ENTERPRISE RISK MANAGEMENT POLICY
|
|
- Alisha Ray
- 8 years ago
- Views:
Transcription
1 ENTERPRISE RISK MANAGEMENT Approved by the Audit Committee on 14 February 2003 and adopted by resolution of the Board on 28 March 2003 Revisions approved by the Audit and Risk Committee on 14 February 2008 and adopted by resolution of the Board on 6 March 2008 Revisions approved by the Risk Management Committee on 21 November 2014 and adopted by resolution of the Board on 04 December 2014
2 Contents Page A. Introduction 1 B. Statement of Policy 1 C. Objective 1 D. Enterprise Risk Management (ERM) Framework 2 E. ERM Process 3 F. ERM Governance Structure 4 Attachment 1: ISO 31000:2009 Risk Management Principles and Guidelines
3 VERSION NO. 3 REVISION NO. 2 PAGE NO. 1 of 7 A. Introduction Apart from the diversity of operations within the Ayala Group of Companies (herein referred to as the Group, its accountability to its stakeholders is further heightened with the incessant changes in the social, economic and political environment in the Philippines. To address the threats stemming from this situation, while also harnessing business opportunities as they arise, Ayala Corporation (herein referred to as the Company ), established an Enterprise Risk Management (ERM) Process that will provide a focused and disciplined approach in (1) identifying and analyzing risks on entering new investments; (2) managing the financial and operational stability of the Company; and, (3) recognizing risks inherent in the companies in its portfolio. The Company believes that risk management is an essential function for adopting strategic decisions, and having the proper approaches in place will pave the way for sustainable and resilient business operations for all its stakeholders B. Statement of Policy In general, risk affects the achievement of a Company s goals and objectives. With proper risk management in place, effects of negative risks may be alleviated, while positive risks may be capitalized, providing greater chances of enhancing the Company s value for all its stakeholders. Given the benefits provided by risk management, the Company strongly commits to the implementation of risk management within its organization. It shall utilize its risk management capabilities to maximize the value from its assets, business portfolio and other strategic business opportunities. The Group shall also embed it into their critical business activities, functions and processes to encourage enterprise and innovation. With a solid platform and strong commitment to risk management, the Company believes that they will be able to establish sustainable competitive advantage, optimize risk management cost, and pursue strategic growth opportunities with greater speed, skill and confidence. C. Objectives The ERM Policy provides the necessary foundation and organizational arrangements for managing risks across the Company. This document: Outlines the formal policies and procedures that will govern an integrated and enterprise-wide risk management process within the Company; States the key elements of the ERM framework that will assist in the effective implementation of the risk management process; Sets out a consistent approach for managing risks across the Company, aligned with relevant standards and industry s best practices; Presents the risk governance structure who will be responsible for the implementation of this policy; and,
4 VERSION NO. 3 REVISION NO. 2 PAGE NO. 2 of 7 Establishes the roles and responsibilities of each party at Ayala Corporation with regard to risk management. D. Enterprise Risk Management (ERM) Framework The approach to risk management is contained within and applied through Ayala Corporation s ERM Framework that is based on ISO 31000:2009 Risk Management Principles and Guidelines (refer to Attachment 1). This framework will assist in the effective application of the risk management process and shall ensure that relevant information for decision-making is timely and adequately reported. The components of the framework are as follows: Mandate and commitment Design of framework for managing risks Continual improvement of the framework Implementing risk management Monitoring and review of the framework Figure 1. Ayala Corporation s Enterprise Risk Management Framework Adapted from ISO 31000:2009 Risk Management Principles and Guidelines The continuing success and effectiveness of risk management largely depends on the strong and sustained commitment to it by the Company s management, supported by strategic and rigorous planning to achieve involvement at all levels of the organization and a risk-aware culture. As the ultimate champion in risk management, the Chief Risk Officer (CRO), with the assistance of the (GRMU), has the main responsibility in the implementation of risk management within the Company. In order to ensure that the program in place is effective and facilitates the achievement of the Company s goals and objectives, the GRMU must continuously monitor and periodically review the risk management framework. Based on the results of framework monitoring and review, recommendations for improvement may be provided by all personnel in the organization. All recommendations must then be consolidated by the GRMU for review by the CRO and approval by the BOD.
5 VERSION NO. 3 REVISION NO. 2 PAGE NO. 3 of 7 E. ERM Process Similar to the framework, Ayala Corporation s ERM Process also follows ISO 31000:2009. To be effective, this process shall be an integral part of management and embedded in Ayala s culture and practices. The activities comprising Ayala Corporation s ERM Process are as shown below: Establishing the context Communication and consultation Risk assessment Risk identification Risk analysis Risk evaluation Risk treatment Monitoring and review Figure 2. Ayala Corporation s Enterprise Risk Management Process Adapted from ISO 31000:2009 Risk Management Principles and Guidelines At all stages of the ERM process, an open communication and interactive consultation between top management and different business units shall take place, as this is a key to easier understanding between stakeholders and those accountable for implementing the risk management process. The Board of Directors (BOD), management committees, CRO, GRMU and different risk owners should have a collaborative effort in discussing the Company s risk management goals and objectives, defining the external and internal parameters to be considered and setting the scope for the remaining process. The GRMU, with the approval of the CRO and BOD, shall establish the Company s strategies, design and required infrastructure to ensure that the risk management capabilities of the Company are adequate. The GRMU shall then ascertain that periodic business risk assessment sessions are part of the annual strategic and business planning activities of the Company to guarantee that all significant risks are identified and evaluated appropriately. The results of risk identification, risk analysis and risk evaluation shall be reviewed periodically by the GRMU, communicated to the CRO, and reported to the BOD.
6 VERSION NO. 3 REVISION NO. 2 PAGE NO. 4 of 7 Once risk assessment has been completed, risk owners shall recommend the appropriate plan of action for addressing risks in their respective functional areas. Prior to implementation, all risk treatment plans must be duly reviewed by the GRMU. Monitoring and review of the risk management process should be conducted at regular intervals by the GRMU. It should encompass all aspects of the risk management process, and the results of which should be recorded and reported to the Risk Management Committee (RMC). In summary, the following are the key deliverables for the ERM process: Activity Key Deliverable Person Responsible Risk management goals and o Prepared by GRMU objectives o Reviewed by CRO o Approved by BOD Establishing the Context Risk management policy Risk management governance structure Risk Assessment Risk Universe o Prepared by risk Risk Treatment Risk Monitoring and Review Risk Dictionary Risk Portfolio Risk Analysis Report Risk Treatment Plan Updates to Ayala Risk Portfolio Periodic Risk Management Report Annual Risk Management Report owners o Reviewed by GRMU CRO F. ERM Governance Structure To ensure an effective and efficient management of risks within Ayala Corporation, the Company implements a risk governance structure such that an integrated and independent view of risk exposures can be obtained. Board Oversight Risk Governance Audit Policy & Management Board of Directors Risk Management Committee (RMC) Risk Appetite/Tolerance Risk Management Processes Management Committees *Committees created by Management * Internal Audit Chief Risk Officer (CRO) (GRMU)
7 VERSION NO. 3 REVISION NO. 2 PAGE NO. 5 of 7 Embedded Risk Management ERM Policy Corporate Strategy ERM Program Risk Owners Transactional Risk Management Corporate Resources Monitoring & Reporting Corporate Governance Finance Figure 3. Ayala Corporation s Enterprise Risk Management Governance Structure Reporting Structure Board of Directors Risk Management Committee Line Management Parent Chief Risk Officer Affiliate/Subsidiary Chief Risk Officer Parent Group Risk Management Unit Officer Affiliate/Subsidiary Risk Management Unit The following is the framework of responsibilities for risk management, in consistency with the Company s risk governance structure. a. Board of Directors Approves the Company s risk appetite and risk exposure allocation; Approves the Company s enterprise risk management policy and any revisions thereto; Approves the policies, strategies and systems implemented for the ongoing identification, control and mitigation of risk exposures; and, Reviews report from the Risk Management Committee with regard to the overall effectiveness of the risk management process. b. Risk Management Committee
8 VERSION NO. 3 REVISION NO. 2 PAGE NO. 6 of 7 Reviews and recommends to the Management the Company s levels of risk appetite and risk exposure allocation; Reviews and assesses the adequacy and sufficiency of the Company s policies and processes for risk identification, assessment and mitigation; Reviews the objectivity, effectiveness and efficiency of the Company s risk management function; and, Establishes a sound risk-aware culture throughout the enterprise. c. Management Committees Provide strategic leadership for the Company s risk management; Provide oversight of the strategic and operational risks for the Company, including reviewing the Company s risk universe and the progress of treatment plans that are being managed by different business units; Regularly identifies risk priorities and aligns business objectives with risk strategies and policies; and, Arbitrates and resolves conflicts arising from different risk mitigation strategies among business units. d. Internal Audit Provides objective and reasonable assurance that the internal control framework is operating effectively; Reports directly to the RMC any risk management issue due to identified internal control deficiencies and provide recommendations for improvement; Reviews the alignment of internal control framework with the identified risk exposures; and, Assists in the enhancement of the understanding of risk and controls among line staff. e. Chief Risk Officer The CRO is the advocate of enterprise-wide risk management at Ayala Corporation and oversees the entire risk management function. He: Works with the management committees, as well as operational units, to integrate risk management within the Company; Ensures that the Company s overall risk exposures are consistent with its risk appetite and are properly covered by risk policies; Strengthens systems and measurement tools needed to provide robust foundation for risk management; Identifies developing or emerging risks, concentrations and other situations that need to be studied through stress testing or other techniques; Ensures that all initiatives related to risk management are monitored and reported to the appropriate members of the organization; Monitors the top risks of the Company and reports status of the implementation of risk management strategies and action plans; and,
9 VERSION NO. 3 REVISION NO. 2 PAGE NO. 7 of 7 Ensures that the GRMU receives appropriate organizational support to implement enterprise risk management on a day-to-day basis. f. The GRMU has the overall accountability and ownership for the continuity and success of the enterprise risk management function. The GRMU Head, together with its members, shall: Continuously work with the CRO in developing, implementing, reviewing and improving the Company s ERM framework and associated policies and procedures; Formulate an annual risk management plan and coordinate overall enterprise risk management activities within the Company; Assist the Management in determining, evaluating and measuring the Company s risk exposures, risk appetite and risk tolerance; Ensures that developing or emerging risks and interrelationship of new and existing risks are regularly reviewed, updated and reported to the CRO; and, Facilitates continuing education of Company personnel in order to enhance the capacity and capability of all departments to effectively and efficiently manage risk. g. Risk Owners Are ultimately responsible for risks in their functional areas of responsibility; Collect and analyze risk data to provide risk information to the Board, RMC and other departments of the Company; Approve and coordinate risk management efforts and specific strategies in their functional areas; Recommend risk tolerance levels or risk limits with corresponding measurement methods for approval by the Board; Evaluate measurement methodologies used in quantifying risks in their functional areas; and, Evaluate the effectiveness of the infrastructure (e.g., people, systems, support) in place for managing specific risks in their respective functional areas. While the Company has formal risk governance structure, all staff still bear the responsibility to contribute to the continued improvement and enhancement of the Company s risk management capabilities. They shall take all reasonable and practical steps to perform their responsibilities in relation to risk management. Furthermore, they shall report to Management any incidents that may result in unacceptable levels of risk or non-compliance with established procedures for measuring and reporting risk.
Confident in our Future, Risk Management Policy Statement and Strategy
Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents
More informationPolicy 10.105: Enterprise Risk Management Policy
Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January
More informationHow To Transform It Risk Management
The transformation of IT Risk Management kpmg.com The transformation of IT Risk Management The role of IT Risk Management Scope of IT risk management Examples of IT risk areas of focus How KPMG can help
More informationManaging Risk at Bank of America Corporation. Overview
Managing Risk at Bank of America Corporation Overview Risk is inherent in every material business activity that we undertake. Our business exposes us to strategic, credit, market, liquidity, compliance,
More informationEnterprise Risk Management Framework 2012 2016. Strengthening our commitment to risk management
Enterprise Risk Management Framework 2012 2016 Strengthening our commitment to risk management Contents Director-General s message... 3 Introduction... 4 Purpose... 4 What is risk management?... 4 Benefits
More informationAPPENDIX 50. Enterprise risk management - Risk management overview
APPENDIX 50 Enterprise risk management - Risk management overview Energex regulatory proposal October 2014 ENTERPRISE RISK MANAGEMENT Risk Management Overview (RMO) 06 11 2013 Table of Contents 1. INTRODUCTION...
More informationIFAD Policy on Enterprise Risk Management
Document: EB 2008/94/R.4 Agenda: 5 Date: 6 August 2008 Distribution: Public Original: English E IFAD Policy on Enterprise Risk Management Executive Board Ninety-fourth Session Rome, 10-11 September 2008
More informationCOMPLIANCE CHARTER 1
COMPLIANCE CHARTER 1 Contents 1. Compliance Policy Statement... 2 2. Purpose... 2 3. Mission and objective of the Directorate: Compliance... 2 3.1 Mission... 2 3.2 Objective... 3 4. Compliance risk management...
More informationGuidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Board of Directors March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance
More informationHow To Manage Risk At Atb Financial
Guidelines for Financial Institutions Legislative Compliance Management (LCM) Date: July 2004 Introduction Regulatory risk is the risk of non-compliance with applicable regulatory requirements. For the
More informationRISK MANAGEMENT FRAMEWORK 2013-2014 OKHAHLAMBA LOCAL MUNICIPALITYITY
RISK MANAGEMENT FRAMEWORK 2013-2014 OKHAHLAMBA LOCAL MUNICIPALITYITY Page 1 CONTENTS 1. Foreword by the Mayor... 3 2. Background... 4 2.1 Introduction... 4 2.2 Overall purpose of the Enterprise Risk Management
More informationENTERPRISE RISK MANAGEMENT FRAMEWORK
ROCKHAMPTON REGIONAL COUNCIL ENTERPRISE RISK MANAGEMENT FRAMEWORK 2013 Adopted 25 June 2013 Reviewed: October 2015 TABLE OF CONTENTS 1. Introduction... 3 1.1 Council s Mission... 3 1.2 Council s Values...
More informationEffective risk management
Effective risk management Our holistic and disciplined risk management program is designed to mitigate risks at all levels of our business in order to protect our clients interests. 2 Vanguard > Effective
More informationPolicy and Procedure Statement
Policy and Procedure Statement SUBJECT: Enterprise Risk CATEGORY: General Administration NO. 502-G PREAMBLE Risk exists in all activities and cannot be avoided, nor can it always be eliminated. However,
More informationEnterprise Risk Management
Cayman Islands Society of Professional Accountants Enterprise Risk Management March 19, 2015 Dr. Sandra B. Richtermeyer, CPA, CMA What is Risk Management? Risk management is a process, effected by an entity's
More informationENTERPRISE RISK MANAGEMENT FRAMEWORK
ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...
More informationTHE GOVERNANCE OF RISK MANAGEMENT. Session 5
THE GOVERNANCE OF RISK MANAGEMENT Session 5 Polling Question: Who is primarily responsible for risk governance in any organization? 0% A. The board or board risk committee (if applicable) B. The CRO 0%
More informationUNITED NATIONS OFFICE FOR PROJECT SERVICES. ORGANIZATIONAL DIRECTIVE No. 33. UNOPS Strategic Risk Management Planning Framework
UNOPS UNITED NATIONS OFFICE FOR PROJECT SERVICES Headquarters, Copenhagen O.D. No. 33 16 April 2010 ORGANIZATIONAL DIRECTIVE No. 33 UNOPS Strategic Risk Management Planning Framework 1. Introduction 1.1.
More informationAegon Global Compliance
Aegon Global Compliance GLOBAL Charter COMPLIANCE CHARTER aegon.com The Hague, June 1, 2013 Information sheet Target audience: All employees and management of Aegon companies Issued by: Aegon N.V. Group
More informationDepartment of Veterans Affairs VA Directive 0054. VA Enterprise Risk Management (ERM)
Department of Veterans Affairs VA Directive 0054 Washington, DC 20420 Transmittal Sheet April 8, 2014 VA Enterprise Risk Management (ERM) 1. REASON FOR ISSUE: This directive provides guidelines to help
More informationMission/Purpose: Committee Responsibilities:
Joint Charter of the Risk Assessment Committees of the Boards of Directors of New York Community Bancorp, Inc., New York Community Bank and New York Commercial Bank The following states the Joint Charter
More informationTHE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK
THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date
More informationISO 31000:2009 - ISO/IEC 31010 & ISO Guide 73:2009 - New Standards for the Management of Risk
Kevin W Knight AM CPRM; Hon FRMIA; FIRM (UK); LMRMIA: ANZIIF (Mem) ISO 31000:2009 - ISO/IEC 31010 & ISO Guide 73:2009 - New Standards for the Management of Risk History of the ISO and Risk Management Over
More informationPrinciples for An. Effective Risk Appetite Framework
Principles for An Effective Risk Appetite Framework 18 November 2013 Table of Contents Page I. Introduction... 1 II. Key definitions... 2 III. Principles... 3 1. Risk appetite framework... 3 1.1 An effective
More informationRisk Management Framework
Risk Management Framework Mandate and commitment Design of framework for managing risks Continual improvement of the framework Implementing risk management Monitoring and review of the framework Source:
More informationOWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT
OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT ERM as the foundation for regulatory compliance and strategic business decision making CONTENTS Introduction... 3 Steps to developing an
More informationClarius Group Risk Management Policy and Framework
1. Introduction Clarius Group Risk Management Policy and Framework 1.1 Definition Risk is the chance of something happening that will have an impact on objectives. Risk provides the opportunity (upside)
More informationFlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk
Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk 2012 The Flynt Group, Inc., All Rights Reserved FlyntGroup.com Enterprise Risk Management and Business
More informationThe New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework
The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework Dorothy Gjerdrum, ARM-P, Chair of the ISO 31000 US TAG and Executive Director,
More informationInternal Auditing Guidelines
Internal Auditing Guidelines Recommendations on Internal Auditing for Lottery Operators Issued by the WLA Security and Risk Management Committee V1.0, March 2007 The WLA Internal Auditing Guidelines may
More informationUniversity of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No. 2008-19 June 2007
University of St. Gallen Law School Law and Economics Research Paper Series Working Paper No. 2008-19 June 2007 Enterprise Risk Management A View from the Insurance Industry Wolfgang Errath and Andreas
More informationIntegrated Risk Management:
Integrated Risk Management: A Framework for Fraser Health For further information contact: Integrated Risk Management Fraser Health Corporate Office 300, 10334 152A Street Surrey, BC V3R 8T4 Phone: (604)
More informationBoard oversight of risk: Defining risk appetite in plain English
www.pwc.com/us/centerforboardgovernance Board oversight of risk: Defining risk appetite in plain English May 2014 Defining risk appetite in plain English Risk oversight continues to be top-of-mind for
More informationOperational Risk Management - The Next Frontier The Risk Management Association (RMA)
Operational Risk Management - The Next Frontier The Risk Management Association (RMA) Operational risk is not new. In fact, it is the first risk that banks must manage, even before they make their first
More informationFFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors
Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed
More informationIRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS
IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS 1 Module 1: Principles of Risk and Risk Management Module aims The aim of this module is to provide an introduction to the principles and concepts of risk and
More informationEnterprise Risk Management: COSO, New COSO, ISO 31000. Review of ERM
Enterprise Risk Management: COSO, New COSO, Dr. Hugh Van Seaton, Ed. D., CSSGB, CGMA, CPA Review of ERM COSO a process, effected by an entity's board of directors, management and other personnel, applied
More informationFINANCIAL ASSESSMENT CRITERIA (The Assessment Criteria should be read in conjunction with OSFI s Supervisory Framework)
ROLE OF Financial is an independent function responsible for ensuring the timely and accurate reporting and in-depth analysis of the operational results of the operating units (including business lines)
More informationRSA ARCHER OPERATIONAL RISK MANAGEMENT
RSA ARCHER OPERATIONAL RISK MANAGEMENT 87% of organizations surveyed have seen the volume and complexity of risks increase over the past five years. Another 20% of these organizations have seen the volume
More informationSOL PLAATJE MUNICIPALITY ENTERPRISE RISK MANAGEMENT FRAMEWORK AND POLICY
SOL PLAATJE MUNICIPALITY ENTERPRISE RISK MANAGEMENT FRAMEWORK AND POLICY Prepared by: SOL PLAATJE MUNICIPALITY RISK MANAGEMENT UNIT AND Consolidated Advisory Services This document should be read in conjunction
More informationSTANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework
STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES ENTERPRISE RISK MANAGEMENT Framework September 2011 Notice This document is intended as a reference tool to assist Ontario credit unions to develop an
More informationInternational Diploma in Risk Management Syllabus
International Diploma in Risk Management Syllabus Module 1: Principles of Risk and Risk Management The aim of this module is to provide an introduction to the principles and concepts of risk and risk management.
More informationIIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT
IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT Revised: Page 1 of 8 Introduction The importance to strong corporate governance of managing risk has been increasingly
More information10-005 Enterprise Risk Management
10-005 Enterprise Risk Management Current update: 09/16/10 Original Issuance: 03/31/08 Purpose This policy provides guidance and direction to State Board of Administration business unit heads for identifying,
More informationIT Governance. What is it and how to audit it. 21 April 2009
What is it and how to audit it 21 April 2009 Agenda Can you define What are the key objectives of How should be structured Roles and responsibilities Key challenges and barriers Auditing Scope Test procedures
More informationENTERPRISE RISK MANAGEMENT POLICY
ENTERPRISE RISK MANAGEMENT POLICY TITLE OF POLICY POLICY OWNER POLICY CHAMPION DOCUMENT HISTORY: Policy Title Status Enterprise Risk Management Policy (current, revised, no change, redundant) Approving
More informationOperational Risk Management Program Version 1.0 October 2013
Introduction This module applies to Fannie Mae and Freddie Mac (collectively, the Enterprises), the Federal Home Loan Banks (FHLBanks), and the Office of Finance, (which for purposes of this module are
More informationCORPORATE GOVERNANCE
CORPORATE GOVERNANCE Lesson n. 9 Corporate Governance and Risk Management a.y. 2015-2016 1 st semester f.buzzichelli@lumsa.it CG and Risk Management Contents 1. Corporate Risk Assessment: ERM 2. US COSO
More informationAvondale College Limited Enterprise Risk Management Framework 2014 2017
Avondale College Limited Enterprise Risk Management Framework 2014 2017 President s message Risk management is part of our daily life, something we do regularly; often without realising we are doing it.
More informationIssued on: 1 March 2013. Risk Governance
Risk Governance PART A OVERVIEW... 1 I. Introduction... 1 II. cope of the Policy... 2 PART B PRINCIPLE OF RIK GOVERNANCE... 3 III. Board practices... 3 IV. enior management oversight... 7 V. Risk management
More informationRisk Management. Group Standard
Group Standard Risk Management Effective risk management allows Serco to improve customer service, maximize opportunities and reduce business loss from overruns and cost from risks that materialise SMS
More informationGUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012
GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental
More informationSaldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology
Inclusive of, framework, procedures and methodology Contents 1 Introduction 1 1.1 Legislative Framework and best practice 1 1.2 Purpose of Enterprise Risk Management 2 1.3 Scope and Applicability 3 1.4
More informationGUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES
20 th February, 2013 To Insurance Companies Reinsurance Companies GUIDELINES ON RISK MANAGEMENT AND INTERNAL CONTROLS FOR INSURANCE AND REINSURANCE COMPANIES These guidelines on Risk Management and Internal
More informationFeature. Developing an Information Security and Risk Management Strategy
Feature Developing an Information Security and Risk Management Strategy John P. Pironti, CISA, CISM, CGEIT, CISSP, ISSAP, ISSMP, is the president of IP Architects LLC. He has designed and implemented enterprisewide
More informationSAI GLOBAL LIMITED Risk Management Policy
SAI GLOBAL LIMITED Risk Management Policy SAI Global Ltd ABN 67050611642 Last Updated: February 2012 Contents 1. Risk Management... 3 2. Policy... 3 3. Risk Management Philosophy... 3 4. Risk Appetite...
More informationStrategic Risk Management for School Board Trustees
Strategic Management for School Board Trustees A Management Process Framework May, 2012 Table of Contents Introduction Page I. Purpose....................................... 3 II. Applicability and Scope............................
More informationRisk Management Policy Adopted by:
Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009
More informationPublic Sector Pension Investment Board
Public Sector Pension Investment Board Office of the Auditor General of Canada Bureau du vérificateur général du Canada Ce document est également publié en français. Her Majesty the Queen in Right of Canada,
More information3 August 2012 Policy updated to reflect name changes and alignment with current Aurora Energy Group Policy standards.
Aurora Energy Risk Management Policy Version History REV NO. DATE REVISION DESCRIPTION APPROVAL 0 19/11/98 Risk Management Policy Prepared by: Manager Internal Audit 1 March 2007 Risk Management Policy
More informationengage ERM ADVISORY Insurer Management Risk Committee Practices
engage ERM ADVISORY Insurer Management Risk Committee Practices 2012 There are three major organizational steps that insurers with significant Enterprise Risk Management programs usually consider: the
More informationRisk management and the transition of projects to business as usual
Advisory Risk management and the transition of projects to business as usual Financial Services kpmg.com 2 Risk Management and the Transition of Projects to Business as Usual Introduction Today s banks,
More informationRisk Management Policy
Risk Management Policy Risk Management Policy Record Number D14/79827 Responsible Manager Manager Strategy and Governance Last reviewed 10 March 2015 Adoption reference Council Resolution number 90.5 Previous
More informationAn Effective Approach to Transition from Risk Assessment to Enterprise Risk Management
Bridgework: An Effective Approach to Transition from Risk Assessment to Enterprise Risk Management @Copyright Cura Software. All rights reserved. No part of this document may be transmitted or copied without
More informationCopyright 2015 The Ins4tutes
ERM 57 Review ERM001 Speakers: Michael W. Elliott, CPCU, AIAF, Senior Director of Knowledge Resources, The Institutes Ann Myhr, CPCU, ARM, AU, Senior Director of Knowledge Resources, The Institutes Learning
More informationBridgend County Borough Council. Corporate Risk Management Policy
Bridgend County Borough Council Corporate Risk Management Policy December 2014 Index Section Page No Introduction 3 Definition of risk 3 Aims and objectives 4 Strategy 4 Accountabilities and roles 5 Risk
More informationOAC Presentation to UNESCO Member States
OAC Presentation to UNESCO Member States Scope and Purpose of Audit and Risk Committees 29 June 2016 1 Content: 1. Context 2. Audit and Risk Management in UNESCO today 3. Relationship between Entreprise
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page
More informationTable of Contents PERFORMANCE REVIEWS STRATEGIC REVIEWS
SECTION 270 PERFORMANCE AND STRATEGIC REVIEWS Table of Contents 270.1 To which agencies does this section apply? 270.2 What is the purpose of this section? PERFORMANCE REVIEWS 270.3 What is the purpose
More informationGovernance Guideline SEPTEMBER 2013 BC CREDIT UNIONS. www.fic.gov.bc.ca
Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS www.fic.gov.bc.ca INTRODUCTION The Financial Institutions Commission 1 (FICOM) holds the Board of Directors 2 (board) accountable for the stewardship
More informationEnterprise Risk Management Policy
Enterprise Risk Management Policy A Framework for Managing Opportunity and Risk Date: 27 November 2015 Version: 13.0 Classification: Unclassified Authors: Julie Holland - Risk Management Facilitator Quality
More informationGovernance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.
Governance and Risk Management in the Public Sector Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.org 1 Agenda Governance, why is it important? Compliance
More informationThe multisourcing approach to IT consolidation
Experience the commitment WHITE PAPER The multisourcing approach to IT consolidation The proven commercial practice of multisourcing services integration can help state and local governments achieve IT
More informationPART B INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS (ICAAP)
Framework (Basel II) Internal Capital Adequacy Assessment PART A OVERVIEW...2 1. Introduction...2 2. Applicability...3 3. Legal Provision...3 4. Effective Date of Implementation...3 5. Level of Application...3
More informationGUIDELINES ON CORPORATE GOVERNANCE FOR LABUAN BANKS
GUIDELINES ON CORPORATE GOVERNANCE FOR LABUAN BANKS 1.0 Introduction 1.1 Good corporate governance practice improves safety and soundness through effective risk management and creates the ability to execute
More informationEffective Enterprise Risk Management with ErmsCo ERM Foundation
Executive Brief Effective Enterprise Risk Management with ErmsCo ERM Foundation Introduction to ErmsCo About ErmsCo ErmsCo is a consulting and training firm that focuses on assisting financial institutions
More informationPOL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:
POL ENTERPRISE RISK MANAGEMENT SC51 POLICY CODE: SC51 DIRECTORATE: Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: Executive Support Services RESPONSIBLE OFFICER:
More informationMapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA
Volume 3, July 2014 Come join the discussion! Alberto León Lozano will respond to questions in the discussion area of the COBIT 5 Use It Effectively topic beginning 21 July 2014. Mapping COBIT 5 with IT
More informationPractice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE
Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE March 2012 Table of Contents Executive Summary... 1 Introduction... 1 Risk Management and Assurance (Assurance Services)... 1 Assurance Framework...
More informationERM and GRC Fundamentals. Risk Management Definitions & Guiding Principles. Module 1
ERM and GRC Fundamentals Risk Management Definitions & Guiding Principles Module 1 Agenda Introduction: Purpose and Goal of the Training (5 min.) Section 1: ERM / GRC Terms & Concepts (15 min.) Section
More informationAPPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014
WOOLWORTHS HOLDINGS LIMITED CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 This table is a useful reference to each of the King III principles
More informationAPPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES
APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES Ethical Leadership and Corporate Citizenship The board should provide effective leadership based on ethical foundation. that the company
More informationState of Minnesota. Enterprise Security Strategic Plan. Fiscal Years 2009 2013
State of Minnesota Enterprise Security Strategic Plan Fiscal Years 2009 2013 Jointly Prepared By: Office of Enterprise Technology - Enterprise Security Office Members of the Information Security Council
More informationOrganizational Change Management: A Best Practice to Effective ERM Implementation
Organizational Change Management: A Best Practice to Effective ERM Implementation Christine Ackerman, CPA Associate Vice President & Director of Internal Audit University of Cincinnati Anita Ingram, ARM
More informationBusiness Resilience and Risk Management
Policy Business Resilience and Risk Management Document Number GOV-POL-37 1.0 Policy Statement Stanwell is committed to delivering a business resilience platform across all levels of the business and its
More informationAnalytics Strategy Information Architecture Data Management Analytics Value and Governance Realization
1/22 As a part of Qlik Consulting, works with Customers to assist in shaping strategic elements related to analytics to ensure adoption and success throughout their analytics journey. Qlik Advisory 2/22
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
More informationCreating Risk Gladiators
Creating Risk Gladiators PALADIN RISK MANAGEMENT SERVICES, CREATING RISK GLADIATORS All organisations, no matter whether private, government or not-forprofit have one thing in common they all work in an
More informationWFP ENTERPRISE RISK MANAGEMENT POLICY
WFP ENTERPRISE RISK MANAGEMENT POLICY Informal Consultation 3 March 2015 World Food Programme Rome, Italy EXECUTIVE SUMMARY For many organizations, risk management is about minimizing the risk to achievement
More informationIT Governance Regulatory. P.K.Patel AGM, MoF
IT Governance Regulatory Perspective P.K.Patel AGM, MoF Agenda What is IT Governance? Aspects of IT Governance What banks should consider before implementing these aspects? What banks should do for implementation
More informationA Risk Management Standard
A Risk Management Standard Introduction This Risk Management Standard is the result of work by a team drawn from the major risk management organisations in the UK, including the Institute of Risk management
More informationDirect Line Insurance Group plc (the Company ) Board Risk Committee (the Committee ) Terms of Reference
Direct Line Insurance Group plc (the Company ) Board Risk Committee (the Committee ) Terms of Reference Chair An Independent Non-Executive Director In the absence of the Committee Chairman and an appointed
More informationRISK AND COMPLIANCE COMMITTEE CHARTER
1. GENERAL SCOPE AND AUTHORITY 1.1 Introduction This charter governs the operations of the Risk & Compliance Committee of Redflex Holdings Limited (RHL or Company). 1.2 Purpose The Risk & Compliance Committee
More informationFraming the future of corporate governance Deloitte Governance Framework
Framing the future of corporate governance Deloitte Governance Framework For those interested in the topic of corporate governance, these are dynamic times. The events of the past decade have led to the
More informationTransforming risk management into a competitive advantage kpmg.com
INSURANCE RISK MANAGEMENT ADVISORY SOLUTIONS Transforming risk management into a competitive advantage kpmg.com 2 Transforming risk management into a competitive advantage Assessing risk. Building value.
More informationLinking Risk Management to Business Strategy, Processes, Operations and Reporting
Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles
More informationVersion Adoption by Council: 2013 Resolution Number: 2013/177 Current Version: V1.0 Administered by: Governance Coordinator
Risk Management Framework Version Adoption by Council: 2013 Resolution Number: 2013/177 Current Version: V1.0 TRIM CON: 12/1132 Administered by: Governance Coordinator Last Review Date: 2013 Next Review
More informationThe Lowitja Institute Risk Management Plan
The Lowitja Institute Risk Management Plan 1. PURPOSE This Plan provides instructions to management and staff for the implementation of consistent risk management practices throughout the Lowitja Institute
More informationRISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer
RISK MANAGEMENT FRAMEWORK 1 SUMMARY The Risk Management Framework consists of the following: Risk Management policy Risk Management strategy Risk Management accountability Risk Management framework structure.
More information