Warsaw, Poland

Similar documents
It is currently the institution whose role consists of supporting the promotion of:

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

Risk Management at the Deutsche Bundesbank March 2011

ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

General Risk Control and 20/10/15

ENTERPRISE RISK MANAGEMENT Framework

RISK MANAGEMENT FRAMEWORK

CORPORATE RISK MANAGEMENT POLICY

BERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework

Applying COSO s Enterprise Risk Management Integrated Framework. September 29, 2004

Internal Control in Poland. Monika Kos Lima, 30 March 2016

REGULATION. on Internal Governance Arrangements, the Management body and the Internal Capital Adequacy Assessment Process for Banks and Savings banks

Applying COSO s Enterprise Risk Management Integrated Framework

ก ก Tools and Techniques for Enterprise Risk Management (ERM)

Business Auditing - Enterprise Risk Management. October, 2018

Assessing the Adequacy of Risk Management Using ISO 31000

Perpetual s Risk Management Framework

PRINCIPLES FOR RISK MANAGEMENT IN NORGES BANK INVESTMENT MANAGEMENT

STRATEGY OF PUBLIC INTERNAL FINANCIAL CONTROL DEVELOPMENT IN THE REPUBLIC OF SERBIA FOR THE PERIOD OF

Risk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic

PRINCIPLES FOR RISK MANAGEMENT IN NORGES BANK INVESTMENT MANAGEMENT LAID DOWN BY THE EXECUTIVE BOARD 10 JUNE 2009, LAST AMENDED 21 NOVEMBER 2018

GOV : Enterprise Risk Management Policy

Enterprise Risk Management Integrated Framework

MANAGERIAL ACCOUNTABILITY AND RISK MANAGEMENT

Internal governance. Supervisory Statement SS21/15. April 2015

PILLAR III DISCLOSURES

INTERREG - IPA CBC ROMANIA-SERBIA PROGRAMME

Summary Enterprise Risk Management Framework

PREMIER UNDERWRITING HOLDINGS (GIBRALTAR) LIMITED PREMIER INSURANCE COMPANY LIMITED

DECISION ON RISK MANAGEMENT BY BANKS

Enterprise Risk Management in WFP

ENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework

University Risk Management Policy

Guidance document on a common methodology for the assessment of management and control systems in the Member States ( programming period)

SOL PLAATJE MUNICIPALITY

An Overview of the Enterprise Risk Management Process

Executive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B

AIA Group Limited. Terms of Reference for the Board Risk Committee

Prudential Standard GOI 3 Risk Management and Internal Controls for Insurers

SIGMA Support for Improvement in Governance and Management A joint initiative of the OECD and the European Union, principally financed by the EU

GENERAL RISK CONTROL AND MANAGEMENT POLICY

SOLVENCY AND FINANCIAL CONDITION REPORT EUROLIFE LTD

Pillar 3 Disclosure. Sumitomo Mitsui Trust Bank (Thai) Public Company Limited. March 31 st, Pillar 3 Disclosures 31 March 2018

Declaration on Internal Controls

Pillar III Disclosures

PILLAR III DISCLOSURES

RISK MANAGEMENT FRAMEWORK OVERVIEW

KRUNG THAI BANK PUBLIC COMPANY LIMITED

Risk assessment concept and practical guidance

Risk Appetite. What is risk appetite?

Supervisory Statement SS21/15 Internal governance. April (Updating October 2014)

Standard Project Fiche. 1.2 Title: Further Institutional Strengthening of the Court of Accounts

CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY GROUP RISK AND ASSURANCE SERVICES GROUP RISK MANAGEMENT POLICY

COMMUNICATION TO THE COMMISSION MISSION CHARTER OF THE INTERNAL AUDIT SERVICE OF THE EUROPEAN COMMISSION

Basel II Pillar 3- Qualitative Disclosure

Chapter 6: Analysis of control

Business Conduct Possible Approach

Risk Management Framework

DECISION ON RISK MANAGEMENT BY BANKS

FIL Life Insurance (Ireland) DAC. Solvency and Financial Condition Report as at 30 June 2016

Risk Management Relevance to PAS 55 (ISO 55000) Deciding on processes to implement risk management

Guidance document on. management verifications to be carried out by Member States on operations co-financed by

Risk Committee Charter. Bank of Queensland

ENTERPRISE RISK MANAGEMENT (ERM) GOVERNANCE POLICY PEDERNALES ELECTRIC COOPERATIVE, INC.

