Enterprise Risk Management: A Practical Approach

Similar documents
ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

Energize Your Enterprise Risk Management

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

Best Practices in ENTERPRISE RISK MANAGEMENT. [ Managing Risks Holistically ]

The Role of Finance and Accounting as Critical Players in ERM and ORSA

Senior Director, Fire Life Safety & Risk Management

Enterprise Risk Management Program

ENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework

Fraud Risk Management

GOV : Enterprise Risk Management Policy

Enterprise Risk Management by Many Other Names is Still Enterprise Risk Management David K. Whatley UTH Advisors April 15,2008

RISK MANAGEMENT FRAMEWORK

UNITED NATIONS JOINT STAFF PENSION FUND. Enterprise-wide Risk Management Policy

Integrating Environmental, Social, and Governance Risks into Enterprise Risk Management. 7 May 2018

Global Enterprise Risk Management in Insurance

SOLID GROUP INC. ENTERPRISE RISK MANAGEMENT POLICY

Delivering Clarity to Credit Unions Through Expertise and Experience

Managing business risks in SMSEs

What Is Enterprise Risk Management?

ENTERPRISE RISK MANAGEMENT (ERM) POLICY

Applying COSO s Enterprise Risk Management Integrated Framework. September 29, 2004

Navigating the New Normal Enterprise Risk Management After e-risk Identification and Assessment

Presentation by: Nasumba Kizito Kwatukha CPA,CIA, CISA,CFE,CISSP,CRMA,CISM,IIK 6 th JULY 2017

TEACHERS RETIREMENT BOARD CONSENT: ATTACHMENT(S): 1. DATE OF MEETING: June 8, 2016/ 15 mins

INTERNAL AUDIT PLAN OF ACTIVITIES

Applying COSO s Enterprise Risk Management Integrated Framework

Executive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B

CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY GROUP RISK AND ASSURANCE SERVICES GROUP RISK MANAGEMENT POLICY

Risk Evaluation, Treatment and Reporting

Leveraging an organization s current risk management to create a sustainable ERM program. Thursday, January 15, 2015

Journey of a Compliance Officer in ERM Implementation. SCCE Regional Conference September 8, Introduction

Enterprise Risk Management Focusing on the Right Risks

Managing And Mitigating Risk In PT Pertamina (Persero) to balance Aggressive Growth Strategies with Prudent Risk Management Frameworks

An Overview of the Enterprise Risk Management Process

Understanding Enterprise Risk Management: An Overview

RISK MANAGEMENT POLICY

Finally ERM Made Easy: ERM for Dummies Has Evolved!

ก ก Tools and Techniques for Enterprise Risk Management (ERM)

Excellence in Risk Management via Enterprise Risk Management. Presentation to: Audit Committee Ashok K. Roy, Ph.D., CIA, CFSA, CBA September 18, 2015

D7 Risk Management Policy

Enterprise Risk Management Framework: Is It Working Effectively or Is It Window Dressing?

To the Board of Trustees Whitworth University Spokane, Washington

Enterprise Risk Management Integrated Framework

Enterprise Risk Management

Section Defining Risk Management. 11. Principles of Risk Management

ERM: Adding Value to Your Public Agency

ENTERPRISE RISK MANAGEMENT (ERM) GOVERNANCE POLICY PEDERNALES ELECTRIC COOPERATIVE, INC.

