Risk assessment concept and practical guidance

Similar documents
Regulation on the implementation of the European Economic Area (EEA) Financial Mechanism

European Economic Area Financial Mechanism Norwegian Financial Mechanism AGREEMENT. between. and

Fundamentals of Project Risk Management

RISK MANAGEMENT POLICY October 2015

EEA Financial Mechanism PROGRAMME AGREEMENT. between. The Financial Mechanism Committee established by Iceland, Liechtenstein and Norway

AUDIT AUTHORITY ANNUAL AUDIT REPORT EUROPEAN ECONOMIC AREA FINANCIAL MECHANISM, NORWEGIAN FINANCIAL MECHANISM 2013 / Riga

Annex 2 Template for MoU Norwegian Financial Mechanism

Report on new irregularities

Annex 2 Template for MoU EEA Financial Mechanism

Terms of Reference for the Fund Operator The EEA and Norway Grants Global Fund for Regional Cooperation EEA and Norwegian Financial Mechanisms

LCS International, Inc. PMP Review. Chapter 6 Risk Planning. Presented by David J. Lanners, MBA, PMP

Bilateral Guideline. EEA and Norwegian Financial Mechanisms

Annex 2 Template for MoU Norwegian Financial Mechanism

RISK MANAGEMENT. Budgeting, d) Timing, e) Risk Categories,(RBS) f) 4. EEF. Definitions of risk probability and impact, g) 5. OPA

Recommendation of the Council on Good Practices for Public Environmental Expenditure Management

Nagement. Revenue Scotland. Risk Management Framework

IESBA Agenda Paper 5-E October 2007 Toronto, Canada

Project Interim Report for Block Grants and Programmes (FUND PIR) User Guide

Risk Management Policy

RECENT CHANGES IN STANDARDS ON AUDITING

Bournemouth Primary MAT Risk Management Policy

Section 290 Independence Audit and Review Engagements

Group Financial Statements

Risk Management Policy

MEMORANDUM OF UNDERSTANDING ON THE IMPLEMENTATION OF THE NORWEGIAN FINANCIAL MECHANISM between THE KINGDOM OF NORWAY,

Nagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0

Opinion on Receipts, Expenditure, Investment of Moneys and the Acquisition and Disposal of Assets by Statutory Boards

28 July May October 2016

MEMORANDUM OF UNDERSTANDING ON THE IMPLEMENTATION OF THE NORWEGIAN FINANCIAL MECHANISM between THE KINGDOM OF NORWAY,

Risk Management Policy

DoRIS User manual. December 2011 version 1.0

A proactive approach to auditing risk management

INSE 6230 Total Quality Project Management

Guidance on a common methodology for the assessment of management and control systems in the Member States ( programming period)

Risk Management Framework

Risk Management Policy

EEA Financial Mechanism Memorandum of Understanding Hungary MEMORANDUM OF UNDERSTANDING ON THE IMPLEMENTATION OF THE EEA FINANCIAL MECHANISM.

DG REGIO, DG EMPL and DG MARE in cooperation with OLAF. Joint Fraud Prevention Strategy. for ERDF, ESF, CF and EFF

Project Risk Management

Opinion on Receipts, Expenditure, Investment of Moneys and the Acquisition and Disposal of Assets by Statutory Boards

Risk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY

NEPAD/Spanish Fund for African Women s empowerment

Managing Project Risks. Dr. Eldon R. Larsen, Marshall University Mr. Ryland W. Musick, West Virginia Division of Highways

Project Management for the Professional Professional Part 3 - Risk Analysis. Michael Bevis, JD CPPO, CPSM, PMP

Risk Assessment Policy

INDEPENDENT AUDITOR S REPORT TO THE MEMBERS OF THOMAS COOK GROUP PLC

RISK REGISTER POLICY AND PROCEDURE

Chapter 7: Risk. Incorporating risk management. What is risk and risk management?

Risk Management Guidelines

Prudential Standard GOI 3 Risk Management and Internal Controls for Insurers

Fact Sheet 13 Roles and responsibilities in project partnerships

Fact Sheet 14 - Partnership Agreement

UNIVERSITY OF ABERDEEN RISK MANAGEMENT FRAMEWORK

MEMORANDUM OF UNDERSTANDING ON THE IMPLEMENTATION OF THE EEA FINANCIAL MECHANISM between ICELAND, THE PRINCIPALITY OF LIECHTENSTEIN,

FRAMEWORK ADMINISTRATIVE AGREEMENT (the Agreement ) the INTERNATIONAL ORGANIZATION FOR MIGRATION (the "IOM" or

University of Greenwich Risk Management Guide Revised October 2017

AIA Group Limited. Terms of Reference for the Board Risk Committee

Risk Management Plan for the <Project Name> Prepared by: Title: Address: Phone: Last revised:

MEMORANDUM OF UNDERSTANDING ON THE IMPLEMENTATION OF THE EEA FINANCIAL MECHANISM between ICELAND, THE PRINCIPALITY OF LIECHTENSTEIN,

Financial Guidance. Guidance on how to carry out financial management and reporting under the EEA and Norwegian Financial Mechanisms for

RISK MANAGEMENT GUIDE FOR DOD ACQUISITION

Revenue generating projects Guidelines

Guidance document on. management verifications to be carried out by Member States on operations co-financed by

Guidance on the Actuarial Function April 2016

GENERAL RISK CONTROL AND MANAGEMENT POLICY

Approved by: Diocesan Council 17 December 2015

Every project is risky, meaning there is a chance things won t turn out exactly as planned.

Table of contents. Introduction Regulatory requirements... 3

Risk Management Strategy

MANAGERIAL ACCOUNTABILITY AND RISK MANAGEMENT

International Standard on Review Engagements (UK and Ireland) 2410

Risk Management Policy and Procedures.

Risk Management Procedure. Version Number: 6.0 Controlled Document Sponsor: Controlled Document Lead:

Settlement Agreement between the Central Bank of Ireland and Ulster Bank Ireland DAC (formerly Ulster Bank Ireland Limited)

ISAE 3000 Staff Adaptation of Requirements from ISAs 210, 300, 315 and 330

Guideline for strengthened bilateral relations. EEA and Norway Grants

An Audit of Internal Control Over Financial Reporting That Is Integrated With an Audit of Financial Statements

Risk Assessment Tool. The Anglican Church of Australia Diocese of Wangaratta. Summary Information:

APPENDIX 1. Transport for the North. Risk Management Strategy

MINI GUIDE. Project risk analysis and management

Project Selection Risk

Project Title: INFRASTRUCTURE AND INTEGRATED TOOLS FOR PERSONALIZED LEARNING OF READING SKILL

HSC Business Services Organisation Board

a private company disclosure guide

MEMORANDUM OF UNDERSTANDING ON THE IMPLEMENTATION OF THE NORWEGIAN FINANCIAL MECHANISM between THE KINGDOM OF NORWAY,

Objectives. What is Risk? But a Plan is not Reality. Positive Risks? What do we mean by Uncertainty?

Risk Management. Policy and Procedures

Romanian Court of Accounts RISK MANAGEMENT 24 April 2012 Warsaw, Poland

MEMORANDUM OF UNDERSTANDING ON THE IMPLEMENTATION OF THE EEA FINANCIAL MECHANISM between ICELAND, THE PRINCIPALITY OF LIECHTENSTEIN,

ANTI-FRAUD STRATEGY INTERREG IPA CBC PROGRAMMES BULGARIA SERBIA BULGARIA THE FORMER YUGOSLAV REPUBLIC OF MACEDONIA BULGARIA TURKEY

Introduction to Risk for Project Controls

The interplay between EU Structural funds and EU State aid under Article 107 and 108 of TFEU. Experience of Latvia

Risk Management Strategy Highland Council Pension Fund

The Accreditation and Verification Regulation - Verifier s risk analysis

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

Risk Management Guideline July, 2017

ENTERPRISE RISK MANAGEMENT POLICY FRAMEWORK

MINDA INDUSTRIES LIMITED RISK MANAGEMENT POLICY

MEMORANDUM OF UNDERSTANDING ON THE IMPLEMENTATION OF THE NORWEGIAN FINANCIAL MECHANISM between THE KINGDOM OF NORWAY,

T HE EUROPEAN COURT OF AUDITORS D EFINITION & T REATMENT OF DAS ERRORS

Transcription:

Risk assessment concept and practical guidance FOR THE IMPLEMENTATION OF The EEA Financial Mechanism & The Norwegian Financial Mechanism 2004-2009 adopted by the EEA Financial Mechanism Committee and the Norwegian Ministry of Foreign Affairs on 04.03.2009 1

1. Purpose The purpose of this document is to provide guidance to the FMO staff on how to assess project risks throughout the project lifecycle, and what criteria are to be used when managing risks by setting red flags and recommending a project for external monitoring. While this always involves some degree of subjective judgment, the aim is to ensure common understanding and define some objective criteria to be applied by the FMO when assessing project risks. 2. Background Risk has two components: the probability or likelihood that an event occurs, and the impact or consequences if the event occurs. It is important to differentiate between a risk ( something may go wrong ) and an issue ( something went wrong ). Risk assessment is the determination of the quantitative or qualitative value of risk related to a concrete situation and a recognised threat. In the context of projects financed from the Financial Mechanisms, a risk exists that the project fails to achieve its objectives (expressed as targeted results, purpose and overall objective) and that donors funds are misused, thus not contributing to the reduction of economic and social disparities in the European Economic Area. The FMO continuously performs a risk assessment of projects that have been awarded a grant: in the application form applicants are requested to recognise risks and plan how to manage risk factors. This consists of identifying risk factors, considering the likelihood and impact of each risk factor, and presenting a risk mitigation plan; during the detailed appraisal, the FMO or the selected appraisal agent is carefully looking into the risks identified by the applicant, which in consequence can be amended, or other relevant risk factors can be proposed. This is always recorded in section 4 of the appraisal report, and the related checklist is also completed; in the Grant Recommendation Document (GRD) the FMO must comment on project risks (checklist question nr. 8), and highlight any potential strengths and/or weaknesses in this area. Some issues may also be addressed through specific Grant conditions; in the Project Interim Reports (PIR) the Project Promoter is reporting on project progress both in physical and financial terms. When scrutinising the PIR, the FMO is assessing whether earlier identified risks are kept under control by the Promoter, and whether any new risks arise which may threaten successful project implementation. Any relevant comments by the FMO are recorded in the Template Review Document (TRD) for each PIR; once per calendar year in the Extended PIR, the Project Promoter is explicitly required to report on any changes in risk factors and risk mitigation plans compared to the ones identified in the application form. Any relevant comments by the FMO 2

are recorded in the Template Review Document (TRD) for each PIR. The FMO must explicitly comment on the risk analysis provided by the Promoter (checklist question nr. 9); any major changes in a project have to be communicated to the FMO through a modification request approved by the Focal Point. New risks may become apparent through this request; as a result of random selection, obligatory action towards larger projects, as well as targeted action, projects are monitored through site visits by the FMO or its monitoring agents, allowing for the identification of any new risks, mitigation measures, and management of earlier identified issues. 3. Methodology This section provides guidance on which risk categories are to be taken into consideration when assessing project risks by the FMO, and how risk impact and risk probability can be evaluated. This risk assessment exercise should always be carried out when new information is obtained about the project through a PIR, a modification request, anecdotal information from Focal Points and Project Promoters, or a monitoring report. The responsible person at the FMO is the Task Manager. The Project Implementation Group (PIG) serves to support the Task Manager and to ensure the risk management measures are properly implemented at the FMO. 3.1 Risk categories Risks are considered in certain categories for each project, based on whether the risks are of a technical, financial, legal, organisational/managerial or external nature. Risk categories are listed below, together with some questions to be answered when assessing risks specific to a project. Technical - Does technology play a large role in the success of the project? - How commonplace is any technology required for or developed by the project? - What degree of technical complexity is related to the implementation of one or more activities? Financial - How large is the amount of grant support? - Does the Project Promoter have sufficient internal and/or external financial resources to achieve its objectives within the budget and schedule? - Does the project follow the financial plan during implementation or are there significant deviations? - Are deviations from the financial plan explained or do they remain unjustified? 3

Legal - Are there any unusual conditions set out in the grant agreement? - Are there any signs that the Project Promoter is not able to fulfil one or more of the conditions set out in the grant agreement? - Does the project involve public procurement which constitutes a material part of the project budget? Organisational / managerial - Has the management of the project provided a realistic estimation of cost and duration for project activities? - In case of deviations from plan is the Project Promoter capable to take corrective actions? - How could the involvement of partners affect the success of the project? External - How does the success of the project depend on external factors or third parties outside of the control of the project team? - How sensitive is the project to changes in the regulatory environment? - How susceptible is the project to changes in the macroeconomic environment (inflation, currency exchange risks, supply of labour)? - Do the Focal Point and Paying Authority have enough capacity and solid procedures in place for project oversight or administration? 3.2 Risk impact evaluation In order to quantify the importance of a risk factor in the categories defined above, the impact against three axes is assessed using the following matrix: Budget/ Cost Timescale (number of months) Project Scope Very low impact Insignificant cost increase Insignificant delay Change to project purpose is insignificant, and no change to the objective Low impact Moderate impact High impact Very high impact <15% cost 15-30% cost 30-50% cost >50% cost increase increase increase increase <20% delay 20-40% delay 40-80% delay >80% delay Minor change to project purpose, with no impact on objective Causes moderate changes to the project purpose and minor change to the objective Major change to project purpose and significant changes to the objectives Unacceptable changes are made to the project purpose and objectives 4

3.3 Risk probability evaluation The following scale is used to evaluate the probability of the risk event(s) occurring: Low probability Medium probability High probability The risk event(s) are The risk event(s) can be The risk event(s) are very unlikely to occur reasonably expected to occur likely to occur 4. Red flag functionality The risk assessment is the first step when red-flagging a project. If a staff member who carries out risk assessment according to the above criteria finds that certain risks have a medium to high probability of occurrence, and a moderate to very high impact, setting red flags should be determined in discussion between the Task Manager and the PIG. The Country Officer or any other FMO staff member may be involved if deemed necessary. The following combinations of probability and impact should trigger a red flag: - Medium probability, moderate impact - Medium probability, high impact - Medium probability, very high impact - High probability, moderate impact - High probability, high impact - High probability, very high impact A red flag category must be specified and a short description provided for each red flag. Most of the red flag categories are linked to the risk categories defined in the previous section. Certain extraordinary occasions may trigger red flags regardless of the risk assigned to the project. These are issues like an irregularity reported by the Beneficiary State or discovered by the FMO, results of an earlier monitoring visit, or any other issues which could jeopardise successful project implementation. The following red flag categories have been defined: - Technical risk(s) - Financial risk(s) - Legal risk(s) - Organisational risk(s) - External risk(s) - Irregularity - Earlier monitoring finding - Request from Project Amendment Group 5

For one project multiple red flags can be set simultaneously, which may be followed up together or separately. However a unique description has to be provided for each red flag, and red flags can only be treated one by one when removing them. Coordination is needed in order to avoid the overflow of red flags. Consistency will be ensured by the involvement of the PIG. 5. External monitoring A mitigation action must be planned for each red flag. The type of mitigation action selected will depend on the nature of the red flag, and will be decided in discussion between the Task Manager and the PIG. A relevant note about the mitigation plan has to be made in the red flag description. When the Task Manager and the PIG believes that the risks or issues identified have been successfully mitigated, the red flag can be removed by leaving a relevant note. The following mitigation activities can be decided on: - Consultation with the Project Promoter and/or Focal Point - Request for additional information - Request for additional documents - Collecting evidence from external sources - Launching external monitoring According to the External Monitoring Manual one of the four principles of selecting a project for monitoring is the following: The FMO has information about possible problems or misconduct; or at such times when the reports/payment claims indicate significant deviations from plans and the project appears to be at risk. Moreover, the External Monitoring Manual states in its point 5.4: The FMO will make use of its risk assessment criteria in determining each of the monitoring tasks. If external monitoring has been selected as a mitigation action, the Focal Point shall be informed as soon as possible, and no later than two weeks prior to monitoring, that a monitoring visit will take place for the project. 6

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback