ENTERPRISE RISK MANAGEMENT FRAMEWORK

Size: px
Start display at page:

Download "ENTERPRISE RISK MANAGEMENT FRAMEWORK"

Transcription

1 ENTERPRISE RISK MANAGEMENT FRAMEWORK - Controlled Copy (Uncontrolled when printed or displayed on the Web) PAGE 1

2 Amendment Record Date Description Prepared by Review by Approved by 9 Dec 2012 EMR Framework 31 Dec 2013 EMR Framework 12 March 2015 EMR Framework Ian Erskine Jon Bergsson Ian Erskine QCSE QCSE & RABQSA Ian Erskine QCSE & EG Ian Erskine Distribution of controlled copies Copy Issued to: 1 Ian Erskine 2 Jon Bergsson 3 Myles Erskine 4 EG 5 QCSE PAGE 2

3 TABLE OF CONTENTS Amendment Record... 2 Distribution of controlled copies... 2 TABLE OF CONTENTS Overview The Process...8 APPENDIX A: GUIDING PRINCIPLES...15 APPENDIX B: ERM POLICY...16 Appendix C: Identified Risks...19 PAGE 3

4 1. Overview i) Application This document is intended to provide guidance on implementing an effective Enterprise Risk Management (ERM) program for ACI Global Pty Ltd. The basic principles outlined in these documents and the methodology and process adopted will need to be modified and appropriately scaled to reflect changes to ACI Global as it grows in size and complexity. This will include consideration of the range of products and services on offer, geographic coverage, business strategies and technology. As ACI Global grows in size and complexity the ERM program should evolve to ensure that all significant new, emerging and increased risks are appropriately considered and addressed as part of the on-going review and assessment process. When establishing an appropriate and effective enterprise risk management process, ACI Global, its personnel and agencies should give consideration to the guiding principles outlined in Appendix A. ii) Definitions Risk is an event or activity that may have an impact on ACI Global s ability to effectively execute its strategies and achieve its objectives or which may cause a significant opportunity to be missed. Risk Management is an on-going process, involving ACI Global s Owners, management and other personnel. It is a systematic approach to setting the best course of action to manage uncertainty by identifying, analysing, assessing, responding to, monitoring and communicating risk issues/events that may have an impact on an organisation successfully achieving their business objectives. Assurance is process that provides a level of confidence that objectives will be achieved within an acceptable level of risk Potential Exposure is the maximum foreseeable loss is an estimate of the amount of damage that would be expected to occur in the event that all loss protections failed. Risk Appetite is the degree of risk, on a broad-based level, that a ACI GLOBAL is willing to accept or take in pursuit of its objectives. Risk Tolerance is the level of risk that ACI GLOBAL is willing to accept in various risk areas. This can be measured in terms of both quantitative and qualitative dimensions. Risk Officer (if one is appointed) is normally identified as the person responsible to coordinate and oversee management of the ERM process and approve reports to the Owners. PAGE 4

5 iii) Introduction Enterprise Risk Management is defined as:... a process, effected by an entity s Owner, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of the entity s objectives. In summary, ERM: is a comprehensive, systematic, disciplined and proactive process that is used to identify, assess, manage and report on the significant strategic, business and process level risks related to the achievement of the company objectives which are inherent in the business strategy and operations at any point in time; is a decision making process for measuring and addressing any variation (positive or negative) from ACI Global s desired objectives; forms a basis for ACI Global s decision making processes from the development of its strategy and objectives to its daily operations, reporting and compliance routines; provides the ability for management to make more efficient use/allocation of capital and resources within the organisation to optimise financial outcomes; optimises risk management by balancing the cost of risk with the cost of control for all aspects of ACI Global s potential risk areas to ensure organisational objectives are met; is an integral part of sound business and financial management from the strategic planning process to the day-to-day operations of ACI GLOBAL that helps identify and manage all material internal and external risks and opportunities that may affect its performance, reputation and viability; seeks to enhance value and preserve the longer term viability of ACI GLOBAL; and is a fundamental responsibility and accountability of the Owner and senior management. ERM involves a pro-active holistic enterprise-wide view of all risks and their associated risk appetite and tolerances to ensure that they are fully aligned with ACI Global s objectives and strategies and reflects the quality, competencies and capacity of people, technology and asset backing of the business. ERM also helps identify the interdependency and interaction of risks across the organisation and provides the tools to rationalise risk management activities. PAGE 5

6 iv) Purpose and Objectives The purpose of ERM is to create, protect, and enhance ACI Global s viability as a sustainable business by managing the uncertainties that could influence achieving its objectives. Implementing an effective ERM achieves the following key objectives: Oversight: All critical risks have been identified and are being managed and monitored under a holistic approach consistent with the Owner s approved risk appetite statement. Ownership and Responsibility: The ownership of risk is assigned to management individuals who are responsible for identifying, evaluating, mitigating and reporting risk exposures. Assurance: The Owner, management and members have reasonable assurance that risk is being appropriately managed within defined levels to bring value to the organisation. v) Benefits ACI GLOBAL which successfully implements ERM should expect the following benefits: More efficient use of financial capital and resources and resulting impact on cash flow, Reduced likelihood of operational loss, Earlier detection of unlawful activities, Fewer surprises, Focus on lower cost prevention rather than higher cost resolution strategies, Cost savings by using risk information to streamline and improve processes, Increased awareness and integrated view of risks (existing and emerging), Systematic, repeatable approach to mitigate risks and identify opportunities, and Clearer, better informed decisions. By being informed, the Owner and senior management can be proactive in responding to the significant risks and opportunities that ACI GLOBAL experiences as a learning services provider. ERM helps identify strategically significant high priority risk issues for the Owners attention. Through a comprehensive risk identification and assessment process, ACI GLOBAL can identify who owns the risk and how best to respond to the risk. This ensures that the most appropriate and optimum level of resources is assigned to areas of greatest risk. Enterprise risk management helps identify opportunities as well as identifying risks. To be effective and not create additional overhead, ERM should be integrated into existing processes within ACI GLOBAL that support PAGE 6

7 such activities as strategic planning, business-planning, conformance monitoring, performance measurement and process reassessment. Building ERM into existing processes increases awareness and sensitivity to risk and helps create a culture where risk is proactively assessed and managed at every level. vi) Roles and Responsibilities The key roles and responsibilities of the Owner and Management are summarised below. Key ERM Roles and Responsibilities The Owner governs the risk profile of ACI GLOBAL Oversees of ERM framework - gains assurance on its effectiveness; Establishes, approves, annually updates governing policy on Enterprise Risk; Articulates risk appetite/risk tolerance in policy; Gains understanding of overall risk profile of ACI GLOBAL at inherent and residual levels; Gains understanding of significant risks at inherent and residual levels; Understands level of risk in relation to aggregate residual risk of ACI GLOBAL business; and Approves acceptance of residual risks or direct additional risk response action where residual level is in excess of established risk appetite/tolerance; Gains assurance that management has undertaken the risk responses as outlined; Monitors risk indicators for known significant risks on quarterly basis and more frequently on specific risks when issues arise; Monitors emerging risks and discuss implications with management Management takes action to manage the risks to an acceptable level Develops processes to implement Enterprise Risk Management in ACI GLOBAL; Assigns responsibilities for risk ownership, monitoring of risk, risk reporting; Identifies process to develop risk profile; PAGE 7

8 Implements processes to develop risk profile and to assess the severity of each risk; Implements processes to determine risk responses are in place, and identify if further action required; Determines level of risk in place, make recommendations where it is not sufficient; Reports to the Owner on the risk profile of the ACI GLOBAL including significant risks at the inherent and residual level; Takes action, monitors to ensure risk responses operate effectively and continuously; Presents periodic reports to Owner which present risk indicators and level of risk by categories; and Presents information to the Owner on emerging risks. 2. The Process ERM is an on-going and cyclical process. The Owner and senior management set the tone for enterprise risk management in ACI GLOBAL. This includes establishing ACI Global s risk appetite and how risks will be identified, measured and managed. There are five primary steps in the ERM process. It is also important to ensure that ERM process and risks are re-evaluated and updated on an on-going basis to reflect new information and experiences so that all significant risks are appropriately identified and addressed and that any material opportunities are not overlooked. PAGE 8

9 Enterprise Risk Management Cycle The process requires the involvement from all levels in ACI GLOBAL and requires a willingness to understand the risk facing ACI GLOBAL, assist with the creation of appropriate responses to risks, and maintain them within the risk appetite and tolerances established by the Owner and senior management. i) Risk Identification Identification of risks should occur on an on-going basis for existing processes and on an adhoc basis as required for new learning product introductions, training projects or changes contemplated to existing learning products and processes. There are several techniques that may be used to help identify risks including self-assessment questionnaires, surveys, workshops and interviews. PAGE 9

10 Monitoring Reporting Risk Response & Action On-going reevaluation and Risk Identification Risk Assessment & Measurement To help with risk identification, risks should be considered within main risk categories. ACI GLOBAL has two clear risk areas: Organisational and Operational / Learning Services. Organisational risk relates to the business plan can be further classified as: strategic, professional, financial and compliance risks. Operational / Learning Services risk covers actions like: facilitation, assessment establishment, Facilitation and Mentoring job acceptance protocol, terms of learning services engagement with the learner and conformance to applicable standards ISO 9001, 29990, 17024, and PAGE 10

11 Strategic Operational Financial Risk Categories Professional Compliance Main Risk Categories ii) Risk Assessment and Measurement Risk assessment includes consideration of the likelihood of a risk occurrence and the impact of a risk on the achievement of ACI Global s objectives within a specified timeframe. The likelihood of occurrence is often based on the probability or frequency (number of times) the risk might occur over a specified timeframe such as once a quarter, daily, twice a year, etc. A higher probability or frequency of the event occurring will result in higher risk weightings. An event that is expected to occur sooner rather than later will also result in a higher likelihood. The impact of occurrence is often stated as a dollar value of loss or percent of impact on earnings or capital, but can also be described in qualitative terms (e.g. reputation, service quality, regulatory compliance, etc.) that could result if the risk event occurred. The magnitude or severity of a risk is based on the product of its likelihood and impact. For the purpose of planning the following Risk Weightings will be used: Severity RISK WEIGHTINGS PAGE 11

12 1 Insignificant or Minor Low-Medium Financial Loss a cause for concern if arises too frequently 2 Moderate High Financial Loss may need to seek outside assistance to resolve / recover 3 Major / Catastrophic Huge Financial Loss without protection afforded by insurance would definitely pose a threat to the financial viability of the business Frequency 1 Likely Has a high probability of occurring. 2 Possible Can occur at sometime in the future. 3 Rare May happen but only in exceptional circumstances. iii) Risk Response and Action For each identified risk ACI GLOBAL should establish an appropriate response option in order to optimise risk management. These generally range from accept to avoid. Four possible response options are identified below: Accept ACI GLOBAL decides to accept, manage and monitor the level of risk and take no action to reduce the risk. Mitigate ACI GLOBAL is willing to accept some risk by implementing control processes to manage the risk within established tolerances. PAGE 12

13 Transfer ACI GLOBAL chooses to transfer the risk to a third party (e.g. obtaining insurance). Avoid ACI GLOBAL feels the risk is unacceptable and will specifically avoid the risk (e.g. cease selling a learning/training product or providing learning services within a specific market). Generally, if the magnitude or severity of the risk under consideration is high or moderate, the risk response needs to be strong (mitigate, transfer or avoid). Each risk and related response should be assigned to the manager who is responsible for the area affected by the risk. As part of the response process, management should determine and document what actions (prevention or detection) are necessary to manage the risk. iv) Monitoring Risks and risk response activities should be monitored by the responsible manager to ensure that significant risks remain within acceptable risk levels, that emerging risks and gaps are identified and that risk response and control activities are adequate and appropriate. Internal and external Audit plays an important oversight role in confirming that management is monitoring and managing risks in accordance with established levels. Indicators that fall outside of acceptable risk levels should be escalated with appropriate action plans to bring the risk back within established risk levels. Those risks that still remain above acceptable risk levels should be considered by the Owner for their approval of any necessary resolution strategies. This activity will form the basis for reporting to the Owner and on-going monitoring by management. It is also helpful to quantify the aggregate exposure of significant risks (or specified subset of risks) in terms of potential impact on finances. While this is often subjective and may be difficult to determine, it does help indicate any material change in risk levels from one period to another and could identify potential risks that may not otherwise be fully noted. It also helps to confirm that the level of aggregate risk exposure is within the established risk appetite of ACI GLOBAL as established in policy. v) Reporting The Owner and senior management will require the results of the ERM process to be reported to them in their oversight capacity and to gain assurance that risks are being managed within approved risk levels. At a minimum, ERM reports to the Owner from each Region and should: summarise the nature and magnitude of significant risks; highlight all significant risks and those risks that exceed their acceptable risk levels; identify the timeframe and status of any additional risk management activities that may be required to bring risks within approved risk levels; PAGE 13

14 identify any negative trends of higher risk areas and any changes to risk management activities; highlight any new risks including their risk assessment, risk response and management activities: identify any material emerging risks; and summarise any exceptions to established policies or limits for key risks. On a periodic basis, the Owner should review all high risk areas (even those that are appropriately mitigated within acceptable levels) in order to have a full understanding of all the significant risks facing ACI GLOBAL. Ian T Erskine Ian T Erskine Managing Director ACI Global Pty Ltd Pty Ltd PAGE 14

15 APPENDIX A: GUIDING PRINCIPLES Guiding Principles Quality Certified Company License Number Q0141 When developing an appropriate and effective enterprise risk management framework, Regions should consider the following key guiding principles: Decisions should be made with appropriate consideration of the impact on the overall organisation, not just the individual lines of business or the Region alone; The governance model should provide a forum for risks to be appropriately considered, discussed, debated, and factored into strategic business decisions; Governance should focus on and enable making risk management processes proactive rather than reactive; The risk governance structure should consider and reflect the roles and interaction with related functions, including compliance, internal audit, key stakeholders etc.; There should be a clear understanding of the requirements and appropriate resources to provide independent assurance (e.g. independent audit); The governance model must reflect separation of the three main areas of: Business units that take risk and manage the risks they take; Risk management that provides policy, guidance, recommendations, risk reporting and analysis; and Independent assurance functions such as internal audit. The risk governance model should evolve over time, as ACI GLOBAL changes. PAGE 15

16 APPENDIX B: ERM POLICY Purpose Quality Certified Company License Number Q0141 ACI GLOBAL will maintain a robust ERM framework to ensure: Significant current and emerging risks and opportunities are identified and understood; Appropriate and prudent risk management systems to manage these risks are developed and effectively implemented; Regular reviews are conducted to evaluate the effectiveness of risk mitigation measures; and Reports are produced on a regular basis regarding adherence to this policy Objectives The objectives of this policy are to: Establish the risk appetite of ACI GLOBAL; Identify the key responsibilities of the Owner, Chief Risk Officer, Agency Owner, audit committee and management; and Outline the frequency, form and content of reporting requirements. Risk Appetite and Risk Tolerances The risk appetite of ACI GLOBAL is [INSIGNIFICANT OR MINOR] [This is where the potential exposure is less than 2% of gross revenue for the group] or the group is maintaining a ZERO DEBT TO EQUITY RATIO. Significant risks must have Owner approved risk management policies and/or risk management strategies. Risk tolerances will be developed for each identified significant risk that reflect the level of risk appetite elected by the Owner and management [based upon potential exposure]. PAGE 16

17 Responsibilities The Owner is responsible for: Setting risk appetite levels; Overseeing ERM activities of ACI GLOBAL; Understanding the nature and magnitude of significant risks to which ACI GLOBAL is exposed; Reviewing reports on the assessment of risk levels compared to established strategic risk targets; and Annually reviewing risk management policies, including risk appetite, and strategies to ensure that risk exposures remain appropriate and prudent. The [Chief Risk Officer] is responsible for: Reviewing management s identification of the significant risks of ACI GLOBAL in accordance with the ERM policy; Ensuring there are enterprise risk management processes in place to measure, monitor, manage and mitigate significant risk exposures, including appropriate policies, procedures and controls; Overseeing the application of ERM practices and the on-going identification of emerging risks; and Reporting to the Owner on risk exposure levels. The [Agency Owner] is responsible for: Recommending risk tolerance levels to the Owner; Identifying, measuring and evaluating significant strategic, business and process risk exposures; Ensuring an appropriate level of resources are allocated in alignment with established risk appetite targets for assessing and managing risk; Mitigating of risk exposures through appropriate risk responses; Monitoring the application of risk responses and mitigation strategies; and PAGE 17

18 Reporting on ERM processes and findings, including the level and direction of risk exposures and the extent of risk management activities. Reporting Management will submit a report to the [Chief Risk Officer] at least quarterly. The report should provide appropriate information on the following: Nature and magnitude of significant risks and opportunities; Significant risks and those risks that exceed their acceptable risk levels ; Timeframe and status of any additional risk management activities that may be required to bring risks within approved risk levels; Any negative trends of higher risk areas (EQUITY RATIO) and any changes to risk management activities; Any new significant risks including their risk assessment, risk response and management activities; Any emerging risks; and Any exceptions to ACI Global s established policies or limits for key risks. The [The Chief Risk Officer] will report to the Owner on its review of risk management activities, including the status of any significant current and emerging exposures and trends. ERM Review The effectiveness of the ERM framework should be assessed from time to time including a review of all significant risks and the risk environment of ACI GLOBAL. As well, any changes to the framework should be recommended to the Owner. PAGE 18

19 Appendix C: Identified Risks Quality Certified Company License Number Q0141 The following is a draft risk identification summary of risks associated with the Organisation. Its aim is to provide a top-down stimulus for Regional risk analysis and introduces concepts and areas of risk not previously given significant weight in the Organisation as our focus has been mainly on Operational Risk. Most risk analysis currently undertaken by ACI GLOBAL relates to the physical risk of execution with some contract and quoting stop-loss mechanisms. Areas of organisational risk include: Organisational Risks Clients ACI GLOBAL should not become reliant on one particular client. As a rule no one client should exceed 10% of our revenue base. This is because: ACI GLOBAL financial viability becomes inextricably linked to the major client; The major client may seek to gain concessions from ACI GLOBAL because they know they dominate the relationship. Price reduction, late or long payment, dispute on payments to gain an advantage or benefit are common strategies. The client may have a change of heart or a change of personalities which sees a major and immediate swing away from ACI GLOBAL to an alternate supplier. E.g. a new learning product is approved from a competitor and instantaneously ACI GLOBAL is without any further work. The company may have an internal change of policy direction e.g. out of delivery of training services into retrenchment of staff leaving ACI GLOBAL with no further prospects of work. A significantly larger client may also harm ACI GLOBAL by pulling ACI GLOBAL into any price cutting action to which ACI GLOBAL may or may not be a major player as it ensures to maintain its debt to Equity Ratio. We may not be covered by Professional Indemnity Insurance if any one client exceeds 20% of our revenue base. Training Needs Analysis Clear setting of goals and responsibilities is important for financial success. A grey or rubbery scope or Training Needs leads to disputes, scope creep, rework, damaged expectations, frustration and ultimately margin reduction or actual financial loss. Expectations on both sides must be managed as part of the risk process. PAGE 19

20 On any Learning Services Project over $20,000 a senior ACI GLOBAL employee must sit down with the Client and agree on the Learning Needs Analysis and deliverables and incorporate them into a learning services project brief which needs to be issued to the Client and support staff so no ambiguity exists. Any project over $50,000 or is a two or three year project must have a learning services needs analysis raised and accepted by the client outlining all aspects of methodology and delivery including accuracy, attributes and delivery formats. The following ambiguous situations must be avoided: What learning outcomes are to be assessed and how are they to be assessed and reported Industry, standards and statutory bodies? How is the data learning outcomes to be presented spreadsheet, database, uploaded executable, paper, web based? Quality of data presented by the client. Does any work need to be done before analysis can commence? If so, at whose cost? Accuracy of data presentation Does the client believe that all learning outcomes will be assessed to cover key competencies and personal behaviour disciplines? Does the learning needs analysis described by the Client s Representative reflect our quotation and or the contract documents? Requirement, approval and cost of ongoing continuous professional development monitoring? Who is going to do what? Make sure responsibilities are clearly identified. Who can approve variations? Is a verbal or communication sufficient proof of acceptance? Have we identified and dealt with any variation in accordance with our QA system? Too quickly disputes can escalate into conflict and subsequent legal action. Therefore it is imperative that such events are managed quickly and effectively. The easiest way to do this is remove the egos and personality issues and focus on the facts. If no progress is made then an outside arbitrator maybe useful. The same type of issue applies to an interfering client. Such interference can be difficult to void but if left unchecked may derail the learning services project and increase our liability and ultimately affect our maintenance of a zero debt to equity ratio. This is best dealt with by clearly defining roles and tasks. PAGE 20

21 Competency As professional trainers and mentors covered by our Accreditations and Professional Indemnity Insurance we must work within our area of competency. We must be clear and do not undertake work we are either not qualified to do or is outside our area of expertise. Competencies are to be clearly detailed. This not only includes the company but also individuals in the Company and Facilitators and Mentors. Some areas we might like to push into like international face to face in house learning service delivery are high risk because we aren t geophysical associated and the consequences of getting it wrong could be very costly. Analysis of Exposure If a Learning services project is more technically challenging or involves complex course design work including innovative concepts, it is generally accepted that the learning services project will carry a higher risk rating than other projects. ACI GLOBAL must have a strategy to identify the level of design complexity or technical innovation and remember that cutting edge solutions generally mean high risk and again may compromise our ability to maintain our zero debt to equity ratio. Risk Allocation In any learning services project there must be a set of terms and conditions that form part of the contract, quote or tender. If there is not, we should not be doing the learning services project. Contained in these terms and conditions will be a set of liability clauses or concepts that assign liability / risk between the parties. ACI GLOBAL Management must closely review any set of terms and conditions and look for the works like: indemnify, absolve all risk etc as these terms normally are associated with the cascading of responsibility and hence liability for any negligent claim against the learning services project. What may look benign on the surface may contain onerous liabilities when examined in detail and in the context of the contract as a whole. ACI GLOBAL should only accept and work on learning services projects where we are solely responsible for our actions or non-actions and cannot be co-joined, grouped or otherwise drawn into any action against delivering the required learning outcome. Where possible ACI GLOBAL should only be bound by our own terms and conditions. Where this is not possible we should only accept standard industry contracts. Where words like indemnify exist then ACI GLOBAL should seek to have them struck out, reviewed by our insurance broker or a commercial lawyer. A $20,000 job may expose ACI GLOBAL to millions of dollars of compensation. Insurances Professional and Public Liability insurances operate to exclude any liability that is imposed upon you by contract unless that liability would have existed in the absence of the contract. ACI PAGE 21

22 GLOBAL must not accept insurance requirements that impose a greater liability than the amount of the liability we are insured for. Industry Codes and Compliance ACI GLOBAL will be engaged to deliver learning services through agencies only after the agency satisfies ACI GLOBAL S criteria of conformance and registration by a Third Party Certification body (JAS-ANZ) approved to ISO 9001, and were possible ISO Other standards such as ISO/IEC and ISO will need to be conformed to by the agency covered within a contract before engagement by ACI GLOBAL. ACI GLOBAL will require Third Party verification to the above standards before entering into any contractual agreement with a third party (Agency) Commercial Risks Feasibility of Returns ACI GLOBAL cannot be engaged in a contract under which we expect to loose money or we cannot deliver (technically or physically). We must go into any contract believing that we can and will make money and deliver to the client s expectations. We must also only be engaged in learning services projects where we get a fee for our service. ACI GLOBAL cannot engage in projects where a success fee is our only potential reward as it creates a conflict of interest situation and ultimately may compromise ACI GLOBAL S zero debt to Equity Ratio. Given our appetite for risk is [INSIGNIFICANT or MINOR] high risk delivery of learning services projects like overseas in countries where we do not have a presence, are working for the first time with an unfamiliar client in a foreign currency and in a different time zone will not be considered. Collection of fees is also a prime risk. ACI GLOBAL considers a sale not a sale unless payment is made. As a rule ACI GLOBAL should not accept a contract from a new supplier when we have concerns about our ability to be paid. The terms of payment should be clearly outlined in the learning services project brief or our terms and conditions. If we are in doubt about our ability to collect or be paid within a stated time period then we should either pass on the project or ask for a significant portion of the cost up front. Service Delivery Facilitators Sub-Contractors/Agents Engaging a Facilitator sub-contractor or agent does not release us from the liability. We remain vicariously liable for their actions or non-action. Therefore it is prudent risk management to manage our Facilitators, sub-contractors or agents and be aware of their limitations. PAGE 22

23 In all cases we must ensure that we have a written contract / terms of engagement with our Facilitators sub-contractors and that the terms of this sub-contract mirror the main contract ie liability clauses match those in the main contract. We must agree the skill set and qualifications needed to be provided by the facilitator sub-contractor and clearly identify their role and responsibilities and seek their explanation as to how they propose to deliver the required services. We should also spend time investigating their management practices and ensure they are similar if not better than our own. Timelines and budget / cost of facilitation sub-contractor services are in line with our own contract ie we not paying more for facilitation than we have charged the client. We need to consider spot checks VOC to monitor their performance. We need to ensure they have current and sufficient Professional Indemnity and Public Liability to meet the head contract and our needs. Reports We must remember that reports are our output of our services and maybe held up in court as evidence of our negligence of professional work. As such they must be of a high standard and cross checked. The report must reflect the training plan brief and where possible make reference to the brief. Key strategies to minimise our liability include: Summarise the training project brief in the report; Demonstrate the method of work you adopted to achieve the desired result and include comment on any agreements on methodology on how best to proceed; Include disclaimers and possible changes for special needs Use appendices to bring in more supporting documentation into how the conclusions were reached Note and use references from third parties which support your approach or conclusions reached. If we are quoting someone outside the company make sure they are properly quoted and referenced. Business Management Business Plan The development and review of a business plan is a necessary and crucial step in managing risk. Without a plan any path or action will take us to where we don t want to go. However if we are clear and unified in our plan then we will all be working towards a common goal and outcome. PAGE 23

24 Succession Planning (Covered comprehensively in ACI Global s Business Continuity Plan) The Key is the maintenance of a ZERO DEBT to EQUITY Ratio Succession planning is the process whereby we train and develop the next generation of leaders, facilitators and mentors who will one day take over our roles and responsibilities. I have often said that a person in ACI GLOBAL cannot be promoted and achieve a higher salary until they have trained a competent successor. A failure to develop successors leaves the business vulnerable to dependency on key personnel who may or may not work for the total benefit of the company. The more indispensible a person feels, the more likely they will demand (and in most cases be granted) concessions not earned or available to other employees. This causes disharmony in the workforce. It also allows for a shock when a person (or family member) is suddenly struck down by a debilitating illness or they seek to leave or have time off to start a family. No plan, no flexibility and increased risk of loosing momentum or having to put in a higher cost solution is not acceptable ACI GLOBAL has a ZERO DEBT to EQUITY RATIO and will strive at all accounts to maintain this ratio as this is the greatest protection we have in succeeding with our Succession Plan. PAGE 24

STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework

STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES ENTERPRISE RISK MANAGEMENT Framework September 2011 Notice This document is intended as a reference tool to assist Ontario credit unions to develop an

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from December 2008 Date last amended December 2012

More information

Guidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français.

Guidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français. Guidance Note: Corporate Governance - Board of Directors March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance

More information

Risk Management Policy Adopted by:

Risk Management Policy Adopted by: Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009

More information

Risk Management Policy and Framework

Risk Management Policy and Framework Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871

More information

A Risk Management Standard

A Risk Management Standard A Risk Management Standard Introduction This Risk Management Standard is the result of work by a team drawn from the major risk management organisations in the UK, including the Institute of Risk management

More information

Successfully identifying, assessing and managing risks for stakeholders

Successfully identifying, assessing and managing risks for stakeholders Introduction Names like Enron, Worldcom, Barings Bank and Menu Foods are household names but unfortunately as examples of what can go wrong. With these recent high profile business failures, people have

More information

The Lowitja Institute Risk Management Plan

The Lowitja Institute Risk Management Plan The Lowitja Institute Risk Management Plan 1. PURPOSE This Plan provides instructions to management and staff for the implementation of consistent risk management practices throughout the Lowitja Institute

More information

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date

More information

Integrated Risk Management:

Integrated Risk Management: Integrated Risk Management: A Framework for Fraser Health For further information contact: Integrated Risk Management Fraser Health Corporate Office 300, 10334 152A Street Surrey, BC V3R 8T4 Phone: (604)

More information

Guidance on Risk Management, Internal Control and Related Financial and Business Reporting

Guidance on Risk Management, Internal Control and Related Financial and Business Reporting Guidance Corporate Governance Financial Reporting Council September 2014 Guidance on Risk Management, Internal Control and Related Financial and Business Reporting The FRC is responsible for promoting

More information

ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT POLICY TITLE OF POLICY POLICY OWNER POLICY CHAMPION DOCUMENT HISTORY: Policy Title Status Enterprise Risk Management Policy (current, revised, no change, redundant) Approving

More information

Relationship Manager (Banking) Assessment Plan

Relationship Manager (Banking) Assessment Plan 1. Introduction and Overview Relationship Manager (Banking) Assessment Plan The Relationship Manager (Banking) is an apprenticeship that takes 3-4 years to complete and is at a Level 6. It forms a key

More information

DRAFT May 2012. Objective and key requirements of this Prudential Standard

DRAFT May 2012. Objective and key requirements of this Prudential Standard Prudential Standard GPS 230 Reinsurance Management Objective and key requirements of this Prudential Standard This Prudential Standard requires a general insurer and a Level 2 insurance group to maintain,

More information

Contract Management Guideline

Contract Management Guideline www.spb.sa.gov.au Contract Management Guideline Version 3.2 Date Issued January 2014 Review Date January 2014 Principal Contact State Procurement Board Telephone 8226 5001 Contents Overview... 3 Contract

More information

The Risk Management strategy sets out the framework that the Council has established.

The Risk Management strategy sets out the framework that the Council has established. Derbyshire County Council Management Policy Statement The Authority adopts a proactive approach to Management to achieve Best Value and continuous improvement and is committed to the effective management

More information

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012 GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental

More information

APPENDIX 50. Enterprise risk management - Risk management overview

APPENDIX 50. Enterprise risk management - Risk management overview APPENDIX 50 Enterprise risk management - Risk management overview Energex regulatory proposal October 2014 ENTERPRISE RISK MANAGEMENT Risk Management Overview (RMO) 06 11 2013 Table of Contents 1. INTRODUCTION...

More information

Capital Adequacy: Advanced Measurement Approaches to Operational Risk

Capital Adequacy: Advanced Measurement Approaches to Operational Risk Prudential Standard APS 115 Capital Adequacy: Advanced Measurement Approaches to Operational Risk Objective and key requirements of this Prudential Standard This Prudential Standard sets out the requirements

More information

Who s next after TalkTalk?

Who s next after TalkTalk? Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many

More information

Operations. Group Standard. Business Operations process forms the core of all our business activities

Operations. Group Standard. Business Operations process forms the core of all our business activities Standard Operations Business Operations process forms the core of all our business activities SMS-GS-O1 Operations December 2014 v1.1 Serco Public Document Details Document Details erence SMS GS-O1: Operations

More information

INVESTMENT POLICY April 2013

INVESTMENT POLICY April 2013 Policy approved at 22 April 2013 meeting of the Board of Governors (Minute 133:4:13) INVESTMENT POLICY April 2013 Contents SECTION 1. OVERVIEW SECTION 2. INVESTMENT PHILOSOPHY- MAXIMISING RETURN SECTION

More information

Guidelines for Financial Institutions Outsourcing of Business Activities, Functions, and Processes Date: July 2004

Guidelines for Financial Institutions Outsourcing of Business Activities, Functions, and Processes Date: July 2004 Guidelines for Financial Institutions Outsourcing of Business Activities, Functions, and Processes Date: July 2004 1. INTRODUCTION Financial institutions outsource business activities, functions and processes

More information

A GOOD PRACTICE GUIDE FOR EMPLOYERS

A GOOD PRACTICE GUIDE FOR EMPLOYERS MITIGATING SECURITY RISK IN THE NATIONAL INFRASTRUCTURE SUPPLY CHAIN A GOOD PRACTICE GUIDE FOR EMPLOYERS April 2015 Disclaimer: Reference to any specific commercial product, process or service by trade

More information

Confident in our Future, Risk Management Policy Statement and Strategy

Confident in our Future, Risk Management Policy Statement and Strategy Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents

More information

RISK MANAGEMENT AND COMPLIANCE

RISK MANAGEMENT AND COMPLIANCE RISK MANAGEMENT AND COMPLIANCE Contents 1. Risk management system... 2 1.1 Legislation... 2 1.2 Guidance... 3 1.3 Risk management policy... 4 1.4 Risk management process... 4 1.5 Risk register... 8 1.6

More information

Policy and Procedure Statement

Policy and Procedure Statement Policy and Procedure Statement SUBJECT: Enterprise Risk CATEGORY: General Administration NO. 502-G PREAMBLE Risk exists in all activities and cannot be avoided, nor can it always be eliminated. However,

More information

Position Description. Department: Quantitative Research Direct Reports: Project Manager/Researcher Senior Researcher

Position Description. Department: Quantitative Research Direct Reports: Project Manager/Researcher Senior Researcher Position Description Position Title: Research Director (Quantitative) Reports to: Executive Director, Research Department: Direct Reports: Project Manager/Researcher Senior Researcher Date: 03/10/2011

More information

ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT Approved by the Audit Committee on 14 February 2003 and adopted by resolution of the Board on 28 March 2003 Revisions approved by the Audit and Risk Committee on 14 February

More information

Board Charter. HCF Life Insurance Company Pty Ltd (ACN 001 831 250) (the Company )

Board Charter. HCF Life Insurance Company Pty Ltd (ACN 001 831 250) (the Company ) Board Charter HCF Life Insurance Company Pty Ltd (ACN 001 831 250) (the Company ) Board approval date: 27 October 2015 Contents 1. Introduction and Purpose of this Charter...1 2. Role of the Board...1

More information

Request for Proposal. Supporting Document 3 of 4. Contract and Relationship Management for the Education Service Payroll

Request for Proposal. Supporting Document 3 of 4. Contract and Relationship Management for the Education Service Payroll Request for Proposal Supporting Document 3 of 4 Contract and Relationship December 2007 Table of Contents 1 Introduction 3 2 Governance 4 2.1 Education Governance Board 4 2.2 Education Capability Board

More information

Mandatory Provident Fund Schemes Authority COMPLIANCE STANDARDS FOR MPF APPROVED TRUSTEES. First Edition July 2005. Hong Kong

Mandatory Provident Fund Schemes Authority COMPLIANCE STANDARDS FOR MPF APPROVED TRUSTEES. First Edition July 2005. Hong Kong Mandatory Provident Fund Schemes Authority COMPLIANCE STANDARDS FOR MPF APPROVED TRUSTEES First Edition July 2005 Hong Kong Contents Glossary...2 Introduction to Standards...4 Interpretation Section...6

More information

Business Continuity Management Framework 2014 2017

Business Continuity Management Framework 2014 2017 Business Continuity Management Framework 2014 2017 Blackpool Council Business Continuity Framework V3.0 Page 1 of 13 CONTENTS 1.0 Forward 03 2.0 Administration 04 3.0 Policy 05 4.0 Business Continuity

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...

More information

Operational Risk Management - The Next Frontier The Risk Management Association (RMA)

Operational Risk Management - The Next Frontier The Risk Management Association (RMA) Operational Risk Management - The Next Frontier The Risk Management Association (RMA) Operational risk is not new. In fact, it is the first risk that banks must manage, even before they make their first

More information

Risk Management Plan template <TEMPLATE> RISK MANAGEMENT PLAN FOR THE <PROJECT-NAME> PROJECT

Risk Management Plan template <TEMPLATE> RISK MANAGEMENT PLAN FOR THE <PROJECT-NAME> PROJECT RISK MANAGEMENT PLAN FOR THE PROJECT Prepared by: Approved by: Reference: Version: Date: INTRODUCTION This document is the Risk Management

More information

Guidance Note: Stress Testing Class 2 Credit Unions. November, 2013. Ce document est également disponible en français

Guidance Note: Stress Testing Class 2 Credit Unions. November, 2013. Ce document est également disponible en français Guidance Note: Stress Testing Class 2 Credit Unions November, 2013 Ce document est également disponible en français This Guidance Note is for use by all Class 2 credit unions with assets in excess of $1

More information

Draft Prudential Practice Guide

Draft Prudential Practice Guide Draft Prudential Practice Guide LPG 270 Group Insurance Arrangements December 2013 www.apra.gov.au Australian Prudential Regulation Authority Disclaimer and copyright This prudential practice guide is

More information

CHECKLIST ISO/IEC 17021:2011 Conformity Assessment Requirements for Bodies Providing Audit and Certification of Management Systems

CHECKLIST ISO/IEC 17021:2011 Conformity Assessment Requirements for Bodies Providing Audit and Certification of Management Systems Date(s) of Evaluation: CHECKLIST ISO/IEC 17021:2011 Conformity Assessment Requirements for Bodies Providing Audit and Certification of Management Systems Assessor(s) & Observer(s): Organization: Area/Field

More information

Solvency II Data audit report guidance. March 2012

Solvency II Data audit report guidance. March 2012 Solvency II Data audit report guidance March 2012 Contents Page Introduction Purpose of the Data Audit Report 3 Report Format and Submission 3 Ownership and Independence 4 Scope and Content Scope of the

More information

SAFETY and HEALTH MANAGEMENT STANDARDS

SAFETY and HEALTH MANAGEMENT STANDARDS SAFETY and HEALTH STANDARDS The Verve Energy Occupational Safety and Health Management Standards have been designed to: Meet the Recognised Industry Practices & Standards and AS/NZS 4801 Table of Contents

More information

Compliance Management Framework. Managing Compliance at the University

Compliance Management Framework. Managing Compliance at the University Compliance Management Framework Managing Compliance at the University Risk and Compliance Office Effective from 07-10-2014 Contents 1 Compliance Management Framework... 2 1.1 Purpose of the Compliance

More information

Policy 10.105: Enterprise Risk Management Policy

Policy 10.105: Enterprise Risk Management Policy Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January

More information

CONSULTATION PAPER Proposed Prudential Risk-based Supervisory Framework for Insurers

CONSULTATION PAPER Proposed Prudential Risk-based Supervisory Framework for Insurers INSURANCE CONSULTATION PAPER Proposed Prudential Risk-based Supervisory Framework for Insurers December 2010 CONSULTATION PAPER: Proposed Risk-based Supervisory Framework (Final December 2010) Page 1 of

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ROCKHAMPTON REGIONAL COUNCIL ENTERPRISE RISK MANAGEMENT FRAMEWORK 2013 Adopted 25 June 2013 Reviewed: October 2015 TABLE OF CONTENTS 1. Introduction... 3 1.1 Council s Mission... 3 1.2 Council s Values...

More information

A guide for members APES 325 Risk Management for Firms

A guide for members APES 325 Risk Management for Firms A guide for members APES 325 Risk Management for Firms An explanation and introduction to APES 325 Risk Management for Firms Overview of the scope and application of a risk management framework. APES 325

More information

Saldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology

Saldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology Inclusive of, framework, procedures and methodology Contents 1 Introduction 1 1.1 Legislative Framework and best practice 1 1.2 Purpose of Enterprise Risk Management 2 1.3 Scope and Applicability 3 1.4

More information

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014 WOOLWORTHS HOLDINGS LIMITED CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 This table is a useful reference to each of the King III principles

More information

P3M3 Portfolio Management Self-Assessment

P3M3 Portfolio Management Self-Assessment Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire P3M3 Portfolio Management Self-Assessment P3M3 is a registered trade mark of AXELOS Limited Contents Introduction

More information

Insurance Guidance Note No. 14 System of Governance - Insurance Transition to Governance Requirements established under the Solvency II Directive

Insurance Guidance Note No. 14 System of Governance - Insurance Transition to Governance Requirements established under the Solvency II Directive Insurance Guidance Note No. 14 Transition to Governance Requirements established under the Solvency II Directive Date of Paper : 31 December 2013 Version Number : V1.00 Table of Contents General governance

More information

A Guide to Corporate Governance for QFC Authorised Firms

A Guide to Corporate Governance for QFC Authorised Firms A Guide to Corporate Governance for QFC Authorised Firms January 2012 Disclaimer The goal of the Qatar Financial Centre Regulatory Authority ( Regulatory Authority ) in producing this document is to provide

More information

Procurement Capability Standards

Procurement Capability Standards IPAA PROFESSIONAL CAPABILITIES PROJECT Procurement Capability Standards Definition Professional Role Procurement is the process of acquiring goods and/or services. It can include: identifying a procurement

More information

THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT

THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT Let me begin by thanking Baruch College for giving me the opportunity to present this year s prestigious Emanuel Saxe Lecture in Accounting.

More information

Request for feedback on the revised Code of Governance for NHS Foundation Trusts

Request for feedback on the revised Code of Governance for NHS Foundation Trusts Request for feedback on the revised Code of Governance for NHS Foundation Trusts Introduction 8 November 2013 One of Monitor s key objectives is to make sure that public providers are well led. To this

More information

The anglo american Safety way. Safety Management System Standards

The anglo american Safety way. Safety Management System Standards The anglo american Safety way Safety Management System Standards 2 The Anglo American Safety Way CONTENTS Introduction 04 Anglo American Safety Framework 05 Safety in anglo american 06 Monitoring and review

More information

Risk Management: Coordinated activities to direct and control an organisation with regard to risk.

Risk Management: Coordinated activities to direct and control an organisation with regard to risk. POLICY CG01 RISK MANAGEMENT Document Control Statement This Policy is maintained by the Governance and Organisational Strategy. Any printed copy may not be up to date and you are advised to check the electronic

More information

Managing Risk in Procurement Guideline

Managing Risk in Procurement Guideline Guideline DECD 14/10038 Managing Risk in Procurement Guideline Summary The Managing Risk in Procurement Guideline assists in the identification and minimisation of risks involved in the acquisition of

More information

Part One: Introduction to Partnerships Victoria contract management... 1

Part One: Introduction to Partnerships Victoria contract management... 1 June 2003 The diverse nature of Partnerships Victoria projects requires a diverse range of contract management strategies to manage a wide variety of risks that differ in likelihood and severity from one

More information

Compliance Management Systems

Compliance Management Systems Certification Scheme Y03 Compliance Management Systems ISO 19600 ONR 192050 Issue V2.1:2015-01-08 Austrian Standards plus GmbH Dr. Peter Jonas Heinestraße 38 A-1020 Vienna, Austria E-Mail: p.jonas@austrian-standards.at

More information

POLICY. Number: 7311-10-005 Title: Enterprise Risk Management. Authorization

POLICY. Number: 7311-10-005 Title: Enterprise Risk Management. Authorization POLICY Number: 7311-10-005 Title: Enterprise Risk Management Authorization [ ] President and CEO [ X] Vice President, Finance and Corporate Services Source: Director, Enterprise Risk Management Cross Index:

More information

Scenario Analysis Principles and Practices in the Insurance Industry

Scenario Analysis Principles and Practices in the Insurance Industry North American CRO Council Scenario Analysis Principles and Practices in the Insurance Industry 2013 North American CRO Council Incorporated chairperson@crocouncil.org December 2013 Acknowledgement The

More information

Guidance for Industry: Quality Risk Management

Guidance for Industry: Quality Risk Management Guidance for Industry: Quality Risk Management Version 1.0 Drug Office Department of Health Contents 1. Introduction... 3 2. Purpose of this document... 3 3. Scope... 3 4. What is risk?... 4 5. Integrating

More information

Risk Management Policy and Process Guide

Risk Management Policy and Process Guide Risk Management Policy and Process Guide Status: pending Next review date: December 2015 Page 1 Information Reader Box Directorate Medical Nursing Patients & Information Commissioning Operations (including

More information

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE March 2012 Table of Contents Executive Summary... 1 Introduction... 1 Risk Management and Assurance (Assurance Services)... 1 Assurance Framework...

More information

Maturity Model. March 2006. Version 1.0. P2MM Version 1.0 The OGC logo is a Registered Trade Mark of the Office of Government Commerce

Maturity Model. March 2006. Version 1.0. P2MM Version 1.0 The OGC logo is a Registered Trade Mark of the Office of Government Commerce Maturity Model March 2006 Version 1.0 P2MM Version 1.0 The OGC logo is a Registered Trade Mark of the Office of Government Commerce This is a Value Added product which is outside the scope of the HMSO

More information

Risk Management. Policy

Risk Management. Policy Policy Risk Management Endorsed: 26 February 2014 Brief description The GPC Risk Management Policy and its supporting standards and procedures provide a framework to ensure that risks arising from our

More information

Council Meeting Agenda 27/07/15

Council Meeting Agenda 27/07/15 3 Risk Management Framework Abstract Council s Risk Management Framework ( the Framework ) was adopted by Council in 2012. The Framework provides structure and guidance to Council s risk management activities

More information

Business Continuity Policy

Business Continuity Policy Business Continuity Policy St Mary Magdalene Academy V1.0 / September 2014 Document Control Document Details Document Title Document Type Business Continuity Policy Policy Version 2.0 Effective From 1st

More information

Risk Management Strategy and Guidelines

Risk Management Strategy and Guidelines Swale Borough Council Risk Management Strategy and Guidelines Status: Final Originating Date: January 2008 Date Ratified: February 2008 (Audit Committee) Next Review Date: January 2009 Accountable Member:

More information

POSITION DESCRIPTION, PERFORMANCE MEASURES AND TARGETS

POSITION DESCRIPTION, PERFORMANCE MEASURES AND TARGETS POSITION DESCRIPTION, PERFORMANCE MEASURES AND TARGETS Attachment 1 Position Title: Programs & Client Relations Manager Responsible to: Chief Executive Officer Responsibility: Programs Management and Client

More information

Analyzing Risks in Healthcare. February 12, 2014

Analyzing Risks in Healthcare. February 12, 2014 Analyzing s in Healthcare February 12, 2014 1 Content What is Enterprise Management (ERM) ERM Benefits ERM Standards / ISO 31000:2009 ERM Process Register ERM Governance Model s Q&A 2 What is Enterprise

More information

MARCH 2012. Strategic Risk Policy Update March 2012 v1.10.doc

MARCH 2012. Strategic Risk Policy Update March 2012 v1.10.doc MARCH 2012 Version 1.10 Strategic Risk Policy Update March 2012 v1.10.doc Document History Current Version Document Name Risk Management Policy Statement and Strategic Framework Last Updated By Alan Till

More information

and Risk Tolerance in an Effective ERM Program

and Risk Tolerance in an Effective ERM Program The Roles of Risk Appetite and Risk Tolerance in an Effective ERM Program Eric Gerner, Risk Advisory Services Director Tuesday, July 10, 2012 General Information Share the webinar Ask a question Votes

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Risk Management Policy Record Number D14/79827 Responsible Manager Manager Strategy and Governance Last reviewed 10 March 2015 Adoption reference Council Resolution number 90.5 Previous

More information

University of New England Compliance Management Framework and Procedures

University of New England Compliance Management Framework and Procedures University of New England Compliance Management Framework and Procedures Document data: Document type: Administering entity: Framework and Procedures Audit and Risk Directorate Records management system

More information

TEC Capital Asset Management Standard January 2011

TEC Capital Asset Management Standard January 2011 TEC Capital Asset Management Standard January 2011 TEC Capital Asset Management Standard Tertiary Education Commission January 2011 0 Table of contents Introduction 2 Capital Asset Management 3 Defining

More information

NABL NATIONAL ACCREDITATION

NABL NATIONAL ACCREDITATION NABL 160 NABL NATIONAL ACCREDITATION BOARD FOR TESTING AND CALIBRATION LABORATORIES GUIDE for PREPARING A QUALITY MANUAL ISSUE NO. : 05 AMENDMENT NO : 00 ISSUE DATE: 27.06.2012 AMENDMENT DATE: -- Amendment

More information

RISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer

RISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer RISK MANAGEMENT FRAMEWORK 1 SUMMARY The Risk Management Framework consists of the following: Risk Management policy Risk Management strategy Risk Management accountability Risk Management framework structure.

More information

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES Ethical Leadership and Corporate Citizenship The board should provide effective leadership based on ethical foundation. that the company

More information

Principles for An. Effective Risk Appetite Framework

Principles for An. Effective Risk Appetite Framework Principles for An Effective Risk Appetite Framework 18 November 2013 Table of Contents Page I. Introduction... 1 II. Key definitions... 2 III. Principles... 3 1. Risk appetite framework... 3 1.1 An effective

More information

Aegon Global Compliance

Aegon Global Compliance Aegon Global Compliance GLOBAL Charter COMPLIANCE CHARTER aegon.com The Hague, June 1, 2013 Information sheet Target audience: All employees and management of Aegon companies Issued by: Aegon N.V. Group

More information

Bridgend County Borough Council. Corporate Risk Management Policy

Bridgend County Borough Council. Corporate Risk Management Policy Bridgend County Borough Council Corporate Risk Management Policy December 2014 Index Section Page No Introduction 3 Definition of risk 3 Aims and objectives 4 Strategy 4 Accountabilities and roles 5 Risk

More information

Integration of Risk Management and Internal Audit. Chartered Institute of Management Accountants, New Zealand

Integration of Risk Management and Internal Audit. Chartered Institute of Management Accountants, New Zealand Integration of Risk Management and Internal Audit Chartered Institute of Management Accountants, New Zealand Contents Understanding the three lines of defense governance model What is Risk? Risk Management

More information

IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS

IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS 1 Module 1: Principles of Risk and Risk Management Module aims The aim of this module is to provide an introduction to the principles and concepts of risk and

More information

WFP ENTERPRISE RISK MANAGEMENT POLICY

WFP ENTERPRISE RISK MANAGEMENT POLICY WFP ENTERPRISE RISK MANAGEMENT POLICY Informal Consultation 3 March 2015 World Food Programme Rome, Italy EXECUTIVE SUMMARY For many organizations, risk management is about minimizing the risk to achievement

More information

Risk Management & Internal Compliance and Control System

Risk Management & Internal Compliance and Control System Risk Management & Internal Compliance and Control System Risk Management SAI Global ( the Company ) recognises that risk management is an integral part of good management practice. Risk Management is an

More information

PM Governance. Executive Team ADCA ADCA

PM Governance. Executive Team ADCA ADCA Item 6.5a Action Plan against the Recommendations Made in the Review of Risk Management Arrangements by PM Governance, November 2014 Key: PM Governance Paul Moore, Risk Consultant ADCA Associate Director

More information

SAI GLOBAL LIMITED Risk Management Policy

SAI GLOBAL LIMITED Risk Management Policy SAI GLOBAL LIMITED Risk Management Policy SAI Global Ltd ABN 67050611642 Last Updated: February 2012 Contents 1. Risk Management... 3 2. Policy... 3 3. Risk Management Philosophy... 3 4. Risk Appetite...

More information

CONTRACT MANAGEMENT FRAMEWORK

CONTRACT MANAGEMENT FRAMEWORK CONTRACT MANAGEMENT FRAMEWORK August 2010 Page 1 of 20 Table of contents 1 Introduction to the CMF... 3 1.1 Purpose and scope of the CMF... 3 1.2 Importance of contract management... 4 1.3 Managing contracts...

More information

Morgan Stanley. Policy for the Management of Third Party Residential Mortgage Servicing Providers

Morgan Stanley. Policy for the Management of Third Party Residential Mortgage Servicing Providers Morgan Stanley Policy for the Management of Third Party Residential Mortgage Servicing Providers Title Policy for the Management of Third Party Residential Mortgage Servicing Providers Effective Date Owner

More information

AIPM PROFESSIONAL COMPETENCY STANDARDS FOR PROJECT MANAGEMENT PART B CERTIFIED PRACTISING PROJECT PRACTITIONER (CPPP)

AIPM PROFESSIONAL COMPETENCY STANDARDS FOR PROJECT MANAGEMENT PART B CERTIFIED PRACTISING PROJECT PRACTITIONER (CPPP) AIPM PROFESSIONAL COMPETENCY STANDARDS FOR PROJECT MANAGEMENT PART B CERTIFIED PRACTISING PROJECT PRACTITIONER (CPPP) Copyright: Australian Institute of Project Management Document Information Document

More information

RISK MANAGEMENT REPORTING GUIDELINES AND MANUAL 2013/14. For North Simcoe Muskoka LHIN Health Service Providers

RISK MANAGEMENT REPORTING GUIDELINES AND MANUAL 2013/14. For North Simcoe Muskoka LHIN Health Service Providers RISK MANAGEMENT REPORTING GUIDELINES AND MANUAL 2013/14 For North Simcoe Muskoka LHIN Health Service Providers Table of Contents Purpose of this document... 2 Introduction... 3 What is Risk?... 4 What

More information

Relationship Manager (Banking) Assessment Plan

Relationship Manager (Banking) Assessment Plan Relationship Manager (Banking) Assessment Plan ST0184/AP03 1. Introduction and Overview The Relationship Manager (Banking) is an apprenticeship that takes 3-4 years to complete and is at a Level 6. It

More information

1.20 Appendix A Generic Risk Management Process and Tasks

1.20 Appendix A Generic Risk Management Process and Tasks 1.20 Appendix A Generic Risk Management Process and Tasks The Project Manager shall undertake the following generic tasks during each stage of Project Development: A. Define the project context B. Identify

More information

Procurement of Goods, Services and Works Policy

Procurement of Goods, Services and Works Policy Procurement of Goods, Services and Works Policy Policy CP083 Prepared Reviewed Approved Date Council Minute No. Procurement Unit SMT Council April 2016 2016/0074 Trim File: 18/02/01 To be reviewed: March

More information

CORPORATE QUALITY MANUAL

CORPORATE QUALITY MANUAL Corporate Quality Manual Preface The following Corporate Quality Manual is written within the framework of ISO 9001:2008 Quality System by the employees of CyberOptics. CyberOptics recognizes the importance

More information

How to Develop Successful Enterprise Risk and Vendor Management Programs

How to Develop Successful Enterprise Risk and Vendor Management Programs Project Management Institute New York City Chapter January 2014 Chapter Meeting How to Develop Successful Enterprise Risk and Vendor Management Programs Christina S. Kite Senior Vice President Corporate

More information

Enterprise Risk Management Framework 2012 2016. Strengthening our commitment to risk management

Enterprise Risk Management Framework 2012 2016. Strengthening our commitment to risk management Enterprise Risk Management Framework 2012 2016 Strengthening our commitment to risk management Contents Director-General s message... 3 Introduction... 4 Purpose... 4 What is risk management?... 4 Benefits

More information

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: POL ENTERPRISE RISK MANAGEMENT SC51 POLICY CODE: SC51 DIRECTORATE: Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: Executive Support Services RESPONSIBLE OFFICER:

More information

MERCHANT NAVY OFFICERS PENSION FUND STATEMENT OF INVESTMENT PRINCIPLES

MERCHANT NAVY OFFICERS PENSION FUND STATEMENT OF INVESTMENT PRINCIPLES MERCHANT NAVY OFFICERS PENSION FUND STATEMENT OF INVESTMENT PRINCIPLES Introduction The main purpose of the MNOPF is the provision of pensions for Officers in the British Merchant Navy on retirement at

More information