ERM: Lessons Learned and Tools Used from One University's Nearly 10-Year Implementation Journey. University Risk and Compliance

Fraud Risk Assessment CARRIE KENNEDY, PARTNER DUSTIN BIRASHK, PARTNER

Risk Management Policy. September 2015

ENTERPRISE RISK MANAGEMENT

Enterprise Risk Management. University of Nebraska Max J. Rudolph, FSA CFA CERA Rudolph Financial Consulting, LLC February 15, 2008

FIRMA Nashville Tennessee April 21, 2015

Presented by. Kristina Narvaez. President of ERM Strategies, LLC

Risk Management. Seminar June Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small

SCCE 2012 COMPLIANCE & ETHICS INSTITUTE. Workshop Agenda

RISK MANAGEMENT FRAMEWORK

Financing for Energy & Sustainability

Identification & Assessment of Risks Authors: Ali Basharat & Zeenoor Sohail Sheikh

Enterprise Risk Management (ERM) & Compliance

Jeffrey A. Slotnick CPP, PSP Ron Worman, The Sage Group The ESRM Commission

What does the WEF Global Risks Report have to do with my Risk Management program? GRM016 Speakers:

INTEGRATING RISK MANAGEMENT AND BUSINESS CONTINUITY

OMB Update Enterprise Risk Management. April, 2018

Risk Management Policy Adopted by:

Business Auditing - Enterprise Risk Management. October, 2018

Risk Management Policy. Apollo Hospitals. Risk Management Policy

VILLAGE OF DOWNERS GROVE Report for the Village Council Meeting

Enterprise Risk Management process at Dragon Oil

NDI. NDI Executive Exchange. Boardroom Risk Assessments Roundtable Thursday, January 13, :00 a.m. 10:30 a.m. National

Introduction. The Assessment consists of: A checklist of best, good and leading practices A rating system to rank your company s current practices.

Israeli off-shore exploration and development. How to manage the risks?

The Company s recent and long-term financial performance has been very strong on a relative and absolute basis

Risk Management. Webinar - July 2017

Risk Management Framework

CORPORATE RISK MANAGEMENT POLICY

West Coast District Municipality. Risk Management Policy

Corporate Governance, ISO/IEC and BS by Dr. David Brewer Associate Consultant Integer Knowledge Pte Ltd (Singapore) Director Gamma

Procedure for Address Business Risk and Opportunities

Enterprise Risk Management

Own Risk Solvency Assessment (ORSA) Linking Risk Management, Capital Management and Strategic Planning

Practical aspects of determining and applying a risk appetite for SMEs

Session 2A: Risk Management Perspective in Predictive Modeling. Moderator: Mark W. Griffin, FSA, CERA

Bournemouth Primary MAT Risk Management Policy

Introduction. The Assessment consists of: Evaluation questions that assess best practices. A rating system to rank your board s current practices.

HOW HIGH-PERFORMING COMPANIES HARNESS OPPORTUNITIES THROUGH SRM SRM 401. Wednesday, April 18

Foreign Bank Enhanced Prudential Standards (FBEPS) Spotlight on Governance and Risk Management. Chris Spoth Deloitte & Touche LLP October 2013

Enterprise Risk Management

Aligning Risk Management with CU Business Strategy

WATER AND SEWERAGE SYSTEM OF DUPAGE COUNTY, ILLINOIS An Enterprise Fund of the DuPage County, Illinois

Sustainability and the board: What do directors need to know in 2018?

Governance & Development: Views from G20 Countries

Product Recall Risk Assessment By Tony Munns. Product recall is a key area of risk for today s company. With greater focus

Enterprise Risk Management Lessons, Trends & Laws. Paul L. Walker Feb. 26 th, 2004

Enterprise Risk Management (ERM)

RISK MANAGEMENT POLICY

Enterprise Risk Management (ERM) A Business Enabler or a Compliance Issue? Prepared by Nico Snyman MBA, FIRMSA, M.I.S) Chief Executive Officer (CEO)

1st Capacity Building Seminar on Enterprise Risk Management

BERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework

ENTERPRISE RISK MANAGEMENT IN HEALTH CARE. April 27, 2017

Transcription:

Enterprise Risk Management: A Practical Approach Presented by: Ellen M. Labita, CPA, Partner, Not-for-Profit Services Baker Tilly Virchow Krause, LLP Ellen.Labita@bakertilly.com 631-719-3232

Agenda Overview of Enterprise Risk Management ERM Process Risk Assessment Infrastructure / Ongoing Process 2

Risk management failures in history 1637: The tulip bulb craze 1720: The South Sea bubble 1989: The S&L crisis 1995: The Barings Bank derivatives scandal 2001: Enron 2002: WorldCom 2008: Housing collapse 2010: Gulf oil spill 2012: JP Morgan, Knight Capital 3

Risk is the possibility of an event occurring that will impact the achievement of an organization s mission and objectives. RISK AND ITS IMPORTANCE WHY IS THERE AN INCREASED EMPHASIS ON RISK? 4

What is ERM? COSO definition A process, effected by an entity s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. 5

COSO model Source: COSO, Enterprise Risk Management An Integrated Framework 6

Why implement ERM: The Value Proposition Broaden view of risk to address how it affects strategic plan and sustainability Optimize the cost of risk management Improve business performance Improve process efficiency Enhance governance 7

Tips for Implementing ERM Get started Keep it simple and doable Remember that risk is constantly changing 8

Keys to Success Support of and from the top Use incremental steps Focus on key risks Leverage existing resources Build on existing risk management activities Embed ERM into the business culture Ongoing updates 9

Steps for ERM Determine ERM leadership and working group Define risk appetite Conduct enterprise-wide risk assessment Implement plan for high priority risks Inventory/advance risk management infrastructure and reporting Continuous update 10

Conducting Risk Assessment Identify risks Prioritize risks 11

Types of Risk Fraud Operations Finance Compliance Technology Strategy Reputation 12

Identify Risks Brainstorm potential risks at a strategic entity-wide level Alternatively, use an outside, objective party to interview key Board Members and Management and draft an initial set of priorities 13

Prioritize Risks Prioritize risks based on significance (i.e., potential impact) and likelihood (i.e., chance of occurrence) Use a risk map as a roadmap for discussions and oversight Risks with the biggest potential impact and highest likelihood of occurrence are the top priority 14

Risk Mapping High Impact / Moderate Likelihood High Impact / High Likelihood Potential Impact Moderate Impact / Moderate Likelihood Moderate Impact / High Likelihood Likelihood of Occurrence 15

Sample Risk Map High Impact / Moderate Likelihood High Impact / High Likelihood Data Security and Privacy Legal and Regulatory Environment Funding Cuts/ Budgeting P o t e n t i a l I m p a c t Information Retention and Institutional Knowledge Business Continuity Planning and Disaster Recovery Program Safety Media /Social Media Governance Effectiveness Employee Conduct Growth Accounting Systems / Financial Reporting Management Succession Moderate Impact / Moderate Likelihood Moderate Impact / High Likelihood Likelihood of Occurrence Strategy Operations Compliance Reputation Technology 16

Implement for High Priority Risks Clarify who is responsible for developing, implementing, and managing risk management plans Who owns each risk and is responsible for developing plans? The CEO/ED has ultimate responsibility for risk management in an organization Develop responses/plans to manage and mitigate risk, and monitor results This should include determining what risk management activities are already in place and weighing cost/benefit of risk reduction proposals 17

Risk Response Avoid the risk Seek an opportunity and exploit the risk Remove the source of risk Change the likelihood Change the consequences Share the risk with another party Retain the risk 18

Key Questions Was the risk assessment process comprehensive? Are conclusions related to strategic risk appropriate? Are problems and solutions presented and discussed within a comprehensive context of competing priorities and resources? Are solutions transparently vetted in terms of alternative approaches? Are solutions discussed and decided based on risk/return characteristics? Do solutions address enterprise-wide risks? Are resources being allocated to key strategic risks and strategies to protect the organization and help achieve goals? 19

Risk Management Infrastructure and Reporting Assess risk management capabilities Develop/enhance infrastructure to reach the desired state of ERM Develop reporting plan/requirements 20

Ongoing Process ERM is a journey, not a destination! 21

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback