CORPORATE GOVERNANCE
|
|
- Sheila Parrish
- 8 years ago
- Views:
Transcription
1 CORPORATE GOVERNANCE Lesson n. 9 Corporate Governance and Risk Management a.y st semester f.buzzichelli@lumsa.it
2 CG and Risk Management Contents 1. Corporate Risk Assessment: ERM 2. US COSO Integrated Framework 3. Levels of Risk 4. Responsibilities of the BoD 5. Chief Risk Officier 6. OECD surveys on RM and CG 7. Risk analysis process steps to structure a Risk Management Policy 2
3 CG and Risk Management CORPORATE RISK ASSESSMENT CG Cadbury Code refers to risk only in the context of BoD s responsibilities The need to reinforce corporate risk assessment derives from financial crisis: several surveys revealed that global financial crisis has increase the awareness of the need to manage and leverage risk ENTERPRISE RISK MANAGEMENT In an advanced approach it allows to: define a critical framework for successfull decision-making and for driving value; engage all stakeholders in the development of risk management strategy and policy setting; move from a mitigation and avoidance view of risks to leveraging and managing risks to extract business value. 3
4 CG and Risk Management US COSO Integrated Framework for ERM COSO=Committee of Sponsoring Organizations of the Treadway Commission (since 1985) 4
5 CG and Risk Management US COSO Integrated Framework for ERM 5
6 CG and Risk Management US COSO Integrated Framework for ERM THREE DIMENSIONS FOR ERM 1. Achievement of 4 objectives 2. 8 interrelated components 3. Entity s unit 6
7 Emphasis on corporate risk CG and Risk Management OECD reviewed the adequacy of CG by suggesting: risk management function reporting directly to the BoD; risk management function to consider any risk deriving from existing compensation and incentive system; effectiveness of risk assessment and management process to be monitored and disclosed ICGN published a set of Corporate Risk Oversight Guidelines: risk oversight process begin with the BoD; corporate management responsible for developing and executing a risk program ; shareholders have a responsibility to assess and monitor the effectiveness of BoD in overseeing risk 7
8 CG and Risk Management Levels of risk Corporate risk arises at every level in the organization OPERATIONAL RISK Within the company (fire, accident, ) MANAGERIAL RISK Hazards deriving from company s activities (product liability, third-party risk, ) STRATEGIC RISK Responsibility of directors who does not know risk profile, wrong decisions of the BoD 8
9 CG and Risk Management Levels of risk Corporate risk arises at every level in the organization BoD has a supervisory role on policies, sysyems, performances. OPERATIONAL RISK Within the company (fire, accident, ) Delegating MANAGERIAL resonsibilities RISK to AUDIT COMMITTEE is frequent and recommended for some Hazards deriving from company s activities listed companies (product liability, third-party risk, ) STRATEGIC RISK Responsibility of directors who does not know risk profile, wrong decisions of the BoD 9
10 Responsibilities of the BoD RISK MANAGEMENT 10 CG and Risk Management RISK MINIMIZATION BoDs should recognize, understand and accept the RISK PROFILE of the company, balancing risks with approprate/acceptable rewards «creating business value while managing risk» Duties of the BoD: Recognize significant risks facing the company; Ensure the existance and the effectiveness of risk assessment systems; Ensure the development and the effectiveness of risk evaluation procedures; Ensure efficiency and effectiveness of risk monitoring systems; Ensure the existance, updating and application of business continuity strategies and risk management policies
11 CG and Risk Management Responsibilities of the BoD Options for the BoD: 1. Delegating to AUDIT COMMITTEE 2. Creating a RISK ASSESSMENT or RISK MANAGEMENT COMMITTEE 3. Creating a management-based RISK MANAGEMENT GROUP In the peculiar case of financial institutions, a RISK POLICY COMMITTEE is created, to support the BoD in its responsibility of setting tolerance thresholds for risks 11
12 CG and Risk Management A new Chief Officier CRO - CHIEF RISK OFFICIER he/her is the executive accountable for enabling the efficient and effective governance of significant risks, and related opportunities, to a business and its various segments in complex organizations, he/her is generally responsible for coordinating the organization's ERM approach he/her has to ensure that the organization is in full compliance with applicable regulations and to analyze all risk related issues he/her has business-related experience, with actuarial, accounting, economics, and legal backgrounds he/her is accountable to the Executive Committee and the Board for enabling the business to balance risk and reward 12
13 OECD RM & CG CG and Financial Crisis (OECD, 2010) CG and Risk Management One of the greatest shocks from the financial crisis has been the widespread failure of risk management; It should be fully understood by regulators and other standard setters that effective risk management is not about eliminating risk taking: risks should be understood, managed and, when appropriate, communicated; Effective implementation of risk management requires an enterprise-wide approach rather than treating each business unit individually; The board should also review and provide guidance about the alignment of corporate strategy with risk-appetite and the internal risk management structure; Risk management and control functions should be independent of profit centres and the CRO or equivalent should report directly to the board; The process of risk management and the results of risk assessments should be appropriately disclosed; CG standard setters should be encouraged to include or improve references to risk management in order to raise awareness and improve implementation 13
14 OECD RM & CG Financial Crisis effects on listed companies CG and Risk Management Main outcome risk not managed on an enterprise wide basis and not adjusted to corporate strategy Boards were ignorant of the risk facing the company Challanges: Linking risks to strategy; Better defining risks; Effectively considering stakeholders concerns 14
15 OECD RM & CG CG and Risk Management McKinsey survey on listed companies (2011) reveales that: 1. 44% of respondents said that boards simply review and approve management s proposed strategies; 2. 14% (only) of board time was spent on business risk management; 3. 14% of respondents had a complete understanding of the risks their company faced; 4. 50% of directors said that information received was too shorttime 15
16 OECD RM & CG CG and Risk Management Risk Management and Corporate Governance (OECD, 2014) survey on 27 jurisdictions (participants to OECD Corporate Governance Committee); while risk-taking is a fundamental driving force in business and entrepreneurship, the cost of risk management failures is still often underestimated; that most companies consider that risk management should remain the responsibility of line managers; Corporate governance standards should place sufficient emphasis on exante identification of risks; risk governance standards tend to be very high-level, limiting their practical usefulness, and/or focus largely on financial institutions; boards place sufficient emphasis on potentially catastrophic risks, even if these do not appear very likely to materialize 16
17 CG and Risk Management Companies with a comittee with explicit reference to risk (2010) 17
18 CG and Risk Management Risk governance requirements/recommendations for listed companies 18
19 Risk analysis process Risk Recognition Identify risks, threats and hazards Risk Assessment Assess the effect; consider the value, sensitivity and criticality of the event; prioritize risk exposure CG and Risk Management Risk Monitoring and Reporting Monitoring and recording risk Review of ongoing insurance coverage Risk Evaluation Determine the probability of the event Risk Management Policy Determine RMP to resolve the risk Routine board supervision for the application of the policy Revision of the policies Board Policy Approval 19
20 CG and Risk Management Risk recognition and assessment How to recognize/assess risks? Never occurred before or No data or experience to evaluate the impact It is important to create a corporate culture throughout the organization to RISK RECOGNITION AND ASSESSMENT tabular approach mind mapping software programs questionnaires risk benchmarking 20
21 CG and Risk Management Risk recognition and assessment How to recognize/assess risks? Never occurred before or No data or experience to evaluate the impact SOFTWARE PROGRAMS: It is important to create a corporate culture throughout the organization to RISK RECOGNITION AND ASSESSMENT Identification of risks Development of appropriate risk management policies tabular approach Supporting ongoing mind mapping business activities software programs questionnaires risk benchmarking 21
22 CG and Risk Management Risk evaluation To measure the extent of a risk (i): Ri= Li * p(li) but Both the amount of the loss (L) and the probability of a risk occuring ( p(l) ) might be difficult to be determined 22
23 CG and Risk Management Risk evaluation To measure the extent of a risk (i): Ri= Li * p(li) APPROPRIATE RISK MANAGEMENT POLICIES! but Both the amount of the loss (L) and the probability of a risk occuring ( p(l) ) might be difficult to be determined 23
24 high Impact of the event low Mitigate, assume or insurance the risk Carry any further costs itself Risk evaluation Sharing risk No significant need of RM policies CG and Risk Management BoD decision low Likelihood of the event high 24
25 CG and Risk Management Risk mangement information system Directors don t have to be concerned about risks only once they have occurred! Centralization of information and risk management responsibility is the core approach of ENTERPRISE RISK MANAGEMENT: Provide information on regular basis for management, to take executive decisions; Support the board in its monitoring and supervisory function; Enable the company to communicate externally (auditors, regulators, shareholders) 25
26 CG and Risk Management Risk mangement information system Directors don t have to be concerned about risks only once they have occurred! Centralization of information and risk management responsibility is the core approach of ENTERPRISE RISK MANAGEMENT: Issue of confidentiality Provide information on regular basis for management, to take executive decisions; Support the board in its monitoring and supervisory function; risk Enable the company to communicate externally (auditors, regulators, shareholders) management data 26
27 CG and Risk Management Risk transfer The oversight of risks is a strictly BoD responsibility, as a basic element of corporate governance Therefore, the BoD should define / agree on corporate risk strategies and risk policies AVOID THE RISK TRANSFER THE RISK MITIGATE THE RISK RETAIN THE RISK 27
28 Risk Management Policy 10 step to define a Risk Management Policy A Risk Management Policy serves two main purposes: to identify, reduce and prevent undesirable incidents or outcomes; to review past incidents and implement changes to prevent or reduce future incidents Knowing how to write a risk management policy is a central part of an organization or business's strategic planning and growth 28
29 Risk Management Policy 1.POTENTIAL RISKS Identify all potential risks for the company Consider all the different transactions or processes in the reference context. Include long-term strategic objectives and decisions, operational or day-to-day activities, financial management and controls, intellectual and information technology actions and knowledge, and compliance/regulatory issues and policy decisions. Write down all the things that could potentially go wrong and how that might happen. Divide this information into sections to address each individually 29
30 Risk Management Policy 2. TO ANALYZE THE RISKS All the identified potentential risks should be analyzed Write down how they may occur and potential methods of prevention, additional steps that could be taken to prevent them, and how those risks are evaluated and assessed regularly 30
31 Risk Management Policy 3. PAST INCIDENTS Assess all the past incidences occurred to the organization and how these occurrences were handled Consult past records to determine how frequently incidents have happened, and how they were handled, including processes that worked and those where there were areas of improvement 31
32 Risk Management Policy 4. RE-OCCURRENCE Estimate the likelihood of each risk The probability of each risk should be estimated, basing on the history of the organization, best practices, and peer experiences 32
33 Risk Management Policy 5. TREATMENT PLAN Develop a treatment plan for all of the identified risks The treatment plan should be designed prioritizing the identified risks that will be more likely to occur. Be sure to outline a step-bystep expectation for how each risk will be avoided, how it will be handled if it does occur, and how it will be recorded. 33
34 Risk Management Policy 6. COSTS Calculate and include cost estimations For all the steps needed to align with the risk management policy recommendations, costs should be estimated Information on costs should be provided to the internal audience when the policy is proposed 34
35 Risk Management Policy 7. REPORTING Prepare a report for both internal and external stakeholders Auditing steps in place to revisit and evaluate the policy should be illustrated. The internal audiences need to know the greatest risks, who is accountable for what, and how the process will be monitored. The external audiences need to know risk management is a part of the organization's culture and how the process and policy has been laid out. 35
36 Risk Management Policy 8. DATA TRACKING Create a data tracking system to input all statistics on risk management successes and failures Training activities on staff to use the created database should be performed Creating a risk assessment form to be used after an incident can be a useful tool to examine whether more precautions should have been taken. This allows all the data to be recorded right after the occurrence, and for the same information to be gathered each time 36
37 Risk Management Policy 9. MONITORING Design a monitoring process Set up a regular monitoring process to review all risks and evaluate how the treatment plan has been working 37
38 Risk Management Policy 10. RMP REVIEW Regularly update the RMP Revisit the risk management policy every 6 months to evaluate its effectiveness by comparing incident occurrence rates. Revise the plan as necessary. Risk management planning and evaluation should be a continuous, evolving process that integrates seamlessly into a company or organization's culture. 38
39 Risk Management Policy DON T FORGET.. The needed awareness of all board members, senior managers, employees, volunteers and residents concerning risk management within the organization Establishing a Risk Management Committee with representatives from each department, whose responsibilities will be to implement, monitor, evaluate and revise plans to achieve goals and objectives Electing a Risk Management Coordinator to serve as the head of the Risk Management Committee and report to the BoD Including risk management as an item for discussion at every staff meeting 39
40 References Tricker B., 2015, Corporate Governance. Principles, Policies and Practices, Third edition. Oxford University Press. Chapter 8 Committee of Sponsoring Organizations of the Treadway Commission (COSO), 2004, Enterprise Risk Management Integrated Framework Executive Summary OECD (2014), Risk Management and Corporate Governance, Corporate Governance, OECD Publishing. 40
ENTERPRISE RISK MANAGEMENT POLICY
ENTERPRISE RISK MANAGEMENT Approved by the Audit Committee on 14 February 2003 and adopted by resolution of the Board on 28 March 2003 Revisions approved by the Audit and Risk Committee on 14 February
More informationGuidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Board of Directors March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance
More informationSuccessfully identifying, assessing and managing risks for stakeholders
Introduction Names like Enron, Worldcom, Barings Bank and Menu Foods are household names but unfortunately as examples of what can go wrong. With these recent high profile business failures, people have
More informationIRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS
IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS 1 Module 1: Principles of Risk and Risk Management Module aims The aim of this module is to provide an introduction to the principles and concepts of risk and
More informationTHE GOVERNANCE OF RISK MANAGEMENT. Session 5
THE GOVERNANCE OF RISK MANAGEMENT Session 5 Polling Question: Who is primarily responsible for risk governance in any organization? 0% A. The board or board risk committee (if applicable) B. The CRO 0%
More informationThe New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework
The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework Dorothy Gjerdrum, ARM-P, Chair of the ISO 31000 US TAG and Executive Director,
More informationInternational Diploma in Risk Management Syllabus
International Diploma in Risk Management Syllabus Module 1: Principles of Risk and Risk Management The aim of this module is to provide an introduction to the principles and concepts of risk and risk management.
More informationClarius Group Risk Management Policy and Framework
1. Introduction Clarius Group Risk Management Policy and Framework 1.1 Definition Risk is the chance of something happening that will have an impact on objectives. Risk provides the opportunity (upside)
More informationPrinciples for An. Effective Risk Appetite Framework
Principles for An Effective Risk Appetite Framework 18 November 2013 Table of Contents Page I. Introduction... 1 II. Key definitions... 2 III. Principles... 3 1. Risk appetite framework... 3 1.1 An effective
More informationENTERPRISE RISK MANAGEMENT FRAMEWORK
ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...
More informationHow To Save Money At The University Of California
THE UNIVERSITY OF CALIFORNIA ERM PROGRAM REDUCES THE COSTS OF RISK AND BORROWING BY JOHN BUGALLA AND KRISTINA NARVAEZ In December 2005, the University of California s Department of Risk Management was
More information10-005 Enterprise Risk Management
10-005 Enterprise Risk Management Current update: 09/16/10 Original Issuance: 03/31/08 Purpose This policy provides guidance and direction to State Board of Administration business unit heads for identifying,
More informationManaging Risk at Bank of America Corporation. Overview
Managing Risk at Bank of America Corporation Overview Risk is inherent in every material business activity that we undertake. Our business exposes us to strategic, credit, market, liquidity, compliance,
More informationAPPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014
WOOLWORTHS HOLDINGS LIMITED CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 This table is a useful reference to each of the King III principles
More informationAPPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES
APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES Ethical Leadership and Corporate Citizenship The board should provide effective leadership based on ethical foundation. that the company
More informationCOMMISSION OF THE EUROPEAN COMMUNITIES COMMISSION RECOMMENDATION. on remuneration policies in the financial services sector
EN EN EN COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 30.4.2009 C(2009) 3159 COMMISSION RECOMMENDATION on remuneration policies in the financial services sector {SEC(2009) 580} {SEC(2009) 581} EN EN
More informationPractice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE
Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE March 2012 Table of Contents Executive Summary... 1 Introduction... 1 Risk Management and Assurance (Assurance Services)... 1 Assurance Framework...
More informationEnterprise risk management: A pragmatic, four-phase implementation plan
Enterprise risk management: A pragmatic, four-phase implementation plan Prepared by: John Brackett, Managing Director, Risk Advisory Services, RSM McGladrey, Inc. 704.442.3820, john.brackett@mcgladrey.com
More informationThe Changing Landscape for Trade Compliance Enterprise Risk (and Opportunity) Management
The Changing Landscape for Trade Compliance Enterprise Risk (and Opportunity) Management API International Trade and Customs Conference H. Michael Leightman, Partner Customs and International Trade Practice
More informationThe Role of the Board in Enterprise Risk Management
Enterprise Risk The Role of the Board in Enterprise Risk Management The board of directors plays an essential role in ensuring that an effective ERM program is in place. Governance, policy, and assurance
More informationRemarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the
Remarks by Carolyn G. DuChene Deputy Comptroller Operational Risk at the Bank Safety and Soundness Advisor Community Bank Enterprise Risk Management Seminar Washington, D.C. October 22, 2012 Good afternoon,
More informationTHE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK
THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date
More informationSponsored by the international insurance firm AON Global, Hong Kong
The Governance of Critical Risk - the new frontier in corporate governance Sponsored by the international insurance firm AON Global, Hong Kong Most boards now recognize the significance of enterprise risk
More informationUNITED NATIONS OFFICE FOR PROJECT SERVICES. ORGANIZATIONAL DIRECTIVE No. 33. UNOPS Strategic Risk Management Planning Framework
UNOPS UNITED NATIONS OFFICE FOR PROJECT SERVICES Headquarters, Copenhagen O.D. No. 33 16 April 2010 ORGANIZATIONAL DIRECTIVE No. 33 UNOPS Strategic Risk Management Planning Framework 1. Introduction 1.1.
More informationAudit of the Policy on Internal Control Implementation
Audit of the Policy on Internal Control Implementation Natural Sciences and Engineering Research Council of Canada Social Sciences and Humanities Research Council of Canada February 18, 2013 1 TABLE OF
More informationImplementing an Integrated City-wide Risk Management Framework
AUDITOR GENERAL S REPORT ACTION REQUIRED Implementing an Integrated City-wide Risk Management Framework Date: June 11, 2015 To: From: Wards: Audit Committee Auditor General All Reference Number: SUMMARY
More informationIFAD Policy on Enterprise Risk Management
Document: EB 2008/94/R.4 Agenda: 5 Date: 6 August 2008 Distribution: Public Original: English E IFAD Policy on Enterprise Risk Management Executive Board Ninety-fourth Session Rome, 10-11 September 2008
More informationUniversity of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No. 2008-19 June 2007
University of St. Gallen Law School Law and Economics Research Paper Series Working Paper No. 2008-19 June 2007 Enterprise Risk Management A View from the Insurance Industry Wolfgang Errath and Andreas
More informationGovernance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.
Governance and Risk Management in the Public Sector Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.org 1 Agenda Governance, why is it important? Compliance
More informationCSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting www.corostrandberg.
Introduction CSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting www.corostrandberg.com June 2015 Companies which adopt CSR or sustainability 1
More informationDepartment of Veterans Affairs VA Directive 0054. VA Enterprise Risk Management (ERM)
Department of Veterans Affairs VA Directive 0054 Washington, DC 20420 Transmittal Sheet April 8, 2014 VA Enterprise Risk Management (ERM) 1. REASON FOR ISSUE: This directive provides guidelines to help
More informationGuidance on Supervisory Interaction with Financial Institutions on Risk Culture. A Framework for Assessing Risk Culture
Guidance on Supervisory Interaction with Financial Institutions on Risk Culture A Framework for Assessing Risk Culture 7 April 2014 Table of Contents Page Background... i Introduction... 1 1. Foundational
More informationSTANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework
STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES ENTERPRISE RISK MANAGEMENT Framework September 2011 Notice This document is intended as a reference tool to assist Ontario credit unions to develop an
More informationInternal Auditing Guidelines
Internal Auditing Guidelines Recommendations on Internal Auditing for Lottery Operators Issued by the WLA Security and Risk Management Committee V1.0, March 2007 The WLA Internal Auditing Guidelines may
More informationSaldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology
Inclusive of, framework, procedures and methodology Contents 1 Introduction 1 1.1 Legislative Framework and best practice 1 1.2 Purpose of Enterprise Risk Management 2 1.3 Scope and Applicability 3 1.4
More informationA structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000
A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000 Contents Executive summary Introduction Acknowledgements Part 1: Risk, risk management and ISO 31000 1 Nature
More informationPolicy 10.105: Enterprise Risk Management Policy
Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January
More informationDRAFT Report on Office of the Superintendent of Financial Report on Institutions Office of the Superintendent of Financial
DRAFT Report on Office of the Superintendent of Financial Report on Institutions Office of the Superintendent of Financial Institutions Regulation Sector Approvals & Precedents Group Office of the Chief
More informationUniversity Audit and Compliance. Internal Controls Enterprise-Wide Risk Assessment
Internal Controls Enterprise-Wide Risk Assessment Balancing Risk and Controls In order to achieve goals and objectives, management needs to effectively balance risks and controls. Control procedures need
More informationBasel Committee on Banking Supervision
Basel Committee on Banking Supervision Consultative document Guidelines Corporate governance principles for banks Issued for comments by 9 January 2015 October 2014 This publication is available on the
More informationIIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT
IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT Revised: Page 1 of 8 Introduction The importance to strong corporate governance of managing risk has been increasingly
More informationMatthew E. Breecher Breecher & Company PC November 12, 2008
Applying COSO s Enterprise Risk Management Integrated Framework Matthew E. Breecher Breecher & Company PC November 12, 2008 The basic outline for this presentation was provided by: Objectives for the session:
More informationDeveloping an Effective Enterprise Risk Management Program
Developing an Effective Enterprise Risk Management Program Jay Brietz, CPA and CIA Senior Manager This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record
More informationEnterprise Risk Management
Cayman Islands Society of Professional Accountants Enterprise Risk Management March 19, 2015 Dr. Sandra B. Richtermeyer, CPA, CMA What is Risk Management? Risk management is a process, effected by an entity's
More informationRISK MANAGEMENT FRAMEWORK 2013-2014 OKHAHLAMBA LOCAL MUNICIPALITYITY
RISK MANAGEMENT FRAMEWORK 2013-2014 OKHAHLAMBA LOCAL MUNICIPALITYITY Page 1 CONTENTS 1. Foreword by the Mayor... 3 2. Background... 4 2.1 Introduction... 4 2.2 Overall purpose of the Enterprise Risk Management
More informationOperational Risk Management Program Version 1.0 October 2013
Introduction This module applies to Fannie Mae and Freddie Mac (collectively, the Enterprises), the Federal Home Loan Banks (FHLBanks), and the Office of Finance, (which for purposes of this module are
More informationwww.pwc.com/us/insurance The role and function of insurance company board of directors risk committees
www.pwc.com/us/insurance The role and function of insurance company board of directors risk committees Table of contents The role and function of insurance company board of directors risk committees 2
More informationRisk Management Policy
1 Purpose Risk management relates to the culture, processes and structures directed towards the effective management of potential opportunities and adverse effects within the University s environment.
More informationASAE s Job Task Analysis Strategic Level Competencies
ASAE s Job Task Analysis Strategic Level Competencies During 2013, ASAE funded an extensive, psychometrically valid study to document the competencies essential to the practice of association management
More informationAccreditation Application Forms
The Institute of Risk Management The Institute of Risk Management Accreditation Application Forms Universities and Professional Associations The Institute of Risk Management Accreditation Application Forms
More informationPrincipled Performance & GRC
part of GRC Fundamentals Principled Performance & GRC How principled performance is the new normal and the imperative for integrating governance, performance, risk, internal control and compliance management
More informationSECTION B DEFINITION, PURPOSE, INDEPENDENCE AND NATURE OF WORK OF INTERNAL AUDIT
SECTION B DEFINITION, PURPOSE, INDEPENDENCE AND NATURE OF WORK OF INTERNAL AUDIT Through CGIAR Financial Guideline No 3 Auditing Guidelines Manual the CGIAR has adopted the IIA Definition of internal auditing
More informationIntegrated Risk Management:
Integrated Risk Management: A Framework for Fraser Health For further information contact: Integrated Risk Management Fraser Health Corporate Office 300, 10334 152A Street Surrey, BC V3R 8T4 Phone: (604)
More informationAudit, Risk Management and Compliance Committee Charter
Audit, Risk Management and Compliance Committee Charter Woolworths Limited Adopted by the Board on 27 August 2013 page 1 1 Introduction This Charter sets out the responsibilities, structure and composition
More informationTransforming risk management into a competitive advantage kpmg.com
INSURANCE RISK MANAGEMENT ADVISORY SOLUTIONS Transforming risk management into a competitive advantage kpmg.com 2 Transforming risk management into a competitive advantage Assessing risk. Building value.
More informationAMTRAK CORPORATE GOVERNANCE: Implementing a Risk Management Framework is Essential to Achieving Amtrak s Strategic Goals
AMTRAK CORPORATE GOVERNANCE: Implementing a Risk Management Framework is Essential to Achieving Amtrak s Strategic Goals Report No. OIG-A-2012-007 March 30, 2012 NATIONAL RAILROAD PASSENGER CORPORATION
More informationA Risk-Based Audit Strategy November 2006 Internal Audit Department
Mental Health Mental Retardation Authority of Harris County ENTERPRISE RISK MANAGEMENT A Framework For Assessing, Evaluating And Measuring Our Agency s Risk A Risk-Based Audit Strategy November 2006 Internal
More informationDirect Line Insurance Group plc (the Company ) Board Risk Committee (the Committee ) Terms of Reference
Direct Line Insurance Group plc (the Company ) Board Risk Committee (the Committee ) Terms of Reference Chair An Independent Non-Executive Director In the absence of the Committee Chairman and an appointed
More informationA Guide to Corporate Governance for QFC Authorised Firms
A Guide to Corporate Governance for QFC Authorised Firms January 2012 Disclaimer The goal of the Qatar Financial Centre Regulatory Authority ( Regulatory Authority ) in producing this document is to provide
More informationAXA GROUP GLOBAL RESPONSIBLE INVESTMENT POLICY. July 2013
AXA GROUP GLOBAL RESPONSIBLE INVESTMENT POLICY July 2013 AXA GROUP GLOBAL RI POLICY AXA 2013 1 CONTENTS BACKGROUND 1. POSITION, DEFINITION & BELIEFS 2. POLICY SCOPE POLICY 3. RESPONSIBLE OWNERSHIP ENGAGEMENT
More informationRisk Management Policy and Framework
Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871
More informationGuidance on Risk Management, Internal Control and Related Financial and Business Reporting
Guidance Corporate Governance Financial Reporting Council September 2014 Guidance on Risk Management, Internal Control and Related Financial and Business Reporting The FRC is responsible for promoting
More informationLEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE
Committee of Sponsoring Organizations of the Treadway Commission Governance and Internal Control LEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE By The Institute of Internal Auditors Douglas J. Anderson
More informationA&CS Assurance Review. Accounting Policy Division Rule Making Participation in Standard Setting. Report
A&CS Assurance Review Accounting Policy Division Rule Making Participation in Standard Setting Report April 2010 Table of Contents Background... 1 Engagement Objectives, Scope and Approach... 1 Overall
More informationEnterprise Risk Management: COSO, New COSO, ISO 31000. Review of ERM
Enterprise Risk Management: COSO, New COSO, Dr. Hugh Van Seaton, Ed. D., CSSGB, CGMA, CPA Review of ERM COSO a process, effected by an entity's board of directors, management and other personnel, applied
More informationConfident in our Future, Risk Management Policy Statement and Strategy
Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents
More informationENTERPRISE RISK MANAGEMENT FRAMEWORK
ROCKHAMPTON REGIONAL COUNCIL ENTERPRISE RISK MANAGEMENT FRAMEWORK 2013 Adopted 25 June 2013 Reviewed: October 2015 TABLE OF CONTENTS 1. Introduction... 3 1.1 Council s Mission... 3 1.2 Council s Values...
More informationHow To Manage Risk
Fund Board Oversight of Risk Management September 2011 Nothing contained in this report is intended to serve as legal advice. Each investment company board should seek the advice of counsel for issues
More informationThe College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012
The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only Agenda Introduction Basic program components Recent trends in higher education risk management Why
More informationFlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk
Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk 2012 The Flynt Group, Inc., All Rights Reserved FlyntGroup.com Enterprise Risk Management and Business
More informationAPPENDIX 50. Enterprise risk management - Risk management overview
APPENDIX 50 Enterprise risk management - Risk management overview Energex regulatory proposal October 2014 ENTERPRISE RISK MANAGEMENT Risk Management Overview (RMO) 06 11 2013 Table of Contents 1. INTRODUCTION...
More informationEnterprise-Wide Risk Assessment
Enterprise-Wide Risk Assessment Agenda 1. Definition of risk. 2. Risk drivers in higher education today. 3. Implementing an enterprise-wide risk management (ERM) program to effectively assess, manage,
More informationFramework for Enterprise Risk Management
Framework for Enterprise Risk Management 2013 Johnson & Johnson Contents Introduction.... 4 J&J Strategic Framework... 5 What is Risk?.......................................................... 7 J&J Approach
More informationScenario Analysis Principles and Practices in the Insurance Industry
North American CRO Council Scenario Analysis Principles and Practices in the Insurance Industry 2013 North American CRO Council Incorporated chairperson@crocouncil.org December 2013 Acknowledgement The
More informationJ u n e 2 0 1 0. N a t i o n a l R e s e a r c h C o u n c i l C a n a d a. I n t e r n a l A u d i t, N R C. Audit of Risk Management.
N a t i o n a l R e s e a r c h C o u n c i l C a n a d a Audit of Risk Management I n t e r n a l A u d i t, N R C J u n e 2 0 1 0 June 2010 i 1.0 Executive Summary and Conclusion Background This audit
More informationCONSULTATION PAPER ON RISK MANAGEMENT AND INTERNAL CONTROL: REVIEW OF THE CORPORATE GOVERNANCE CODE AND CORPORATE GOVERNANCE REPORT
CONSULTATION PAPER ON RISK MANAGEMENT AND INTERNAL CONTROL: REVIEW OF THE CORPORATE GOVERNANCE CODE AND CORPORATE GOVERNANCE REPORT June 2014 CONTENTS Page No. CONTENTS... 1 EXECUTIVE SUMMARY... 1 CHAPTER
More informationU N I T E D N A T I O N S J O I N T S T A F F P E N S I O N F U N D
U N I T E D N A T I O N S J O I N T S T A F F P E N S I O N F U N D The United Nations Joint Staff Pension Fund ( UNJSPF ) administers a diverse and complex international public pension system based on
More informationAdministrative Guidelines on the Internal Control Framework and Internal Audit Standards
Administrative Guidelines on the Internal Control Framework and Internal Audit Standards GCF/B.09/18 18 February 2015 Meeting of the Board 24 26 March 2015 Songdo, Republic of Korea Agenda item 24 Page
More informationWFP ENTERPRISE RISK MANAGEMENT POLICY
WFP ENTERPRISE RISK MANAGEMENT POLICY Informal Consultation 3 March 2015 World Food Programme Rome, Italy EXECUTIVE SUMMARY For many organizations, risk management is about minimizing the risk to achievement
More informationTHE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT
THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT Let me begin by thanking Baruch College for giving me the opportunity to present this year s prestigious Emanuel Saxe Lecture in Accounting.
More informationTransportation Security Administration Enterprise Risk Management. ERM Policy Manual. August 2014
Transportation Security Administration Enterprise Risk Management ERM Policy Manual August 2014 1 Contents Abbreviations...4 Introduction...5 Purpose of this document...6 ERM Objective...7 Enterprise Risk
More informationMaryland Association of Boards of Education Insurance Programs
Insurance Programs ENTERPRISE RISK MANAGEMENT John Magoon, ARM (P, E), CBCP, MBCI Risk Management Officer, MABE jmagoon@mabe.org 443 603 0399 A PERFECT DAY Our Goals 1.2 1 0.8 0.6 0.4 0.2 0 Actual Goal
More informationHand IN Hand: Balanced Scorecards
ANNUAL CONFERENCE T O P I C Risk Management WORKING Hand IN Hand: Balanced Scorecards AND Enterprise Risk Management B Y M ARK B EASLEY, CPA; A L C HEN; K AREN N UNEZ, CMA; AND L ORRAINE W RIGHT Recent
More informationFraud Prevention and Deterrence
Fraud Prevention and Deterrence Fraud Risk Assessment 2016 Association of Certified Fraud Examiners, Inc. What Is Fraud Risk? The vulnerability that an organization faces from individuals capable of combining
More informationTitle: Rio Tinto management system
Standard Rio Tinto management system December 2014 Group Title: Rio Tinto management system Document No: HSEC-B-01 Standard Function: Health, Safety, Environment and Communities (HSEC) No. of pages: 23
More informationEclipx Group Limited Risk Management Policy
Eclipx Group Limited Risk Management Policy Date approved: 26 March 2015 Table of Contents 1. Background... 3 1.1 Overview... 3 1.2 Purpose... 3 1.3 Board responsibility... 3 2. Key principles and concepts...
More informationGUIDANCE FOR MANAGING THIRD-PARTY RISK
GUIDANCE FOR MANAGING THIRD-PARTY RISK Introduction An institution s board of directors and senior management are ultimately responsible for managing activities conducted through third-party relationships,
More informationEnterprise Risk Management
Enterprise Management ERM provides a framework for risk management, which typically involves identifying particular events or circumstances relevant to the organization's objectives (risks and opportunities),
More informationThe Upside of Risk: Enterprise Risk Management and Public Real Estate Companies
The Upside of Risk: Enterprise Risk Management and Public Real Estate Companies James Barkley, Simon Property Group, Inc. and David E. Weiss, DDR Corp. Introduction: As lawyers, particularly real estate
More informationENTERPRISE RISK MANAGEMENT BENCHMARK REVIEW: 2013 UPDATE
March 2014 ENTERPRISE RISK MANAGEMENT BENCHMARK REVIEW: 2013 UPDATE In April and October 2009, Guy Carpenter published two briefings titled Risk Profile, Appetite and Tolerance: Fundamental Concepts in
More informationAnalyzing Risks in Healthcare. February 12, 2014
Analyzing s in Healthcare February 12, 2014 1 Content What is Enterprise Management (ERM) ERM Benefits ERM Standards / ISO 31000:2009 ERM Process Register ERM Governance Model s Q&A 2 What is Enterprise
More informationDomain 5 Information Security Governance and Risk Management
Domain 5 Information Security Governance and Risk Management Security Frameworks CobiT (Control Objectives for Information and related Technology), developed by Information Systems Audit and Control Association
More informationProposed guidance for firms outsourcing to the cloud and other third-party IT services
Guidance consultation 15/6 Proposed guidance for firms outsourcing to the cloud and other third-party IT services November 2015 1. Introduction and consultation 1.1 The purpose of this draft guidance is
More informationDeveloping Effective Internal Controls Using the COSO Model
Developing Effective Internal Controls Using the COSO Model Office of State Controller Internal Controls in a COSO Environment Seminar Raleigh, North Carolina March 2007 Mark S. Beasley Director, ERM Initiative
More informationEnterprise Risk Management: Concepts & Issues
Enterprise Risk Management: Concepts & Issues Jacques Lapointe Internal Audit, Management Board Secretariat November 2003 1 The Basic Concept of Risk Management The active process of identifying risks,
More informationOCC 98-3 OCC BULLETIN
To: Chief Executive Officers and Chief Information Officers of all National Banks, General Managers of Federal Branches and Agencies, Deputy Comptrollers, Department and Division Heads, and Examining Personnel
More informationUnderstanding Enterprise Risk Management. Presented by Dorothy Gjerdrum Arthur J Gallagher
Understanding Enterprise Risk Management Presented by Dorothy Gjerdrum Arthur J Gallagher Learning Objectives Understand the components of a wellrun ERM program Review scope and process Explore the role
More informationB o a r d of Governors of the Federal Reserve System. Supplemental Policy Statement on the. Internal Audit Function and Its Outsourcing
B o a r d of Governors of the Federal Reserve System Supplemental Policy Statement on the Internal Audit Function and Its Outsourcing January 23, 2013 P U R P O S E This policy statement is being issued
More informationApplication of King III Corporate Governance Principles
APPLICATION of KING III CORPORATE GOVERNANCE PRINCIPLES 2013 Application of Corporate Governance Principles This table is a useful reference to each of the principles and how, in broad terms, they have
More informationORGANISING COMMITTEE POLICY AND GOVERNANCE FOR RISKS TO REPUTATION
ORGANISING COMMITTEE POLICY AND GOVERNANCE FOR RISKS TO REPUTATION Report from a High Level Workshop INTRODUCTION It is increasingly recognised that reputation is an important valuable asset, though it
More information