Implementing A Risk Management Framework

Similar documents
Perpetual s Risk Management Framework

Risk Management Framework

Risk Management Framework. Group Risk Management Version 2

Risk Management Policy and Framework

RISK MANAGEMENT FRAMEWORK

An Update On Association Policies, Health Checks & Guidelines To A Safer Hockey Association. Lauren Woods Member Engagement & Operations

Approved by: Diocesan Council 17 December 2015

Risk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic

Risk Management Framework. Metallica Minerals Ltd

Procedure: Risk management

Risk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY

Risk Management Policy (v7.0)

GOV : Enterprise Risk Management Policy

Kidsafe NSW Risk Management Plan. August 2014

An Introductory Presentation for ECU Staff

Risk Management Policy

Risk Management Plan PURPOSE: SCOPE:

NATIONAL RISK MANAGEMENT SYSTEM

Energize Your Enterprise Risk Management

Risk Management Policy

RISK MANAGEMENT POLICY October 2015

Executive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B

Risk Management Policy. September 2015

Best Practices in ENTERPRISE RISK MANAGEMENT. [ Managing Risks Holistically ]

Practical aspects of determining and applying a risk appetite for SMEs

Policy Number: 040 Risk Management August 2018

Scouting Ireland Risk Management Framework

RISK AND OPPORTUNITY ASSESSMENT GUIDE RISK CRITERIA

Risk Management Policy

Senior Director, Fire Life Safety & Risk Management

Risk Management Policy

Climate risk management plan. Towards a resilient business

Risk Management Strategy Highland Council Pension Fund

Risk Management Framework

Risk Management Policy Adopted by:

TONGA NATIONAL QUALIFICATIONS AND ACCREDITATION BOARD

RISK MANAGEMENT FRAMEWORK

Archery Victoria is mindful of the risks associated with conducting archery activities and events at club level.

1. Define risk. Which are the various types of risk?

Fundamentals of Project Risk Management

University of the Sunshine Coast (USC) Risk Appetite Statement

RISK AND BUSINESS CONTINUITY MANAGEMENT

RISK MANAGEMENT FRAMEWORK

RISK MANAGEMENT MANUAL

Risk Management Policy

NOTTINGHAM CITY HOMES. THE BOARD REPORT OF Ian Rabett Head of Health & Safety 26 November 2015

Draft risk-based planning principles

Topic RISK MANAGEMENT Procedure Category Risk Management Updated 07/2011

Risk Management at the Deutsche Bundesbank March 2011

General Risk Management Framework

Risk Management Policy

Section Defining Risk Management. 11. Principles of Risk Management

HSC Business Services Organisation Board

UNIVERSITY OF ABERDEEN RISK MANAGEMENT FRAMEWORK

POLICY. Policy Title: Integrated Risk Management. Director, Strategic and Governance Services Centre

Understanding Enterprise Risk Management: An Overview

RISK MANAGEMENT POLICY

There are many definitions of risk and risk management.

Goodman Group. Risk Management Policy. Risk Management Policy

Risk Management Policy

Risk Management Guideline

Risk Management at Central Bank of Nepal

Enterprise Risk Management Integrated Framework

Nagement. Revenue Scotland. Risk Management Framework

Version: th November 2010 RISK MANAGEMENT POLICY

Risk management procedures

GENERAL RISK CONTROL AND MANAGEMENT POLICY

Risk Management Policy

Nagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0

RISK MANAGEMENT FRAMEWORK

Risk Management Policy and Procedures.

West Coast District Municipality. Risk Management Policy

ISO/DIS 9001:2015 Risk-Based Thinking

Risk Management Procedure

Introduction to ISO Key Points and Benefits

RISK MANAGEMENT POLICY

Enterprise Risk Management Program

Risk Management User Guide. Prepared By: Neville Turbit Version Feb /01/2009 Risk Management User Guide Page 1 of 36

University Risk Management Policy

RISK MANAGEMENT POLICY

Risk Management Policy. Apollo Hospitals. Risk Management Policy

RISK MANAGEMENT FRAMEWORK

RISK MANAGEMENT STRATEGY Version 3

Manage Risk STUDENT HANDOUT

Risk management policy

HAZARD MANAGEMENT POLICY Page 1 of 7 Reviewed: October 2018

RISK REGISTER POLICY AND PROCEDURE

ENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework

CBOE GLOBAL MARKETS, INC. RISK COMMITTEE CHARTER. Proposed Changes December 18, 2018

YACHTING AUSTRALIA. Club Risk Management Template. A Practical Resource for Clubs and Centres

Conceptualisation Stage Continued

Risk Management Strategy

NHS North Somerset Clinical Commissioning Group Risk Management Strategy and Framework