Fathom Wealth Management Advisors Ltd Risk Management Disclosures Year Ended 31 December 2016

Risk Management Policy and Procedures.

Home Capital Group Inc. Home Trust Company Home Bank Risk and Capital Committee Charter

Certified Enterprise Risk Professional (CERP) Test Content Outline

There are many definitions of risk and risk management.

Audit manual - general part

Glossary of Terms. (From 2001 IFAC Handbook of Auditing and Ethics Pronouncements)

From: Director Christina Urias, Chair of the Solvency Modernization Initiative (EX) Task Force

GENERAL RISK CONTROL AND MANAGEMENT POLICY

POLICY. Policy Title: Integrated Risk Management. Director, Strategic and Governance Services Centre

Solvency & Financial Condition Report. Surestone Insurance dac March

Risk Evaluation, Treatment and Reporting

RISK MANAGEMENT POLICY October 2015

SEACO TAX POLICY. Seaco Tax Policy Page 1

Guidance on a common methodology for the assessment of management and control systems in the Member States ( programming period)

Insurance Bulletin. New OSFI Guideline on Operational Risk Management. September 2015

GUIDELINE ON ENTERPRISE RISK MANAGEMENT

Goodman Group. Risk Management Policy. Risk Management Policy

IAIS: Enterprise Risk Management for Capital Adequacy & Solvency Purposes. George Brady. IAIS Deputy Secretary General

Energize Your Enterprise Risk Management

Translation of document originally issued in Polish

SOLVENCY AND FINANCIAL CONDITION REPORT EUROLIFE LTD

ITrade Global (CY) Ltd Regulated by the Cyprus Securities and Exchange Commission License no. 298/16

MEMORANDUM OF UNDERSTANDING ON THE IMPLEMENTATION OF THE NORWEGIAN FINANCIAL MECHANISM between THE KINGDOM OF NORWAY,

Audit communication and reporting

Addressing Operational Risk by Using a Risk Based Internal Audit Approach: Benefits offered to Romanian Banking System

CATTOLICA LIFE DAC SOLVENCY AND FINANCIAL CONDITION REPORT 31 ST DECEMBER 2017

COMMISSION FOR THE SUPERVISION

ANTI-FRAUD STRATEGY INTERREG IPA CBC PROGRAMMES BULGARIA SERBIA BULGARIA THE FORMER YUGOSLAV REPUBLIC OF MACEDONIA BULGARIA TURKEY

REPORT (2016/C 449/32)

Practical aspects of determining and applying a risk appetite for SMEs

FIRMA Nashville Tennessee April 21, 2015

Nagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0

We referred to ICP 20 which deals with public disclosures and is therefore directly comparable to the SFCR.

The Central Bank of Ireland Risk Appetite: A Discussion Paper

PREMIER INSURANCE COMPANY LIMITED SOLVENCY AND FINANCIAL CONDITION REPORT

Transcription:

Romanian Court of Accounts RISK MANAGEMENT 24 April 2012 Warsaw, Poland 1 INTOSAI GOV 9100 Guidelines for Internal Control Standards in Public Sector and INTOSAI GOV 9130 Further Information on Entity Risk Management are already implemented in the Romanian primary and secondary legislation (laws and regulations) 2

Issued on 4 July 2005 given the commitments of Romania under Chapter 28 Financial Control of negotiations with the European Union Contains provisions on financial control of government programs Defining a minimum set of management rules which all the entities shall follow 25 internal control standards based on COSO elements developed by the CHUs according to the EC model within the Twinning Project The Romanian legislation took over the five COSO elements of internal control and 25 management/ internal control standards applicable to public entities were drafted based on them, as follows: 3 Control environment Standard 1 ETHICS, INTEGRITY Standard 2 DUTIES, FUNCTIONS, TASKS Standard 3 COMPETENCE, PERFORMANCE Standard 4 SENSITIVE FUNCTIONS Standard 5 - DELEGATION Standard 6 ORGANISATION STRUCTURE Performance and risk management(coso and INTOSAI GOV Risk assessment) Standard 7 - OBJECTIVES Standard 8 - PLANNING Standard 9 - COORDINATION Standard 10 PERFORMANCE MONITORING Standard 11 RISK MANAGEMENT Standard 15 HYPOTHESES, RE-ASSESSMENT Information and communication Standard 12 - INFORMATION Standard 13 - COMMUNICATION Standard 14 - CORRESPONDENCE Standard 16 IRREGULARITIES NOTIFICATION Control activities Standard 17 - PROCEDURES Standard 18 SEGREGATION OF DUTIES Standard 19 - SUPERVISION Standard 20 DEVIATIONS MANAGEMENT Standard 21 WORK CONTINUATION Standard 22 CONTROL STRATEGIES Standard 23 ACCESS TO RESOURCES Auditing and assessment (COSO and INTOSAI GOV - Monitoring) Standard 24 CONTROL EXAMINATION AND ASSESSMENT Standard 25 INTERNAL AUDIT 4

This legislative document is very significant for the Romanian public entities managerial culture, since based on those standards it was possible to adhere to best practices and to the European values system in point of public internal financial control There are no further explanations, except for a few standards (e.g. risk management ) Risk management is designed as part of good public governance 5 6

Consultation and communication Setting the context and objectives and related activities Risk identification Risks analysis Probability Impact Estimate the level of risk Risk evaluation Risk management Monitoring and review 8

9 Risk tolerance Risk may be accepted without the need to take steps Risk treatment Most risks are controlled so as to be treated Risk transfer Ceasing activities of Involves transfering risk to another structure which can manage it effectively Certain risks may be ruled out or maintained within reasonable limits only by reducing activities or giving them up Opportunities This option needs to be considered whenever a risk is tolerated, treated or transferred

11 The public entity systematically analyzes risks and develops appropriate plans. The risks record book is attached to the risk management process conducted by the entity in order to establish an action plan to monitor them. Consequently, the public entity must have in place the Procedure on the establishment and updating the Risks record book. 12

Inherent risks Residual risks Control risks Operational risks Financial risks Other risks (IT, data security, entity reputation etc.) Implement risk management decision to the entity Establish risk appetite ( the level of acceptable risk for the entity) Approve actions/control measures required to mitigate risks Approve the action plans to mitigate risks 14

Managers snowed under with risks Identification of small risks and overlooking significant ones, which could negatively impact on the entity objectives and mission Risk management process is not used in decision making by senior management of the entity, it is a formal one because it is a requirement of the regulatory framework Identified risks are not managed Emphasis on the quantitative issue (many risks), not on the qualitative one (their management) Poor wording of risks (denial of objective, childish risks) Complication of the risk management process Difficult to implement the standards (risk management, especially in small public entities - commune mayoralties, territorial units of certain ministries) All the aspects of internal control required a long time for a complete implementation in public entities The attention to risk management and to internal control in the public sector increased compared to two years ago According to the Law, the RCoA have the competence to assess the financial control activity and the internal audit activity of the audited legal entities The analysis of the data and documents showed that the internal control system was implemented to a higher degree at the level of the entities within the central public administration and at an inadequate level within the local public administration 16

Thank You For Your Attention! 17 Str. Lev Tolstoi nr. 22-24, cod 011948, sector 1, Bucharest, Romania www.curteadeconturi.ro Svetlana Mureșan senior external public auditor svetlana.muresan@rcc.ro 18

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback