Enterprise Risk Management Panel Discussion
|
|
- Cuthbert Pearson
- 7 years ago
- Views:
Transcription
1 Enterprise Risk Management Panel Discussion Facilitators Bill Cole, VCU and VCUHS CAE Michael Bordoni, former Emory University CAE, now DHG (Dixon Hughes Goodman LLP) Risk Advisory Services Partner Gary Nimax, UVA Assistant VP for Compliance and ERM David Litton, VCU and VCUHS Audit Director
2 Source: VCU Enterprise Risk Management White Paper 2012
3 A. Definitions of Key Terms Acceptable Risk Action Plan 2012 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. The KPMG name, logo and cutting through complexity are registered trademarks or trademarks of KPMG International. Shared with permission from KPMG LLP for educational use. 3
4 Panel Discussion Topics Adoption and Support Risk Data Collection Risk Categories Addressed Risk Mitigation and Management Plans Prioritization Monitoring Communication to VPs and Board Obstacles / Successes
5 Enterprise Risk Management Program Overview
6 Comprised of: Nine schools Five hospitals The Emory clinic Emory Specialty Associates JVs with the VA and Grady Revenues $4B Research $600M Employees 27K Students 12K
7 Rules: 1. Keep it simple 2. Support from the top 3. Organization and infrastructure 4. Define the program s objective 5. Customize the program for your institution 6. Create a charter 7. Define roles and responsibilities
8 From the Charter: Risk, in one form or another, is present in virtually all worthwhile endeavors. We recognize that not all risk is bad; thus our goal is not to eliminate all risk, for by doing so we would limit productive activity. Rather, our goal is to assume risk judiciously, mitigate it when possible, and prepare ourselves to respond effectively and efficiently when necessary.
9 ERM Executive Sponsors Committee (Reputational & Strategic Risks) President (Committee Chair) Executive VP for Finance and Administration Executive VP for Health Affairs Executive VP for Academic Affairs and Provost President and CEO, Emory Healthcare Senior VP and General Counsel Senior VP and Dean for Campus Life VP and Secretary VP of Communications Senior VP for Development and Alumni Relations ERM Steering Committee Chief Risk Officer (Co-Chair) Vice President of Investments, Chief Investment Officer Vice President of Finance Senior Vice Provost for Academic Planning and Faculty Development Special Assistant to Sr. VP & Dean, Campus Life Vice President of Human Resources Vice President of Campus Services Chief Audit Officer (Co-Chair) Deputy General Counsel Vice President of Research Vice President of IT, Chief Information Officer Executive Special Assistant to the VP, Campus Services Director of Critical Event Preparedness and Response Vice President for Research Administration Finance and Investment Healthcare Research Information Technology Campus Safety and Physical Plant Governance and Corporate Affairs Academic and Student Affairs Human Resources
10 Frequency (likelihood of occurring) 1-low: <10% chance of occurring in 2 years 2-medium: <25% chance of occurring in 2 years 3-high: <50% chance of occurring in 2 years 4-very high: >50% chance of occurring in 2 years or already occurring Severity (potential impact) 1-minor: unlikely to have permanent or significant effect on institution s reputation or achievement of its strategic objectives 2-moderate: will have significant impact on institution but can be managed without major impact 3-serious: will have significant effect on institution and require major effort to manage and resolve occurrence, as well as its ramifications 4-very serious: will threaten existence of institution if not resolved
11 Definitions: Primary Operational Leader (POL) - Emory manager/executive with primary (but often NOT sole) operational responsibility over the functional area where the risk has the greatest potential impact. Risk Management Process Owner (RMPO) - Individual assigned the responsibility for drafting the Risk Management Plan and keeping it current. The RMPO is NOT necessarily the individual who has primary operational responsibility for managing the risk, but must be sufficiently familiar with the risk to prepare a coherent Risk Management Plan Code Risk Frequency (1-4) Severity (1-4) Adjusted Risk Factor RMPO POL Assigned Risk Committee Committee Chair(s) ASA1 Academic and Student Affairs ASA2 Academic and Student Affairs ASA3 Academic and Student Affairs ASA4 Academic and Student Affairs
12 Risk: Examples and/or components of the risk : Steps currently in place to manage the risk: Issues:
13 Risk Identification (Aug to Sept) Risk Management Plans (Oct to Dec) Risk Hearings (Jan to Aug) Monitoring and Evaluation (On Going) Steering Committee identifies risks for major operational areas Risks ranked by frequency (likelihood of occurring within two years) and severity (potential impact on system) Top 50 risks, based on decreasing risk factor, are designated Key Risks Committee identifies individuals responsible for overseeing management of each key risk ( Risk Management Process Owner ) Key Risks reviewed with Executive Committee President charges Risk Management Process Owners with preparing two page plan within 90 days Plans include detailed description of risk, risk components, steps being taken to manage the risk, operational and communication responses to adverse occurrences Plans must clearly identify who is responsible and accountable for specific actions Steering Committee reviews Risk Management Plans Risk Management Process Owners revise plans based on Steering Committee feedback Risk Management Plans go to Executive Committee Risk Management Process Owners present to Executive Committee Five risk hearings, three hours each Process Owners provide five minute overview of each risk, followed by five minutes Q&A Executive Committee probes for potential gaps between the risk and the response plan Process Owners may be asked to return with additional information at the next hearing Participants identify best practices Executive Session includes overview of total risk for specific operational area and ERM process overall Key Risks and specific Risk Management Plans are reviewed throughout the year Relative frequency and severity may be adjusted resulting in the addition or deletion of key risks Updates to the Risk Management Plans are requested as needed
14 University of Virginia Enterprise Risk Management (ERM) College and University Auditors of Virginia May 19, 2015
15 UNIVERSITY OF VIRGINIA ENTERPRISE RISK MANAGEMENT (ERM) Executed risk assessment process with input from Deans and Vice Presidents. Rated the potential likelihood and impact. Refined the primary risks refined to top nine categories focused on most important to institutional continuity. Represented the key risks that merit further BOV understanding and discussion. Develop mitigation strategies to identify risk owner, action plans, due dates, and responsible parties. Share mitigation strategies with the BOV.
16 ENTERPRISE RISK MANAGEMENT (ERM) Sample Survey Items
17 TYPES OF RISK Strategic Risk Reputational Risk Enterprise Risk Management Financial Risk Legal and Regulatory Risk Operational Risk
18 Top Institutional Risks 1. Sufficient funding/resources to achieve goals Maintain core programs and pursue strategic objectives Align fundraising with strategic priorities Maintain historical Grounds, infrastructure and address needed capital projects Maintain State appropriations at a level necessary to accommodate enrollment growth and inflation Sustain and grow research mission Sustain AccessUVa Continue top decile performance of endowment 2. Management of human capital Achieve competitive compensation Manage generational turnover in faculty Effective succession planning 18
19 Top Institutional Risks 3. Legal compliance risks (state/federal/other) Comply with federal, state, or other established regulatory requirements (e.g. NCAA, SACS) 4. Keeping pace with changes in higher education Effectively implement strategic plan Ensuring adequate learning spaces to offer competitive graduate and undergraduate curricula 5. Failure to maintain reputation with key stakeholders Maintain/improve higher education rankings Maintain key accreditations 19
20 Top Institutional Risks 6. Failure to manage geo-political and economic risks Manage risks of increasing international experiences of faculty and students Effectively manage changing economic circumstances (e.g. growth/hyperinflation) 7. Safety/security of student, faculty and staff Effectively mitigate and respond to incidents on Grounds or at University-affiliated programs (e.g. racial incidents, harassment, pandemic risk, sexual assault, or other violence) Manage risks of increasing international experiences of faculty and students 20
21 Top Institutional Risks 8. Cybersecurity/leveraging IT Protect sensitive data and information Effectively leverage technology in the residential educational experience 9. Capitalize on organizational/operational efficiencies Effectively pursue organizational excellence Manage risk of differing priorities, inefficiencies, and complexity in decentralized operations and authority 21
22 Enterprise Risk Management Program Overview
23 ERM Abbreviated Timeline 2012 Identified need for ERM Developed white paper Established ERM Implementation Committee Selected KPMG as consultant Developed ERM website 2013 Conducted focus group interviews Identified risks and consolidated into risk themes Reviewed and prioritized risks Trained risk and process owners on preparation of Risk Mitigation and Management (RMM) Plans Provided preliminary review of RMM Plans
24 ERM Abbreviated Timeline 2014 Continued to evaluate risk theme prioritization and consolidation Transitioned ERM Implementation Committee to ERM Steering Committee Developed ERM Blackboard site Began recruitment for Assistant Vice President for Safety and Risk Management 2015 Completed review of all RMM Plans Updated heat map Source: VCU ERM Recent Events Website
25 Risk Name Here Deep Dive Risk defined here. If this risk encompasses multiple areas, subrisk sheets can be added to further refine specifics making up the overall risk. Risk Risk Considerations: Potential Impacts: Risk Owner: Usually a VP Process Owner: Typically that who is closest to managing the risk Key Stakeholders Who is impacted by the risk the most? Impact Insert rating Likelihood Insert rating Speed of Onset Insert rating Current Mitigation Activities Identify what is currently being done to mitigate risk. Mitigation Effectiveness Action Plans Insert expected effectiveness rating Identify what actions are planned to be done to mitigate risk Responsible Person Due Date Template shared with permission from KPMG LLP for educational use.
26 ERM Steering Committee Progress
27 ERM Steering Committee Progress Risk Likelihood x Impact Risk A 16 Risk B 16 Risk C 15 Risk D 14 Risk E 14 Risk F 13 Risk G 13 Risk H 12 Risk I 12 Risk J 10 Risk K 10 Risk L 10 Risk M 10 Risk N 9 Risk O 9 Risk P 8 Risk Q 7 Risk R 5 Risk S 5
28 Resources COSO Enterprise Risk Management Integrated Framework Executive Summary (September 2004) IIA Position Paper: The Role of Internal Auditing in Enterprise-wide Risk Management (January 2009) A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO (2010) VCU ERM Website
Enterprise Risk Management. Breaking Down the Barriers at Emory
Enterprise Risk Management Breaking Down the Barriers at Emory Willis Healthcare Forum Nashville, TN July 10, 2007 Shulamith Klein Senior Director Office of Risk & Insurance Services The Emory Enterprise
More informationEnterprise Risk Management VCU Process
VCU Process What is Enterprise Risk Management? An organization-wide systematic approach to identify and tactically manage risk. A best practice to prioritize risk and implement processes to monitor risk.
More informationAttorney Perspectives: Enterprise Risk Management in a Time of Innovation
Attorney Perspectives: Enterprise Risk Management in a Time of Innovation Nancy Pringle, Vice President and General Counsel, Ithaca College Stephen Sencer, Senior Vice President and General Counsel, Emory
More informationThe College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012
The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only Agenda Introduction Basic program components Recent trends in higher education risk management Why
More informationIn accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including:
Enterprise Risk Management Process and Procedures Scope In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including: Risk identification
More information04A. RISK MANAGEMENT: HOW TO MAKE IT PART OF YOUR STRATEGY. November 6 8, 2013. Shulamith Klein Chief Risk Officer Emory University Emory Healthcare
04A. RISK MANAGEMENT: HOW TO MAKE IT PART OF YOUR STRATEGY November 6 8, 2013 Shulamith Klein Chief Risk Officer Emory University Emory Healthcare I. ERM ANNUAL PROCESS Risk Identification June - July
More informationEmergency Planning and Crisis Management initiatives rolled up into a viable Business Continuity and Enterprise Risk Management Program.
Emergency Planning and Crisis Management initiatives rolled up into a viable Business Continuity and Enterprise Risk Management Program. Or: How I Learned to Stop Worrying and Love the ERM! Is this You?
More informationFINDING THE RISK IN RISK ASSESSMENTS NYSICA JULY 26, 2012. Presented by: Ken Shulman Internal Audit Director, New York State Insurance Fund
FINDING THE RISK IN RISK ASSESSMENTS NYSICA JULY 26, 2012 Presented by: Ken Shulman Internal Audit Director, New York State Insurance Fund There are different risk assessments prepared: Annual risk assessment
More informationFlorida A&M University O CTOBER 2008
Florida A&M University O CTOBER 2008 2013-14 Risk assessment and internal audit plan May 2013 Contents 2013-14 Risk assessment & internal audit plan... 1 Risk assessment matrix development process... 2
More informationEnterprise Risk Management & Information Technology
Enterprise Risk Management & Information Technology Presented by Scott Perry and Gary Ross Slalom Consulting, San Francisco Agenda Introductions Session Objectives Overview of Enterprise Risk Management
More informationArizona State University Fiscal Year 2009 IT Risk Assessment Methodology Prepared for the January 22, 2009 Audit Committee Meeting
Arizona State University Fiscal Year 2009 IT Risk Assessment Methodology Prepared for the January 22, 2009 Audit Committee Meeting This document provides an overview of the methodology used by ASU University
More informationPOLICY. Number: 7311-10-005 Title: Enterprise Risk Management. Authorization
POLICY Number: 7311-10-005 Title: Enterprise Risk Management Authorization [ ] President and CEO [ X] Vice President, Finance and Corporate Services Source: Director, Enterprise Risk Management Cross Index:
More informationGovernance Processes and Organizational Structures for Information Management
UNIVERSITY BUSINESS EXECUTIVE ROUNDTABLE Governance Processes and Organizational Structures for Information Management Custom Research Brief Research Associate Lauren Edmonds Research Manager Priya Kumar
More informationDepartment of Veterans Affairs VA Directive 0054. VA Enterprise Risk Management (ERM)
Department of Veterans Affairs VA Directive 0054 Washington, DC 20420 Transmittal Sheet April 8, 2014 VA Enterprise Risk Management (ERM) 1. REASON FOR ISSUE: This directive provides guidelines to help
More informationAnalyzing Risks in Healthcare. February 12, 2014
Analyzing s in Healthcare February 12, 2014 1 Content What is Enterprise Management (ERM) ERM Benefits ERM Standards / ISO 31000:2009 ERM Process Register ERM Governance Model s Q&A 2 What is Enterprise
More informationThe New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework
The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework Dorothy Gjerdrum, ARM-P, Chair of the ISO 31000 US TAG and Executive Director,
More informationPolicy 10.105: Enterprise Risk Management Policy
Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January
More informationControlling for change: A consolidation case study
Controlling for change: A consolidation case study May 20, 2013 Beth Brigdon VP for Institutional Effectiveness Learning Objectives Understand the importance of identifying and engaging key stakeholders
More informationAPPLICATION ANNUAL WORK PLAN (ONE OBJECTIVE PER PAGE)
GOVERNANCE Objective 1A Ensure program success through effective governance structures. The successful applicant will be required to work with a representative advisory group developed in consultation
More informationOrganizational Change Management: A Best Practice to Effective ERM Implementation
Organizational Change Management: A Best Practice to Effective ERM Implementation Christine Ackerman, CPA Associate Vice President & Director of Internal Audit University of Cincinnati Anita Ingram, ARM
More informationRisk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP
Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP 2 AGENDA About RLB / About Our Not-for-Profit Team Defining Risk Types of Organizational Risk
More informationUnderstanding Enterprise Risk Management. Presented by Dorothy Gjerdrum Arthur J Gallagher
Understanding Enterprise Risk Management Presented by Dorothy Gjerdrum Arthur J Gallagher Learning Objectives Understand the components of a wellrun ERM program Review scope and process Explore the role
More informationPeriodic risk assessment by internal audit
Periodic risk assessment by internal audit I Introduction The Good Practice Internal Audit Manual Template, developed by the Internal Audit CoP of Pempal, defines the importance and the impact that an
More informationPOL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:
POL ENTERPRISE RISK MANAGEMENT SC51 POLICY CODE: SC51 DIRECTORATE: Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: Executive Support Services RESPONSIBLE OFFICER:
More informationEnterprise Risk Management, Compliance, Management Advisory Services: An Integrated Approach
Enterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach SCCE s Higher Education Compliance Conference June 13, 2011 Objectives Implementing Enterprise Risk Management
More informationAppendix A - Charter of the Academic and Student Affairs Committee
ATTACHMENT 2 Appendix A - Charter of the Academic and Student Affairs Committee A. Purpose. The Academic and Student Affairs Committee shall be well informed about, provide strategic direction and oversight,
More informationPractice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE
Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE March 2012 Table of Contents Executive Summary... 1 Introduction... 1 Risk Management and Assurance (Assurance Services)... 1 Assurance Framework...
More informationCollege of Business Vision, Rationale, and Process. February 17, 2016 Provost Michael I. Kotlikoff
College of Business Vision, Rationale, and Process February 17, 2016 Provost Michael I. Kotlikoff The Cornell College of Business (CCB) o A unified College of Business consisting of: School of Hotel Administration
More informationUniversity of Oregon Information Technology Risk Assessment. December 2, 2015
December 2, 2015 Table of Contents EXECUTIVE SUMMARY... 3 BACKGROUND... 3 APPROACH... 4 IT UNITS... 5 NOTED STRENGTHS... 5 THEMES... 6 IT RISKS... 11 IT RISKS DESCRIPTIONS... 12 APPENDIX A: BAKER TILLY
More informationUniversity of Rhode Island IT Governance
University of Rhode Island IT Governance The Information Technology Review Steering Committee invites you to comment on a proposed IT governance structure for the University. The proposal is based on recommendations
More informationUsing Strategic Risk Management to Gain Assurance and Communicate More Effectively
Using Strategic Risk Management to Gain Assurance and Communicate More Effectively Julie Englund Board Member, Treasurer and Finance Committee Chair Wilson College Raina Rose Tagle, CPA, CISA, CIA National
More informationADVISORY SERVICES. Risk management in an evolving world. Making the case for social media governance. kpmg.com
ADVISORY SERVICES Risk management in an evolving world Making the case for social media governance kpmg.com Risk management in an evolving world 3 Why good governance should be the foundation of your social
More informationEnterprise Risk Management Handbook. June, 2010
Enterprise Risk Management Handbook June, 2010 Table of Contents Overview... 4 What is Enterprise Risk Management?... 5 Why Undertake Enterprise Risk Management?... 6 Draft UW System ERM Vision, Mission,
More informationBlending Sponsorship with Change Management
Blending Sponsorship with Change Management A case study of implementing a new financial model at the University of Virginia Lee Baszczewski Sarah Collie July 27, 2012 July 2012 1 Objective of Session
More informationLinking Risk Management to Business Strategy, Processes, Operations and Reporting
Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles
More informationOAC Presentation to UNESCO Member States
OAC Presentation to UNESCO Member States Scope and Purpose of Audit and Risk Committees 29 June 2016 1 Content: 1. Context 2. Audit and Risk Management in UNESCO today 3. Relationship between Entreprise
More informationOffshore and Cross-Border Programs
Offshore and Cross-Border Programs FULL POLICY CONTENTS Scope Policy Statement Reason for Policy Procedures Definitions ADDITIONAL DETAILS Additional Contacts Web Address Forms Related Information Effective:
More informationDate Submitted: October 1, 2013. Unit: The Office of Institutional Research, Planning, and Effectiveness I. MISSION STATEMENT
1 EMORY UNIVERSITY 2012 2013 Assessment Report for Administrative and Educational Support Units Assessment Period Covered: September 1, 2012 August 31, 2013 Unit: The Office of Institutional Research,
More informationUNIVERSITY FLU PANDEMIC PLAN Preparation, Management and Recovery
UNIVERSITY FLU PANDEMIC PLAN Preparation, Management and Recovery Objectives The objectives of establishing and implementing a University Flu Pandemic Plan are: 1. to protect the physical, mental and overall
More informationInternal Auditing Guidelines
Internal Auditing Guidelines Recommendations on Internal Auditing for Lottery Operators Issued by the WLA Security and Risk Management Committee V1.0, March 2007 The WLA Internal Auditing Guidelines may
More informationStreamlining the Annual Risk Assessment Process
Streamlining the Annual Risk Assessment Process Presenter: Gregory Jordan, CPA, CIA, CRMA, FLMI Senior Vice President, Chief Audit Executive Nationwide Insurance Gregory Jordan, CPA, CIA, CRMA, FLMI Chief
More informationEnterprise Risk Management Risk Inventory Summary. Prepared by: December 1, 201X
Enterprise Risk Management Risk Inventory Summary Prepared by: December 1, 201X Definition Enterprise Risk Management (ERM) is a comprehensive, systematic approach to identifying events, and measuring,
More informationFederal Reserve System Secure Payments Task Force
2015 Federal Reserve System. Materials are not to be used without Federal Reserve consent. Federal Reserve System Secure Payments Task Force Teleconference June 4, 2015 Secure Payments Task Force Anti-Trust
More informationInformation Security Program CHARTER
State of Louisiana Information Security Program CHARTER Date Published: 12, 09, 2015 Contents Executive Sponsors... 3 Program Owner... 3 Introduction... 4 Statewide Information Security Strategy... 4 Information
More informationPosition Description Cover Sheet. Executive Director, Risk Management and Compliance Division/department: GCO/Risk Management & Compliance
Position Description Cover Sheet In order to make an objective and accurate evaluation of a position, it is very important that the position description (PD) contain specific data. Therefore, please provide
More informationIT GOVERNANCE AT CARLETON UNIVERSITY
IT GOVERNANCE AT CARLETON UNIVERSITY Version 4.5 March 2015 Office of the Chief Information Officer, Computing and Communication Services This Document provides the terms of reference and structure for
More informationConducting Market Analysis for New Programs
Academic Affairs Forum Conducting Market Analysis for New Programs Developing Financially Viable Programs and Meeting Market Demand Custom Research Brief eab.com Academic Affairs Forum Emily McKelvey Research
More information2012 Audit Plan. Finance, Audit and Facilities Committee Board of Regents. November 2011 ATTACHMENT
2012 Audit Plan Finance, Audit and Facilities Committee Board of Regents November 2011 ATTACHMENT Table of Contents Executive Summary...1 2012 Audit Plan...2 Analysis of Coverage of University Auditable
More informationOAS 2015 Final Progress Report and 2016 Annual Audit Plan
OAS 2015 Final Progress Report and 2016 Annual Audit Plan TAB C BACKGROUND As outlined in the charter of the Oregon State University (OSU) Board of Trustees Executive & Audit Committee (Committee), the
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Business Continuity Management Standard for IT Systems This standard is applicable to all VCU School of Medicine
More informationInternational Agreements
International Agreements Handbook of Procedures & 2011 Guidelines Office of International Affairs Ronan Hall www.oia.cmich.edu Phone: 989-774-4308 Fax: 989-774-3690 Central Michigan University International
More informationENTERPRISE RISK MANAGEMENT FRAMEWORK
ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...
More informationAcademic Division Enterprise Risk Management (ERM)
Academic Division Enterprise Risk Management (ERM) Audit and Compliance Committee March 24, 2015 Achieve competitive compensation Risk Category Risk Description Risk Owner Key Stakeholders Management of
More informationHow to stay competitive in a converging healthcare system kpmg.com
Managing risk in a transforming healthcare organization How to stay competitive in a converging healthcare system kpmg.com 2 Healthcare Risk Management Managing the risk of healthcare transformation Healthcare
More informationFederal Bureau of Investigation s Integrity and Compliance Program
Evaluation and Inspection Division Federal Bureau of Investigation s Integrity and Compliance Program November 2011 I-2012-001 EXECUTIVE DIGEST In June 2007, the Federal Bureau of Investigation (FBI) established
More informationHealthcare Internal Audit: In a Time of Transition
The 2015 State of the Internal Audit Profession Study Healthcare Internal Audit: In a Time of Transition The healthcare industry in the United States is facing many challenges with the enactment of legislation
More informationStrategic Planning Procedure Manual
Strategic Planning Procedure Manual Adopted by the Strategic Planning Committee January 2003; revised December 2007, revised November 2011; revised September 2012; revised October 2014; revised June 2015
More informationEnterprise Risk Management Plan FY 2015. December 2014
1 Enterprise Risk Management Plan FY 2015 December 2014 2 Enterprise Risk Management Plan, FY 2015 Introduction Enterprise Risk Management (ERM) at the Texas A&M Transportation Institute (TTI) identifies
More informationSouthern University College of Business Strategic Plan
Southern University College of Business Strategic Plan 2012-2017 Baton Rouge, Louisiana February 24, 2012 This document is the draft Strategic Plan of the College of Business for the period 2012 2017.
More informationEnterprise Risk Management at Pennsylvania State University (A) Strategy Implementation in a Decentralized Organization
Enterprise Risk Management at Pennsylvania State University (A) Strategy Implementation in a Decentralized Organization Case study Reference no 308-372-1 This case was written by Assistant Professor Harvey
More informationEnterprise Risk Management Task Force Report to UNC Board of Trustees. Trustee Sallie Shuping-Russell, Chair May 2015
Enterprise Risk Management Task Force Report to UNC Board of Trustees Trustee Sallie Shuping-Russell, Chair May 2015 0 In all well regulated governments it is the indispensable duty of every legislature
More informationFraud Prevention and Deterrence
Fraud Prevention and Deterrence Fraud Risk Assessment 2016 Association of Certified Fraud Examiners, Inc. What Is Fraud Risk? The vulnerability that an organization faces from individuals capable of combining
More informationSt. John s University. College of Pharmacy and Allied Health Professions. Annual Objectives. 2010-2011 Revised 7/22/10
1 St. John s University College of Pharmacy and Allied Health Professions Annual Objectives 2010-2011 Revised 7/22/10 Institutional Goal I: Develop our academic and institutional culture to be studentcentered
More informationSelf-Study Town Hall Session. Working Group #1 Educational Innovation and Transformation
Self-Study Town Hall Session Working Group #1 Educational Innovation and Transformation Steering Committee Co-Chairs Dean Natalie Eddington Dr. Roger Ward September 2, 2015 Town hall objectives 1. Provide
More informationDean of the College of Pharmacy and Health Sciences
1 Dean of the College of Pharmacy and Health Sciences Texas Southern University invites nominations and applications for the position of Dean of the College of Pharmacy and Health Sciences (COPHS). Reporting
More informationSelf-Study Town Hall Session. Working Group #2 Research, Scholarship and Entrepreneurship
Self-Study Town Hall Session Working Group #2 Research, Scholarship and Entrepreneurship Steering Committee Co-Chairs Dean Natalie Eddington Dr. Roger Ward September 9, 2015 Town hall objectives 1. Provide
More informationITS Project Management
ITS Project Management Policy Contents I. POLICY STATEMENT II. REASON FOR POLICY III. SCOPE IV. AUDIENCE V. POLICY TEXT VI. PROCEDURES VII. RELATED INFORMATION VIII. DEFINITIONS IX. FREQUENTLY ASKED QUESTIONS
More informationPerforming a Compliance Risk Assessment for Compliance Auditing & Monitoring in Healthcare Organizations
Performing a Compliance Risk Assessment for Compliance Auditing & Monitoring in Healthcare Organizations Author: Glen C. Mueller, Chief Audit & Compliance Officer, Scripps Health, San Diego, CA Introduction
More informationEnterprise Risk Management in Colleges and Universities
Enterprise Risk Management in Colleges and Universities Cherry Bekaert & Holland, L.L.P. Neal Beggan, CISA, CRISC Shane Hester, CPA, CISA Cherry, Bekaert & Holland, L.L.P. The Firm of Choice. 1 Cherry,
More informationMoving Forward with IT Governance and COBIT
Moving Forward with IT Governance and COBIT Los Angeles ISACA COBIT User Group Tuesday 27, March 2007 IT GRC Questions from the CIO Today s discussion focuses on the typical challenges facing the CIO around
More informationEnterprise Risk Management
Enterprise Risk Management 1 Agenda Definition & Risk Response Environment Scan news from Insurance Confusion Reduction Lessons Learned from Others with an ERM program 2 Enterprise Risk Management Defined:
More informationRisk Assessment & Enterprise Risk Management
Risk Assessment & Enterprise Risk 1 Healthcare Corporate Governance Today s environment requires building a culture of risk awareness and management of risk across the organization, while formulating less
More informationKPMG LLP Credit Risk Management Practices 2014 Survey on Credit Bureau Reporting
KPMG LLP Credit Risk Management Practices 2014 Survey on Credit Bureau Reporting July 2014 kpmg.com Introduction Dear Colleagues: Credit reports play an important role in the lives of consumers. As the
More informationOffice of the President University Policy
Office of the President University Policy SUBJECT: UNIVERSITY ENVIRONMENTAL HEALTH AND SAFETY Effective Date: 7-3-12 Policy Number: 4.1.2 Supersedes: Page Of Presidential 1 6 Memorandum #85 Responsible
More informationSENIOR ACADEMIC ADMINISTRATOR POSITIONS RESPONSIBILITY STATEMENTS TABLE OF CONTENTS
SENIOR ACADEMIC ADMINISTRATOR POSITIONS RESPONSIBILITY STATEMENTS TABLE OF CONTENTS Vice Chancellor and CEO... 2 Deputy Vice Chancellor for Academic Affairs (Provost)... 4 Deans of Colleges... 7 Dean of
More informationEnterprise-Wide Risk Assessment
Enterprise-Wide Risk Assessment Agenda 1. Definition of risk. 2. Risk drivers in higher education today. 3. Implementing an enterprise-wide risk management (ERM) program to effectively assess, manage,
More informationOrganization and Job Profile
Organization and Job Profile New Orleans, Louisiana Position: Reports to: Location: System Vice President for Research New Orleans, Louisiana CORPORATE BACKGROUND is a non-profit, academic, multi-specialty,
More informationAuditing Campus Shared Services. Audit Services Monthly Webinar Presentation March 19, 2015
Auditing Campus Shared Services Audit Services Monthly Webinar Presentation March 19, 2015 Your Speakers Wanda Lynn Riley Chief Audit Executive, Audit and Advisory Services UC Berkeley Wanda Lynn Riley
More informationIT Governance Action Team Report & Recommendations
IT Governance Action Team Report & Recommendations March 15, 2012 Action Team Members: Vivek Choudhury Associate Dean, College of Business William Fant Interim Dean, College of Pharmacy Mark Faulkner (Co-chair)
More informationPLAN FOR INSTITUTIONAL SELF-STUDY NCA Accreditation A DECADE OF RENAISSANCE
PLAN FOR INSTITUTIONAL SELF-STUDY NCA Accreditation A DECADE OF RENAISSANCE Saint Louis University, a Jesuit, catholic university, founded in 1818 is undertaking the process of institutional self-examination
More informationPerformance Measures for Internal Auditing
Performance Measures for Internal Auditing A simple question someone may ask is Why measure performance? An even simpler response would be that what gets measured gets done. McMaster University s discussion
More information2/9/2012. 2012 HIPAA Privacy and Security Audit Readiness. Table of contents
2012 HIPAA Privacy and Security Audit Readiness Mark M. Johnson National HIPAA Services Director Table of contents Page Background 2 Regulatory Background and HITECH Impacts 3 Office of Civil Rights (OCR)
More informationEnterprise Risk Management
Enterprise Risk Management EACUBO Workshop March 20, 2014 Janice M. Abraham, President & CEO ERM: A process forward 2 ERM A business process, led by senior leadership, that expands the core concepts of
More informationOffice of the Auditor General AUDIT OF IT GOVERNANCE. Tabled at Audit Committee March 12, 2015
Office of the Auditor General AUDIT OF IT GOVERNANCE Tabled at Audit Committee March 12, 2015 This page has intentionally been left blank Table of Contents Executive Summary... 1 Introduction... 1 Background...
More informationInternal Audit and Advisory Services DRAFT
Internal Audit and Advisory Services DRAFT PAGE(S) Message from the Internal Audit and Advisory Services...1-2 Internal Audit and Advisory Services Plan...3-5 Objectives...6-7 Risk Assessment Process...8
More informationIntegrated Risk Management:
Integrated Risk Management: A Framework for Fraser Health For further information contact: Integrated Risk Management Fraser Health Corporate Office 300, 10334 152A Street Surrey, BC V3R 8T4 Phone: (604)
More informationIT Audit Perspective on Continuous Auditing/ Continuous Monitoring KPMG LLP
IT Audit Perspective on Continuous Auditing/ Continuous Monitoring KPMG LLP IT Audit Perspective on Continuous Auditing/Continuous Monitoring INTRODUCTION New demands from the board, senior organizational
More informationTREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION
TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION The Enterprise Systems Management Program Is Making Progress to Improve Service Delivery and Monitoring, but Risks Remain September 12, 2008 Reference
More informationERM Program. Enterprise Risk Management Guideline
ERM Program Enterprise Management Guideline Table of Contents PREAMBLE... 2 When should I refer to this Guideline?... 3 Why do we need a Guideline?... 4 How do I use this Guideline?... 4 Who is responsible
More informationStrategic Direction 7 Vision for Shared Administrative Services
Strategic Direction 7 Vision for Shared Administrative Services Strategic Direction 7 - Centralize the System s business/administrative functions, where appropriate, in order to leverage resources and
More informationIntroduction to Enterprise Risk Management at UVM DRAFT
Introduction to Enterprise Management at UVM 1 Enterprise What is Enterprise Management? Enterprise risk management is a structured, consistent, and continuous process across the whole organization for
More informationEnterprise Risk Management (ERM): In Action. January 2010. Co-presented by: Michael Yip, Marsh Risk Consulting Norma Essary, DFW International Airport
January 2010 Enterprise Risk Management (ERM): In Action Co-presented by: Michael Yip, Risk Consulting Norma Essary, DFW International Airport www.marsh.com Discussion Topics Enterprise Risk Management
More informationAboriginal Affairs and Northern Development Canada. Internal Audit Report. Audit of Internal Controls Over Financial Reporting.
Aboriginal Affairs and Northern Development Canada Internal Audit Report Audit of Internal Controls Over Financial Reporting Prepared by: Audit and Assurance Services Branch Project #: 14-05 November 2014
More informationREQUESTS FOR PROPOSAL RFP TGF-16-017. Title: Professional Services for the Implementation of the Board Governance Performance Assessment Framework
REQUESTS FOR PROPOSAL RFP TGF-16-017 Title: Professional Services for the Implementation of the Board Governance Performance Assessment Framework Issue Date: March, 9th 2016 RFP Submission Date: March,
More informationThe Position The Primary Responsibilities
Blackburn College in Carlinville, Illinois invites nominations and applications for the position of Vice President for Finance and Administration (VPFA). The VPFA is a key member of the President s leadership
More informationEQT GP HOLDINGS, LP (EQT GP Services, LLC) Corporate Governance Guidelines. (Adopted by the Board on April 30, 2015)
EQT GP HOLDINGS, LP (EQT GP Services, LLC) Corporate Governance Guidelines (Adopted by the Board on April 30, 2015) 1. Statement of Governance. EQT GP Holdings, LP (the Partnership ) is governed by a limited
More information83. Standard 9. Financial Resources. 1. Description. 1.1. Financial stability
83. Standard 9. Financial Resources 1. Description 1.1. Financial stability Bentley University has not reported an operating deficit since it became a not-for-profit organization in 1948. Fiscal year 2012
More informationAllison D. Garrett Executive Vice President Abilene Christian University
Allison D. Garrett Executive Vice President Abilene Christian University Cell number: Office number: Email: EDUCATION Georgetown University Law Center, LLM in Securities Regulation, with honors University
More informationPublic Sector Pension Investment Board
Public Sector Pension Investment Board Office of the Auditor General of Canada Bureau du vérificateur général du Canada Ce document est également publié en français. Her Majesty the Queen in Right of Canada,
More informationUniversity of New England Compliance Management Framework and Procedures
University of New England Compliance Management Framework and Procedures Document data: Document type: Administering entity: Framework and Procedures Audit and Risk Directorate Records management system
More information