Enterprise Risk Management Policy Adopted by the AMP Limited Board on 2 February 2017

ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

Business Auditing - Enterprise Risk Management. October, 2018

Risk Management Strategy

A Practical Framework for Assessing Emerging Risks

CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY GROUP RISK AND ASSURANCE SERVICES GROUP RISK MANAGEMENT POLICY

RISKY BUSINESS A CLUB GUIDE TO RISK MANAGEMENT

Transcription:

Implementing A Risk Management Framework Dennis J Clark Clark Corporate Consulting Pty Ltd Room Day, Date Saturday 26 February 2011 Time 11.00am 12.00 pm Proudly supported by Blackbaud

Session Outline Presenter Risk Management AS/NZS 4360 & AS/NZS ISO 31000 Enterprise Risk Management Organisational Risk Assessment Business Continuity, Disaster Recovery & Crisis Management

Presenter Auditor - Epilepsy Foundation of Victoria Inc. & Chronic Illness Alliance Inc. Company Secretary Kalkadoon Community Pty Ltd Company Secretary Australian Association For Cognitive and Behaviour Therapy Ltd Risk Management Vision Australia Risk Management TEAMHealth Risk Management Melbourne College Of Divinity Member Department Of Immigration & Citizenship Audit Committee

Risk Management An Essential Element Of Good Governance Provides Comfort To Funding Bodies, Donors, Volunteers And Staff Provides Framework For Good Planning Allows Prioritisation Of Key Tasks Links To Quality Frameworks Increasingly Required For Compliance

AS/NZS 4360:2004 Growing recognition of the importance of an holistic and more importantly simple risk management process resulted in the development of the generic standard for managing risks, AS/NZS 4360. This diagram displays the key steps in undertaking a risk management exercise. Communicate and consult Establish Context Identify Risks Analyse Risks Evaluate Risks Assess Risk Treat Risks monitor and review This part of the standard has been incorporated into a new Australian & International standard.

AS/NZS ISO 31000 Risk Management Executive Leadership and Management 5.2 Mandate & Commitment 5.3 Designing The Framework 5.6 Continual Improvement of the Framework 5.4 Implementing Risk Management Risk Management Process Clause 6 5.5 Monitoring & Reviewing The Framework

Enterprise Risk Management (ERM) ERM Framework Context Executive Leadership and Management Example of the defined levels of risk context Business Unit Level Enterprise Level Significant & High Risks 1. Major Projects 2. Major Contracts Functional / Specific Reviews Enterprise Level (defined cycle) (top 10 to 20 high & significant risks) Business Unit (defined cycle) Functional/Specific (as required) -OHS -IT - Security - Fundraising Major Projects/Contracts (as required) ERM levels of risk assessment

Definition Risk - effect of uncertainty on objectives NOTE 1 An effect may be positive, negative, or a deviation from the expected. NOTE 2 An objective may be financial, related to health and safety, or defined in other terms. NOTE 3 Risk is often described by an event, a change in circumstances, a consequence, or a combination of these and how they may affect the achievement of objectives. Risk can be expressed in terms of a combination of the consequences of an event or a change in circumstances, and their likelihood.

Definition Hazard - potential source of harm NOTE Hazard can be a source of risk

Key Concepts Executive Leadership and Management Vision/Mission Organisation Defined Strategy Business Objective Business Objective Business Objective Risks Risks Risks Risks Risks Risks Controls Controls Controls Controls Controls Controls Strategies Strategies Strategies Strategies Strategies Strategies

Process Establish Context Communicate and consult Identify Risks Analyse Risks Evaluate Risks Assess Risk monitor and review Process for Managing Risks Treat Risks

Establish Context What Are Our Objectives? Strategic Plan/Business Plans? CEO PD?

Risk Identification Legal & Commercial Governance Volunteers Financial Environmental Initial presentation/ meeting to set the scene Build the Risk Wheel Data collection Human Resources Systems Communicate and consult Establish Context Identify Risks Analyse Risks Evaluate Risks Assess Risk monitor and review Treat Risks

Risk Identification Brainstorm the risk issues. Develop the risk wheel for each context categories/ risk issues ISSUE Compliance Compliance Compliance The risk of non The risk of non compliance with compliance with environmental laws / environmental laws / regulations regulations Establish Context Communicate and consult Identify Risks Analyse Risks Evaluate Risks Assess Risk monitor and review Treat Risks

Risk Analysis The need to consider two key attributes: Consequence Likelihood Analysis- Key Attributes Establish Context Communicate and consult Identify Risks Analyse Risks Evaluate Risks Assess Risk monitor and review Treat Risks

Risk Analysis Risk Quantification

Risk Analysis Determine Level of inherent risk Score Descriptor Likelihood A. Almost Certain B. Likely C. Possible D. Unlikely E. Rare Consequence 5. Severe 4. Major 3. Moderate 2. Minor 1. Negligible

Risk Evaluation Inherent risk Effectiveness of existing control environment to mitigate risk exposures Residual risk Effectiveness of Controls Establish Context Opportunity for further risk reduction strategies Communicate and consult Identify Risks Analyse Risks Evaluate Risks Assess Risk monitor and review Treat Risks

Risk Evaluation Determine Level of residual risk Score Descriptor Likelihood A. Almost Certain B. Likely C. Possible D. Unlikely E. Rare Consequence 5. Severe 4. Major 3. Moderate 2. Minor 1. Negligible

Risk Appetite Risk Appetite Amount and type of risk (3.1) an organization is prepared to pursue or take (ISO 31000)

Risk Treatment ACCEPT Setting Treatment Risk Strategy Accept the risk and do nothing OPTIONS REDUCE SHARE AVOID CONSEQUENCE LIKELIHOOD SPREAD TRANSFER Reduce either one or both Spread the risk to a third party Develop contingency arrangements Insure for financial loss Do not participate with the activity Communicate and consult Establish Context Identify Risks Analyse Risks Evaluate Risks Assess Risk monitor and review Treat Risks

Risk Treatment Treating risk will usually apply to situations where risks are beyond risk appetite Accept Avoid Reduce Spread Transfer

Risk Action Plan Key Is Risk Owner No Shared Risks Risk Owner Responsible For The Risk, Not Necessarily The Work Risk Owner Responsible For The Development Of Risk Action Plan Ongoing Refinement Of: Risk Score Risk Detail Risk Controls Risk Strategies

Risk Action Plan The Risk Action Plan Documents How Risk Treatment Options Are To Be Implemented The Action Plan Needs to Include: Responsibilities Schedules Expected Outcomes Budgeting Performance Measures Review Process

Risk Profile FMIS Implementation Traffic light systems are effective

Risk Profile RISK ISSUE POTENTIAL RISK FACTORS (CAUSES) POTENTIAL EFFECT(S) IMPACT(S) CONTROLS AND FUTURE RISK STRATEGIES FMIS Implementation Failure to effectively implement the Oracle Financial System C 5 L 3 R H Insufficient current resources and capability Inadequate project management support Limited technical skills either OHIS, Oracle Insufficient hardware functionality provided by OHIS Inefficient system Project budget overrun Accounts qualified Inability to report on and manage financial performance Unable to comply with required statutory reporting and compliance requirements. CONTROLS IS Governance Committee oversight FMIS Steering Committee reporting Oracle / OHIS technical working group STRATEGIES Implementation Plan/ Scope -end March Detailed Implementation Project Plan-end April RISK OWNER: Dennis Clark

Organisational Risk Assessment Risk Management System Gather Background Material Prepare Risk Management Policy Develop Framework Documents Conduct Organisation Risk Assessment Prepare Risk Management Plan Governance Interface: Committee SubCommittee Prepare Organisation Risk Profile Prepare Organisation Risk Register Develop Tailored Training Materials Develop Risk Systems Rollout Guide Document Subsidiary Risk Systems

Risk Process & Outputs Executive Leadership and Management Organisational Risk Assessment Organisation Risk Register Priority Areas For Risk Treatment Risk Treatment Strategies Risk Management Standard Options Risk Owners & Risk Action Plans Ongoing Reporting & Monitoring

Organisational Risk Profile 10 20 High Level Risks Linked To Organisational Objectives Charities Risk Wheel

Risk Issues For Charities Volunteers & Donors Financial Environment OHSE Government Policy Skills Shortage Compliance Society Priorities Image & Positioning Marketing Taxes Knowledge Management Health & Ageing Social Media Investments

Business Continuity, Disaster Recovery & Crisis Management Topical In Light Of Drought, Flood, Cyclone, Volcanos, Locusts, Pandemics, Air Disasters Interlinked Concepts Business Continuity Planning To Reduce Risk Of Business Disruption Disaster Recovery Planning To Overcome Significant Disruptive Event Crisis Management Plan To Cope With Onset And Duration Of Significant Disruptive Event

Contact Points & Research dennis@clarkcorp.biz 0412 392 518 www.clarkcorp.biz http://infostore.saiglobal.com/store/details.aspx?productid=4560 02

Conference Partner Principal Sponsor Major Sponsors Media Supporters National Corporate Partner National Principal Sponsor FIA Corporate Supporter Awards Sponsors

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback