POLICY. Number: Title: Enterprise Risk Management. Authorization
|
|
- Christopher Allen
- 8 years ago
- Views:
Transcription
1 POLICY Number: Title: Enterprise Risk Management Authorization [ ] President and CEO [ X] Vice President, Finance and Corporate Services Source: Director, Enterprise Risk Management Cross Index: Date Approved: January 24, 2014 Date Revised: Date Effective: April 16, 2014 Date Reaffirmed: Scope: SHR Any PRINTED version of this document is only accurate up to the date of printing. Saskatoon Health Region (SHR) cannot guarantee the currency or accuracy of any printed policy. Always refer to the Policies and Procedures site for the most current versions of documents in effect. SHR accepts no responsibility for use of this material by any person or organization not associated with SHR. No part of this document may be reproduced in any form for publication without permission of SHR. Overview: All activities of an organization involve risk. Organizations manage risk by identifying it, analyzing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria 1. Saskatoon Health Region (SHR) has developed an approach to Enterprise Risk Management (based on the International Standard (2009)) and an organizational process to support the integration of Risk Management into SHR s strategic and operational planning. Saskatoon Regional Health Authority (SRHA) recognizes that the proper management of risk is an essential capability that must be developed and practiced throughout the region at all levels. SRHA is committed to building increased awareness and a shared responsibility for Risk Management with employees, at all levels of the organization, and across all sectors of the organization. SRHA has governance responsibility for risk in the organization. The SRHA s Governance Charter formally establishes SRHA s commitment and support for an effective Risk Management strategy within SHR. SHRA Audit, Finance & Risk Committee is accountable to the SRHA as defined in its terms of reference. The Audit, Finance & Risk Committee reports to the SRHA on an annual basis, or more frequently as may be required. The SRHA Audit, Finance & Risk Committee, a joint committee of the RHA and St. Paul s Hospital Board of Directors that: formally expresses SHR s risk tolerance through a SRHA-approved Risk Tolerance Statement, reviews, at least annually, the Risk Tolerance Statement, participates in identifying and assessing SHR s Risk Register, a summarized list of significant risks reviews and receives regular reports on the status of the risks identified in the Risk Register. 1 International Standard ISO 31000: 2009 Risk management Principles and guidelines Page 1 of 10
2 DEFINITIONS All staff means SHR employees, professional staff, practitioner staff and students. Enterprise Risk Management (ERM) means is a continuous, proactive and systemic process applied across the Region for assessing and addressing risks from all sources that threaten the achievement of the objectives of SHR. ERM is about making strategic decisions that contribute to the achievement of the Region s overall corporate objectives. Monitoring means continual checking, supervising, critically observing or determining the status in order to identify change from the performance level required or expected. Risk means the effect of uncertainty on SHR objectives. Risk Appetite means the amount of risk SHR is prepared to accept, tolerate or be exposed to at any point in time. Risk Assessment means the overall process of risk identification, analysis and evaluation. Risk Management means the a systemic process of identifying, measuring/assessing, analyzing, mitigating, evaluating and reporting actual or potential risks to prevent, control and minimize risk exposure. Risk Management provides the methodology for integrating risk into decision making. Risk Owner means the person or entity with the accountability and authority to manage a risk. Risk Profile means the description of any set of risks. Risk Register means a summarized list of significant risks known to SHR. Risk Response means the process of selecting and implementing risk reduction strategies within SHR s risk tolerance (accept, mitigate, avoid or transfer). 1. PURPOSE The purpose of this policy is to establish SHR s approach to Enterprise Risk Management, to: 1.1 Ensure efficient and effective processes and systems are in place to manage all aspects of risk within SHR and to provide reasonable assurances that SHR is meeting its objectives while maintaining a safe environment for its patients, staff and public. 1.2 Ensure there are mechanisms in place to control risk in a systemic way utilizing a quality improvement approach that encompasses the full continuum of care. 1.3 Ensure necessary linkages to existing (and potentially new) working groups and committee structures to ensure continuous, proactive and a systemic process is undertaken to manage risk. 2. PRINCIPLES SHR recognizes that Risk Management is an integral part of good governance and management practice and is committed to its application at all management levels within the organization. For Risk Management to be effective, the following principles apply at all levels throughout SHR. 2 2 International Standard ISO 31000:2009 Risk management Principles and guidelines Page 2 of 10
3 2.1 Risk Management creates and protects value Risk management contributes to the demonstrable achievement of objectives and improvement of performance in, for example, human health and safety, security, legal and regulatory compliance, public acceptance, environmental protection, project quality, project management, efficiency in operations, governance and reputation. 2.2 Risk Management is an integral part of all organizational processes Risk Management is not a stand-alone activity that is separate from the main activities and processes of the organization. Risk Management is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes. 2.3 Risk Management is part of decision making Risk Management helps decision makers make informed choices, prioritize actions and distinguish alternative courses of action. 2.4 Risk Management explicitly addresses uncertainty Risk Management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed. 2.5 Risk Management is systematic, structured and timely A systematic, timely and structured approach to Risk Management contributes to efficiency and to consistent, comparable and reliable results. 2.6 Risk Management is based on the best available information The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgment. However, decision makers should inform themselves of, and should take into account, any limitations of the data or modeling used or the possibility of divergence among experts. 2.7 Risk Management is tailored Risk management is aligned with the organization s external and internal context and Risk Profile. 2.8 Risk Management takes human and cultural factors into account Risk Management recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization s objectives. 2.9 Risk Management is transparent and inclusive Appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization, ensures that risk management remains relevant and up to date. Involvement also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria Risk Management is dynamic, iterative and responsive to change Risk Management continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change and others disappear. Page 3 of 10
4 2.11 Risk Management facilitates continual improvement of the organization Organizations should develop and implement strategies to improve their Risk Management maturity alongside all other aspects of their organization. 3. POLICY 3.1 SHR shall implement Enterprise Risk Management that will involve all aspects of the organization. 3.2 SHR will ensure that existing and emerging risks are identified and managed within an established Risk Appetite. 3.3 Risk Management shall be considered in all organizational approvals in a manner appropriate to the nature and scope of the initiative. Risk Management will be considered early in any planning process. 3.4 Directors, Program and Dyad Leaders and the SRHA s Audit, Finance and Risk Committee shall identify and assess all significant risks at least annually. 4. ROLES AND RESPONSIBILITIES 4.1 Vice Presidents Accountable for Risk Management within their areas of responsibility, including the delegation of Risk Management to Directors, Program and Dyad Leaders Collectively, the Senior Leadership Team is responsible for: The formal identification and assessment of risks that impact the SHR s goals, Determination of priorities, Development of strategic Risk Management plans, Monitoring progress in Risk Management, Progress review of Risk Management plans. 4.2 Directors, Program and Dyad Leaders as Risk Owners Implementation of this policy within their respective areas of responsibility Assess identified risk using the SHR Risk Matrix/Grading Tool Risk (see Appendix A) The development and implementation of effective Risk Management strategies Actively participating with the Risk Assessment process Report on the status of items in the Risk Register as required when it impacts their respective responsibilities as part of either the annual planning or review cycle. 4.3 Director, Enterprise Risk Management Maintain and implement ERM: Provide on-going guidance to all levels of management on Risk Management processes, Support the Region in carrying out the Risk Management role by providing education related to Risk Management methodologies and facilitating Risk Assessment on a region-wide basis, Facilitate development of the Risk Register for SHR which includes prioritized Risk Response, defined risk mitigation processes and measures Page 4 of 10
5 monitoring effectiveness; and facilitating action in those areas where improvements are required, Perform a periodic review of the Risk Management process, Report regularly on the status and adequacy of ERM to the Audit, Finance & Risk Committee. 4.4 Managers/Supervisors Development of Risk Management processes and the implementation of risk reduction strategies Integrate Risk Management processes into existing planning processes and management activities. 4.5 All staff Effective management of risk including the identification of potential risks. 5. POLICY MANAGEMENT The management of this policy including policy education, monitoring, implementation and amendment is the responsibility of the Director, Enterprise Risk Management. 6. NON-COMPLIANCE/BREACH Any instance of non-compliance is to be promptly communicated to and reviewed by Director, Enterprise Risk Management. The Director, Enterprise Risk Management will follow up with the appropriate business owner to document the nature of the non-compliance and the proposed remedy and timing to bring the issue to compliance. The Director, Enterprise Risk Management will report findings to the Vice President, People and Partnerships and the Senior Leadership Team as appropriate. 7. REFERENCES International Standard ISO 31000: 2009 Risk management Principles and guidelines Page 5 of 10
6 PROCEDURE Number: Title: Enterprise Risk Management Authorization [ ] President and CEO [ X] Vice President, Finance and Corporate Service Source: Director, Enterprise Risk Management Cross Index: Date Approved: January 24, 2014 Date Revised: Date Effective: April 16, 2014 Date Reaffirmed: Cross Index: Scope: SHR 1. PURPOSE The purpose of this procedure is to establish SHR s organizational process for Enterprise Risk Management. 2. PRINCIPLES 2.1 Mechanisms and methodologies are in place to identify, assess, mitigate and report risk in a systemic way. 2.2 Linkages to existing (and potentially new) working groups and committee structures ensure continuous, proactive and systemic processes to manage and integrate risk. 3. PROCEDURE 3.1 The SRHA Audit, Finance & Risk Committee establishes the organization s risk tolerance and assesses corporate risk on an annual basis. 3.2 Directors, Program and Dyad Leaders Assess and monitor SHR s risks outlined in the annual Risk Register Endorse the ERM implementation plan on an annual basis or as needed Monitor the preparedness and business continuity planning of SHR to cope with major disruption Receive regular risk reporting from Directors, Program and Dyad Leaders (Risk Owners) as appropriate or upon request. 3.3 Directors, Program and Dyad Leaders as Risk Owners Identify, assess risk (see Appendix A), mitigate and report to their respective Vice Presidents and to the Director, Enterprise Risk Management regarding risks identified in SHR s Risk Register. Page 6 of 10
7 3.3.2 Utilize risk methodologies for risk identification, assessment (see Appendix A), mitigation and reporting as required for operational planning. 3.4 Director, Enterprise Risk Management Reports to the SRHA Audit, Finance and Risk Committee on risks identified in the Risk Register on a regular basis Reviews and reports on Enterprise Risk Management and implementation plan(s) as necessary Shares/further distributes risk reporting broadly as appropriate throughout the organization Facilitates learning opportunities for staff and management to further risk awareness. 3.5 Management and Staff Embed Risk Management into all business processes and decisions and promote a culture of risk awareness when possible. 4. PROCEDURE MANAGEMENT The management of this procedure including procedures for education, monitoring, implementation and amendment is the responsibility of the Director, Enterprise Risk Management. 4. NON-COMPLIANCE/BREACH Non-compliance with this procedure may result in additional reporting to the Senior Leadership Team as appropriate. 5. REFERENCES SHR Enterprise Risk Management Policy SHR Business Continuity Policy SRHA Audit, Finance & Risk Committee Terms of Reference SRHA Governance Charter Page 7 of 10
8 Appendix A SASKATOON HEALTH REGION Risk Matrix/Grading Tool LIKELIHOOD (How likely is the risk going to occur given what we currently do?) IMPACT (How much of an impact will the risk have if it does occur?) Insignificant Minor Moderate Major Extreme Almost certain Moderate Risk Moderate Risk High Risk Critical Risk Critical Risk Likely Low Risk Moderate Risk High Risk Critical Risk Critical Risk Possible Low Risk Moderate Risk Moderate Risk High Risk High Risk Unlikely Low Risk Low Risk Moderate Risk Moderate Risk High Risk Rare Low Risk Low Risk Low Risk Moderate Risk Moderate Risk Adapted from Winnipeg Regional Health Authority
9 Risk Impact Risk Assessment Tool Impact: EXTREME Impact: MAJOR Impact: MODERATE Impact: MINOR Impact: INSIGNIFICANT STRATEGIC RISK Brand, reputation and advertising risks and risks associated with business strategy. Failure to adapt to changing environment, changing priorities, competitive risk and clinical research. Extensive adverse publicity resulting in decreased reputation Gross failure to meet strategic directions Full public inquiry (eg. Coroner s Inquest) Major scrutiny resulting in adverse publicity and impact on reputation A number of strategic objectives are not met Independent external reviews (eg. Privacy Commissioner) Moderate adverse publicity and impact on reputation Moderate number of strategic objectives are not met Minimal scrutiny resulting in some adverse publicity Minimal strategic objectives are not met No public scrutiny expected No impact to achievement of strategic objectives RESOURCE RISK An explosive area of exposure in today s labour market including employee selection, retention and turnover, absenteeism and compensation. Risks such as capital structure, credit and interest rate fluctuations, foreign exchange and accounts receivables. Death or significant harm to staff Financial loss of greater than $1M Financial impact to budget of.5% Significant mechanical, structural or information technology breakdown Permanent physical and/or emotional harm to staff lasting greater than 1 year Financial loss of $250K-$1M Financial impact to budget of.4% Significant impact to mechanical, structural or information technology systems Short term injury/harm to staff with recovery expected within 1 month Financial loss of $50K-$250K Financial impact to budget of.3% Short term impact to mechanical, structural or information technology systems Non-permanent or minor harm to staff lasting less than 1 week Financial loss of less than $50K Financial impact to budget of.2% Minimal impact to mechanical, structural or information technology systems No injury/harm to staff or no intervention required Minimal financial loss Financial impact to budget of.1% Insignificant impact to mechanical, structural or information technology systems COMPLIANCE RISK Incorporates risk arising out of product liability, management liability, failure to comply with statutes, standards, rules and regulations, and issues related to intellectual property. Gross failure to meet professional standards or comply with corporate policies and procedures Repeated failure to meet regional and/or national standards Repeated failure to meet professional standards or comply with corporate policies and procedures Failure to meet regional and/or national standards Single failure to meet professional standards or comply with corporate policies and procedures Single failure to meet regional and/or national standards Failure to meet standard with no significant consequence Minor noncompliance with regional standards, policy, protocols or guidelines Failure to meet OPERATIONAL RISK Risks related to the conduct of the business operation that results from inadequate or failed internal processes, people or systems (medical malpractice) that affect patient safety. Critical Incident as per provincial legislation Total shut down of operations Incident Command and region-wide emergency response required Injury or harm lasting greater than 1 year Adverse event resulting in increased length of stay of greater than 2 weeks All operational areas or majority of areas compromised or affected More than one site or area requiring an emergency response Short term hospital stay due to injury/harm Some disruption to services within an operational area or location One area or site emergency response required Some service disruption manageable by altered routine Incident requiring internal reporting and minor damage Minimal service disruption manageable by altered routine service objectives Adapted from Winnipeg Regional Health Authority
10 Likelihood of Occurrence DESCRIPTOR SELECT THE DESCRIPTION & FREQUENCY THAT BEST REFLECTS THE PROBABILITY THAT A RISK WILL OCCUR IN THE ABSENCE OF ANY CONSTROLS TO PREVENT THE RISK Description Frequency Almost Certain Expected to occur in most circumstances Multiple times per year Likely Will probably occur in most circumstances Has occurred several times or more, expected to occur in the next two years Possible Might occur at some time Could occur a couple of times or is expected to occur once every ten years Unlikely Could occur at some time Has not yet occurred but could occur at some time, or is expected to occur once every 30 years Rare May occur only in exceptional circumstances Have not heard of this occurring Adapted from Winnipeg Regional Health Authority
ENTERPRISE RISK MANAGEMENT FRAMEWORK
ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...
More informationRisk Management: Coordinated activities to direct and control an organisation with regard to risk.
POLICY CG01 RISK MANAGEMENT Document Control Statement This Policy is maintained by the Governance and Organisational Strategy. Any printed copy may not be up to date and you are advised to check the electronic
More informationERM Program. Enterprise Risk Management Guideline
ERM Program Enterprise Management Guideline Table of Contents PREAMBLE... 2 When should I refer to this Guideline?... 3 Why do we need a Guideline?... 4 How do I use this Guideline?... 4 Who is responsible
More informationRisk Management Policy and Framework
Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871
More informationLinking Risk Management to Business Strategy, Processes, Operations and Reporting
Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles
More informationPOL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:
POL ENTERPRISE RISK MANAGEMENT SC51 POLICY CODE: SC51 DIRECTORATE: Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: Executive Support Services RESPONSIBLE OFFICER:
More informationAvondale College Limited Enterprise Risk Management Framework 2014 2017
Avondale College Limited Enterprise Risk Management Framework 2014 2017 President s message Risk management is part of our daily life, something we do regularly; often without realising we are doing it.
More informationCouncil Meeting Agenda 27/07/15
3 Risk Management Framework Abstract Council s Risk Management Framework ( the Framework ) was adopted by Council in 2012. The Framework provides structure and guidance to Council s risk management activities
More informationENTERPRISE RISK MANAGEMENT FRAMEWORK
ROCKHAMPTON REGIONAL COUNCIL ENTERPRISE RISK MANAGEMENT FRAMEWORK 2013 Adopted 25 June 2013 Reviewed: October 2015 TABLE OF CONTENTS 1. Introduction... 3 1.1 Council s Mission... 3 1.2 Council s Values...
More informationRisk Management Policy Adopted by:
Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009
More informationRisk Management Policy
Risk Management Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from December 2008 Date last amended December 2012
More informationRISK MANAGEMENT POLICY
DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Council policy Approved Manager Organisational Development Risk Management Committee Council DATE ADOPTED:
More informationAPPENDIX 50. Enterprise risk management - Risk management overview
APPENDIX 50 Enterprise risk management - Risk management overview Energex regulatory proposal October 2014 ENTERPRISE RISK MANAGEMENT Risk Management Overview (RMO) 06 11 2013 Table of Contents 1. INTRODUCTION...
More informationThe Lowitja Institute Risk Management Plan
The Lowitja Institute Risk Management Plan 1. PURPOSE This Plan provides instructions to management and staff for the implementation of consistent risk management practices throughout the Lowitja Institute
More informationRISK MANAGEMENT REPORTING GUIDELINES AND MANUAL 2013/14. For North Simcoe Muskoka LHIN Health Service Providers
RISK MANAGEMENT REPORTING GUIDELINES AND MANUAL 2013/14 For North Simcoe Muskoka LHIN Health Service Providers Table of Contents Purpose of this document... 2 Introduction... 3 What is Risk?... 4 What
More informationRisk Management Policy
Risk Management Policy DOCUMENT CONTROL Developed by: Date: Origination: Quality, Systems & Shared s March 2014 Authorised by: Colette Kelleher April 2014 DOCUMENT REVIEW HISTORY Original Circulation date:
More informationIntegrated Risk Management Policy
Integrated Management Policy Document reference number Document developed by Quality and Patient Safety Directorate Revision number 4 Document approved by Quality and Patient Safety Directorate Approval
More informationRISK MANAGEMENT FOR INFRASTRUCTURE
RISK MANAGEMENT FOR INFRASTRUCTURE CONTENTS 1.0 PURPOSE & SCOPE 2.0 DEFINITIONS 3.0 FLOWCHART 4.0 PROCEDURAL TEXT 5.0 REFERENCES 6.0 ATTACHMENTS This document is the property of Thiess Infraco and all
More informationDistributor Liability Contract Risk Management THOMAS DOUGLASS APRIL 15, 2015
Distributor Liability Contract Risk Management THOMAS DOUGLASS APRIL 15, 2015 Today s Agenda What are we talking about today? What is Risk Evolution of risk management Understand the importance of Risk
More informationPolicy 10.105: Enterprise Risk Management Policy
Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January
More informationRISK MANAGEMENT POLICY
RISK MANAGEMENT POLICY Nuffield College s Risk Management Policy defines the College's approach to risk and how risk management should be embedded into management processes to ensure that the major risks
More informationFinancial Services FINANCIAL SERVICES UTILITIES 57 FINANCIAL SERVICES AND UTILITIES 2016-2018 BUSINESS PLAN. CR_2215 Attachment 1
CR_2215 Attachment 1 Financial Services FINANCIAL SERVICES & UTILITIES 57 FINANCIAL SERVICES AND UTILITIES 2016-2018 BUSINESS PLAN Acting Branch Manager: Stacey Padbury Table of Contents INTRODUCTION Our
More informationIn accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including:
Enterprise Risk Management Process and Procedures Scope In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including: Risk identification
More informationRisk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP
Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP 2 AGENDA About RLB / About Our Not-for-Profit Team Defining Risk Types of Organizational Risk
More informationUniversity of New England Compliance Management Framework and Procedures
University of New England Compliance Management Framework and Procedures Document data: Document type: Administering entity: Framework and Procedures Audit and Risk Directorate Records management system
More informationRISK MANAGEMENT. Authors: Phil McNaull / Lorraine Loy Approved By: PME and Court Date: December 2008 Version: 4.0 1
RISK MANAGEMENT 1 Contents Introduction 2 Corporate Governance 2 Purpose of this policy 2 Policy Objectives 2 Policy Statement 3 Scope of the policy 3 What is Risk? 4 The University s Approach 4 Description
More informationWFP ENTERPRISE RISK MANAGEMENT POLICY
WFP ENTERPRISE RISK MANAGEMENT POLICY Informal Consultation 3 March 2015 World Food Programme Rome, Italy EXECUTIVE SUMMARY For many organizations, risk management is about minimizing the risk to achievement
More informationFraud Risk Management
Fraud Risk Management Overview Discussion Questions 1) Does your organization follow a specific risk management model? If so, which one? Do you think this model adequately addresses the risks your organization
More informationRisk Assessment Tool and Guidance (Including guidance on application)
Risk Assessment Tool and Guidance (Including guidance on application) Document reference number Revision number OQR012 Document developed by 5 Document approved by Revision date October 2011 Responsibility
More informationRisk Management Policy
Risk Management Policy Risk Management Policy Record Number D14/79827 Responsible Manager Manager Strategy and Governance Last reviewed 10 March 2015 Adoption reference Council Resolution number 90.5 Previous
More informationEnterprise Risk Management Framework 2012 2016. Strengthening our commitment to risk management
Enterprise Risk Management Framework 2012 2016 Strengthening our commitment to risk management Contents Director-General s message... 3 Introduction... 4 Purpose... 4 What is risk management?... 4 Benefits
More informationThe Risk Management strategy sets out the framework that the Council has established.
Derbyshire County Council Management Policy Statement The Authority adopts a proactive approach to Management to achieve Best Value and continuous improvement and is committed to the effective management
More informationUNITED NATIONS OFFICE FOR PROJECT SERVICES. ORGANIZATIONAL DIRECTIVE No. 33. UNOPS Strategic Risk Management Planning Framework
UNOPS UNITED NATIONS OFFICE FOR PROJECT SERVICES Headquarters, Copenhagen O.D. No. 33 16 April 2010 ORGANIZATIONAL DIRECTIVE No. 33 UNOPS Strategic Risk Management Planning Framework 1. Introduction 1.1.
More informationQuality and Engagement Sub Committee
Quality and Engagement Sub Committee 12 June 2012 Corporate Risk Register and Risk Management Strategy Executive Summary As part of authorisation, Blackpool Clinical Commissioning Group (CCG) must identify
More informationRisk Management Strategy 2012-2014
Management Strategy 2012-2014 Mission: To support and develop a sustainable, thriving and resilient community through leadership and partnerships NOTE: This Document should be read in conjunction with
More informationUnderstanding Enterprise Risk Management. Presented by Dorothy Gjerdrum Arthur J Gallagher
Understanding Enterprise Risk Management Presented by Dorothy Gjerdrum Arthur J Gallagher Learning Objectives Understand the components of a wellrun ERM program Review scope and process Explore the role
More informationCloud Computing and Privacy Toolkit. Protecting Privacy Online. May 2016 CLOUD COMPUTING AND PRIVACY TOOLKIT 1
Cloud Computing and Privacy Toolkit Protecting Privacy Online May 2016 CLOUD COMPUTING AND PRIVACY TOOLKIT 1 Table of Contents ABOUT THIS TOOLKIT... 4 What is this Toolkit?... 4 Purpose of this Toolkit...
More informationRM Advancer. Liability Risk Management Award Winner Echo Entertainment Group Business overview
Liability Risk Management Award Winner Echo Entertainment Group Business overview Please provide an overview of your business that includes: Number of years established and brief company history Private,
More informationCORP 600 00 RISK MANAGEMENT POLICY & METHODOLOGY
CORP 600 00 RISK MANAGEMENT POLICY & METHODOLOGY CORP 600 RISK MANAGEMENT POLICY Purpose In March 2003, the Australian Stock Exchange (ASX) Corporate Governance Council released the first version of its
More informationAnalyzing Risks in Healthcare. February 12, 2014
Analyzing s in Healthcare February 12, 2014 1 Content What is Enterprise Management (ERM) ERM Benefits ERM Standards / ISO 31000:2009 ERM Process Register ERM Governance Model s Q&A 2 What is Enterprise
More informationBridgend County Borough Council. Corporate Risk Management Policy
Bridgend County Borough Council Corporate Risk Management Policy December 2014 Index Section Page No Introduction 3 Definition of risk 3 Aims and objectives 4 Strategy 4 Accountabilities and roles 5 Risk
More informationBoard of Directors Meeting 12/04/2010. Operational Risk Management Charter
Board of Directors Meeting 12/04/2010 Document approved Operational Risk Management Charter Table of contents A. INTRODUCTION...3 I. Background...3 II. Purpose and Scope...3 III. Definitions...3 B. GOVERNANCE...4
More informationApplying Integrated Risk Management Scenarios for Improving Enterprise Governance
Applying Integrated Risk Management Scenarios for Improving Enterprise Governance János Ivanyos Trusted Business Partners Ltd, Budapest, Hungary, ivanyos@trusted.hu Abstract: The term of scenario is used
More informationRisk Management. Policy
Policy Risk Management Endorsed: 26 February 2014 Brief description The GPC Risk Management Policy and its supporting standards and procedures provide a framework to ensure that risks arising from our
More informationCommonwealth Risk Management Policy
Commonwealth Risk Management Policy 1 July 2014 Department of Finance Business, Procurement and Asset Management 978-1-922096-51-7 (Print) 978-1-922096-50-0 (Online) Copyright Notice Content This work
More informationRisk Assessment & Enterprise Risk Management
Risk Assessment & Enterprise Risk 1 Healthcare Corporate Governance Today s environment requires building a culture of risk awareness and management of risk across the organization, while formulating less
More informationAudit, Risk Management and Compliance Committee Charter
Audit, Risk Management and Compliance Committee Charter Woolworths Limited Adopted by the Board on 27 August 2013 page 1 1 Introduction This Charter sets out the responsibilities, structure and composition
More informationEnterprise Risk Management: Taking the First Steps
Enterprise Risk Management: Taking the First Steps TN PRIMA, 2012 DOROTHY GJERDRUM, ARM, CIRM NOVEMBER 15, 2012 Agenda Goal: To understand how to begin to implement a broader approach to risk management
More informationManaging Risk in Procurement Guideline
Guideline DECD 14/10038 Managing Risk in Procurement Guideline Summary The Managing Risk in Procurement Guideline assists in the identification and minimisation of risks involved in the acquisition of
More information3 August 2012 Policy updated to reflect name changes and alignment with current Aurora Energy Group Policy standards.
Aurora Energy Risk Management Policy Version History REV NO. DATE REVISION DESCRIPTION APPROVAL 0 19/11/98 Risk Management Policy Prepared by: Manager Internal Audit 1 March 2007 Risk Management Policy
More informationV1.0 - Eurojuris ISO 9001:2008 Certified
Risk Management Manual V1.0 - Eurojuris ISO 9001:2008 Certified Section Page No 1 An Introduction to Risk Management 1-2 2 The Framework of Risk Management 3-6 3 Identification of Risks 7-8 4 Evaluation
More informationTHE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT
THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT Let me begin by thanking Baruch College for giving me the opportunity to present this year s prestigious Emanuel Saxe Lecture in Accounting.
More informationRISK MANAGEMENT POLICY. Version 3
RISK MANAGEMENT POLICY Version 3 Version: Version 3 Version 3 Authors: Liz Hollman, Mary Klaus, Sarah Langan-Hart Approved by: Healthcare Governance Committee Trust Board Approved date: May 2009 Review
More informationHealth and Safety Management Standards
Health and Safety Management Standards Health and Safety Curtin University APR 2012 PAGE LEFT INTENTIONALLY BLANK Page 2 of 15 CONTENTS 1. Introduction... 4 1.1 Hierarchy of Health and Safety Documents...
More informationIntegration of Risk Management and Internal Audit. Chartered Institute of Management Accountants, New Zealand
Integration of Risk Management and Internal Audit Chartered Institute of Management Accountants, New Zealand Contents Understanding the three lines of defense governance model What is Risk? Risk Management
More informationOAC Presentation to UNESCO Member States
OAC Presentation to UNESCO Member States Scope and Purpose of Audit and Risk Committees 29 June 2016 1 Content: 1. Context 2. Audit and Risk Management in UNESCO today 3. Relationship between Entreprise
More informationRisk Management Programme Guidelines
Risk Management Programme Guidelines Submissions are invited on these draft Reserve Bank risk management programme guidelines for non-bank deposit takers. Submissions should be made by 29 June 2009 and
More informationCorporate Risk Management Policy
Corporate Risk Management Policy Managing the Risk and Realising the Opportunity www.reading.gov.uk Risk Management is Good Management Page 1 of 19 Contents 1. Our Risk Management Vision 3 2. Introduction
More informationThe New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework
The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework Dorothy Gjerdrum, ARM-P, Chair of the ISO 31000 US TAG and Executive Director,
More informationPROCEDURES RISK MANAGEMENT FRAMEWORK AND GUIDELINES PURPOSE INTRODUCTION. 1 What is Risk?
PROCEDURES RISK MANAGEMENT FRAMEWORK AND GUIDELINES PURPOSE This Framework and Guidelines have been developed in support of the CQUniversity Risk Management Policy and are intended for use by the CQUniversity
More informationCore Infrastructure Risk Management Plan
SHIRE OF MOUNT MAGNET Roads and Buildings Core Infrastructure Risk Management Plan Version 1 May 2013 AM4SRRC Document Control Asset Management for Small, Rural or Remote Communities Document ID: 59_280_110211
More informationCompliance Management Framework. Managing Compliance at the University
Compliance Management Framework Managing Compliance at the University Risk and Compliance Office Effective from 07-10-2014 Contents 1 Compliance Management Framework... 2 1.1 Purpose of the Compliance
More informationShell s Health, Safety and Environment (HSE) management system (see Figure 11-1) provides the framework for managing all aspects of the development.
Section 11.1 APPLICATION FOR APPROVAL OF THE DEVELOPMENT PLAN FOR NIGLINTGAK FIELD PROJECT DESCRIPTION INTRODUCTION 11.1.1 HSE MANAGEMENT SYSTEM Shell s Health, Safety and Environment (HSE) management
More informationCONSULTATION PAPER Proposed Prudential Risk-based Supervisory Framework for Insurers
INSURANCE CONSULTATION PAPER Proposed Prudential Risk-based Supervisory Framework for Insurers December 2010 CONSULTATION PAPER: Proposed Risk-based Supervisory Framework (Final December 2010) Page 1 of
More informationPolicy and Procedure Statement
Policy and Procedure Statement SUBJECT: Enterprise Risk CATEGORY: General Administration NO. 502-G PREAMBLE Risk exists in all activities and cannot be avoided, nor can it always be eliminated. However,
More informationBirmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy
Birmingham CrossCity Clinical Commissioning Group Business Continuity Management Policy Version V1.0 Ratified by Operational Development Group Date ratified 6 th November 2014 Name of originator / author
More informationSan Francisco International Airport Enterprise Risk Management
San Francisco International Airport Enterprise Risk Management Mike Warren Airport Risk Manager WHAT IS ENTERPRISE RISK MANAGEMENT (ERM) It is a comprehensive program that focuses on a continuous and sustainable
More informationCOMPLIANCE & RISK MANAGEMENT THE FOUNDATION
Working together to achieve maximum results COMPLIANCE & RISK MANAGEMENT THE FOUNDATION Presented By: Mr Graham Caddies (CPRM, FRMIA, FSIA, FAIM, Grad MAICD) Advance Profitplan 173 Ross River Road Mundingburra
More informationRISK MANAGEMENT STRATEGY 2013-2016
RISK MANAGEMENT STRATEGY 2013-2016 As presented and endorsed by the Mornington Peninsula Shire s Audit Committee at its meeting of 20 February, 2013 and subsequent adoption by Council at its meeting of
More informationRISK MANAGEMENT STRATEGY AND FRAMEWORK
Uniting Church in Australia Synod of Victoria and Tasmania RISK MANAGEMENT STRATEGY AND FRAMEWORK Prepared by: Synod Risk Management Committee Date Prepared and Issued: February 2010 S:\AdminFinance\EDAF\Risk
More informationDiscipline: Technical Services Category: Procedure. Risk Management RM-01 2013. Applicability. ARTC Network Wide. Interstate Network.
Discipline: Technical Services Category: Procedure Risk Management RM-01 2013 Applicability ARTC Network Wide Interstate Network Hunter Valley Document Status Version Prepared by Reviewed by Endorsed Approved
More informationIntegrated Risk Management:
Integrated Risk Management: A Framework for Fraser Health For further information contact: Integrated Risk Management Fraser Health Corporate Office 300, 10334 152A Street Surrey, BC V3R 8T4 Phone: (604)
More informationAegon Global Compliance
Aegon Global Compliance GLOBAL Charter COMPLIANCE CHARTER aegon.com The Hague, June 1, 2013 Information sheet Target audience: All employees and management of Aegon companies Issued by: Aegon N.V. Group
More informationSolihull Clinical Commissioning Group
Solihull Clinical Commissioning Group Business Continuity Policy Version v1 Ratified by SMT Date ratified 24 February 2014 Name of originator / author CSU Corporate Services Review date Annual Target audience
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page
More informationCOMPLIANCE CHARTER 1
COMPLIANCE CHARTER 1 Contents 1. Compliance Policy Statement... 2 2. Purpose... 2 3. Mission and objective of the Directorate: Compliance... 2 3.1 Mission... 2 3.2 Objective... 3 4. Compliance risk management...
More informationTHE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK
THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date
More informationYEARENDED31DECEMBER2013 RISKMANAGEMENTDISCLOSURES
RISKMANAGEMENTDISCLOSURES 2015 YEARENDED31DECEMBER2013 ACCORDINGTOCHAPTER7(PAR.34-38)OFPARTCANDANNEXXIOFTHECYPRUSSECURITIES ANDEXCHANGECOMMISSIONDIRECTIVEDI144-2007-05FORTHECAPITALREQUIREMENTSOF INVESTMENTFIRMS
More informationDisclosure to Promote the Right To Information
इ टरन ट म नक Disclosure to Promote the Right To Information Whereas the Parliament of India has set out to provide a practical regime of right to information for citizens to secure access to information
More informationGUIDELINE NO. 22 REGULATORY AUDITS OF ENERGY BUSINESSES
Level 37, 2 Lonsdale Street Melbourne 3000, Australia Telephone.+61 3 9302 1300 +61 1300 664 969 Facsimile +61 3 9302 1303 GUIDELINE NO. 22 REGULATORY AUDITS OF ENERGY BUSINESSES ENERGY INDUSTRIES JANUARY
More informationJune 2010 HEALTH, SAFETY, AND ENVIRONMENT MANAGEMENT SYSTEM (HSEMS)
June 2010 HEALTH, SAFETY, AND ENVIRONMENT MANAGEMENT SYSTEM (HSEMS) TABLE OF CONTENTS PAGE PART I INTRODUCTION Corporate Health, Safety and Environment Policy.. 1 Purpose... 2 HSEMS Framework... 3 PART
More informationThe College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012
The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only Agenda Introduction Basic program components Recent trends in higher education risk management Why
More informationSUPERVISION GUIDELINE NO. 9 ISSUED UNDER THE AUTHORITY OF THE FINANCIAL INSTITUTIONS ACT 1995 (NO. 1 OF 1995) RISK MANAGEMENT
SUPERVISION GUIDELINE NO. 9 ISSUED UNDER THE AUTHORITY OF THE FINANCIAL INSTITUTIONS ACT 1995 (NO. 1 OF 1995) RISK MANAGEMENT Bank of Guyana July 1, 2009 TABLE OF CONTENTS 1.0 Introduction 2.0 Management
More informationRisk Management Policy
Risk Management Policy June 2015 1 2 Contents 1. Policy Objectives and Background... 4 1.1. Policy Background... 4 1.2. Policy Objective... 4 1.3. Policy Sponsor and Maintenance... 4 2. Risk Types and
More informationEnterprise Risk Management in Colleges and Universities
Enterprise Risk Management in Colleges and Universities Cherry Bekaert & Holland, L.L.P. Neal Beggan, CISA, CRISC Shane Hester, CPA, CISA Cherry, Bekaert & Holland, L.L.P. The Firm of Choice. 1 Cherry,
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK DOCUMENT INFORMATION DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Strategic document Approved Manager Organisational Development
More informationVersion: 3.0. Effective From: 19/06/2014
Policy No: RM66 Version: 3.0 Name of Policy: Business Continuity Planning Policy Effective From: 19/06/2014 Date Ratified 05/06/2014 Ratified Business Service Development Committee Review Date 01/06/2016
More informationBedford Group of Drainage Boards
Bedford Group of Drainage Boards Risk Management Strategy Risk Management Policy January 2010 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
More informationONTARIO'S DRINKING WATER QUALITY MANAGEMENT STANDARD
July 2007 ONTARIO'S DRINKING WATER QUALITY MANAGEMENT STANDARD POCKET GUIDE PIBS 6278e The Drinking Water Quality Management Standard (DWQMS) was developed in partnership between the Ministry of the Environment
More informationRISK MANAGEMENT POLICY
RISK MANAGEMENT POLICY 1. Purpose The purpose of the Risk Management Policy is to embed risk management as part of the culture of AFTRS where a shared understanding of risk leads to well-informed decision
More informationRISK MANAGEMENT AND COMPLIANCE
RISK MANAGEMENT AND COMPLIANCE Contents 1. Risk management system... 2 1.1 Legislation... 2 1.2 Guidance... 3 1.3 Risk management policy... 4 1.4 Risk management process... 4 1.5 Risk register... 8 1.6
More informationMay 2011. Wilfrid Laurier University Enterprise Risk Management Draft Final Report
May 2011 Wilfrid Laurier University Enterprise Risk Management Draft Final Report Table of contents Introduction 2 What we heard 8 Risk management current and desired state 20 Operationalizing ERM Opportunities
More informationHow To Manage Safety Risk In Aviation
4 AVIATION RISK MANAGEMENT AN INTRODUCTION Civil AVIATION AuthORITy of New Zealand BOOKLET FOUR PUBLISHED: JUNE 2013 Preface The Civil Aviation Authority (CAA) published Advisory Circular AC00-4 Safety
More informationRiver Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy
River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy Page: 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise 4. Embedding
More informationBusiness Continuity Trends, Requirements and Expectations in 2009. Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting
Business Continuity Trends, Requirements and Expectations in 2009 Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting Overview What Is Business Continuity? The Value Proposition What
More informationGuide to the National Safety and Quality Health Service Standards for health service organisation boards
Guide to the National Safety and Quality Health Service Standards for health service organisation boards April 2015 ISBN Print: 978-1-925224-10-8 Electronic: 978-1-925224-11-5 Suggested citation: Australian
More informationAdvisory Guidelines of the Financial Supervisory Authority. Requirements regarding the arrangement of operational risk management
Advisory Guidelines of the Financial Supervisory Authority Requirements regarding the arrangement of operational risk management These Advisory Guidelines have established by resolution no. 63 of the Management
More informationAPPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES
APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES Ethical Leadership and Corporate Citizenship The board should provide effective leadership based on ethical foundation. that the company
More informationHow To Audit A Company
INTERNATIONAL STANDARD ON AUDITING 315 IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT THROUGH UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT (Effective for audits of financial statements for
More information