treasury risk management
|
|
- Lorena Griffith
- 2 years ago
- Views:
Transcription
1 Governance, Concise guide Risk to and Compliance treasury risk management
2 KPMG is a leading provider of professional services including audit, tax and advisory. KPMG in Australia has over 5000 partners and staff working across 13 offices and is part of a strong global network of member firms. Our vision is simple to turn knowledge into value for the benefit of our clients, people and our capital markets. Whilst the global financial crisis created challenges for business, one of the positives that has emerged is a desire for greater understanding of integrated risk management. In order to achieve this outcome there is a growing appetite to reform risk management through design and implementation of a cost effective and business-wide approach. KPMG provides a holistic approach to risk to help ensure the risk framework aligns to the core business agenda. We work to protect and enhance business value by helping reduce risk, cut costs and improve business performance. To us, risk and compliance is more than a box-ticking exercise, it is a critical investment that can underpin an organisation s long-term growth, value and sustainability. The Institute is the professional body for Chartered Accountants in Australia and members operating throughout the world. Representing more than 70,000 professionals and business leaders, the Institute has a pivotal role in upholding financial integrity in society. Members strive to uphold the profession s commitment to ethics and quality in everything they do, alongside an unwavering dedication to act in the public interest. Chartered Accountants hold diverse positions across the business community, as well as in professional services, government, not-forprofit, education and academia. The leadership and business acumen of members underpin the Institute s deep knowledge base in a broad range of policy areas impacting the Australian economy and domestic and international capital markets. The Institute of Chartered Accountants in Australia was established by Royal Charter in 1928 and today represents more than 58,000 members and around 12,500 talented graduates working and undertaking the Chartered Accountants Program. The Institute is a founding member of the Global Accounting Alliance (GAA), which is an international coalition of accounting bodies and an 800,000-strong network of professionals and leaders worldwide. charteredaccountants.com.au Disclaimer The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation KPMG, an Australian partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. KPMG and the KPMG logo and cutting through complexity are registered trademarks of KPMG International. Liability limited by a scheme approved under Professional Standards Legislation. All information is current as at April 2012 First published May 2012 Published by: The Institute of Chartered Accountants in Australia Address: 33 Erskine Street, Sydney NSW 2000 KPMG Address: 10 Shelley Street, Sydney NSW 2000 Governance, Risk and Compliance First edition ISBN: Copyright The Institute of Chartered Accountants in Australia and KPMG All rights reserved. ABN: The Institute of Chartered Accountants in Australia Incorporated in Australia Members Liability Limited ABN: KPMG
3 Foreword We live in uncertain economic times, with a return to stability among the international business community even more inexact. Company boards, in particular, are now faced with a set of circumstances rarely seen before, making transparency of information and compliance essential in reducing exposure to risk. The evolution of the role of boards along with audit and risk committees has led to greater need for insight into key risks, an understanding of how these risks are being managed, and greater assurance over key risks facing an organisation. Practically mapping out a strategic approach to governance, risk and compliance will provide organisations with a framework that supports the corporate strategy and allows senior management to manage risk as and when it arises. This Institute is pleased to have worked with KPMG on this paper, and I m confident the content will provide readers with a better understanding of the most appropriate means to control matters of governance, risk and compliance (GRC). Even more critically, identifying the risks aligned to these issues amid a climate of widespread volatility will serve to increase transparency while continuing to drive business performance. Craig Farrow FCA President Institute of Chartered Accountants in Australia 3
4 Governance, Risk and Compliance
5 Contents 1. Why are organisations seeking a better approach to governance, risk and compliance (GRC)? Convergence of GRC is evolving Integrating GRC Implementing a strategic approach to GRC Glossary
6 1. Why are organisations seeking a better approach to governance, risk and compliance (GRC)? Economic instability is adding to uncertainty. Organisations continue to be concerned about the risk environment, leading them to reassess the effectiveness and adequacy of the internal controls in place to manage their risks. This landscape, along with a rise in complexity and regulation, is putting a strain on how organisations govern themselves. Management is expected to enhance oversight and transparency while simultaneously driving performance and profitability. In the current economic climate, boards of directors are also facing stakeholder demands for more accountability in their organisation s governance systems, as well as delivering ongoing success. In this context, resilience is the key to organisational survival. Organisations need to achieve a robust balance of governance, risk management and compliance. Siloed approaches to managing GRC mean that the Board and management find it difficult to obtain a holistic view of how their organisation is managing risk and have found it increasingly difficult to obtain the right information for decision making. Unsurprisingly, Boards and Audit/Risk committees are asking for greater insight into key risks and compliance obligations, how these risks and obligations are being managed, and the depth and breadth of assurance over the key risks the organisation faces. Governance, Risk and Compliance
7 Key questions to ask: > > Do we have separate departments managing risk, compliance and assurance without an overarching framework? > > Is the quality and quantity of risk and compliance information provided to the Board and Audit/Risk committees appropriate to provide relevant insight at the right time? > > Do we need to piece together multiple pieces of information from risk, compliance and assurance departments/providers to obtain an overall view of our organisation s risk profile? > > Is the information we receive on our risk and control environment sufficiently transparent for informed decision making? 7
8 2. Convergence of GRC is evolving The emergence of an integrated approach to GRC is a response to the current market complexity and uncertainty. A strategic approach to GRC sees a focus on rationalising risk management, controls, assurance structures and processes. A strategic approach to GRC is not simply about a technology tool or just an approach for large complex companies; it is a different way of thinking that seeks to drive maximum value from complementary activities that have the same goal. Even more today, Boards and Audit/Risk Committees are asking for: > > Greater insight into key risks and compliance obligations > > An understanding of how these risks and obligations are being managed > > Greater assurance over key risks facing the organisation. A strategic approach to GRC enables the delivery of insightful information, which the Board and management can use to improve organisational performance, achieve compliance and reinforce resilience in times of market volatility, change and ever increasing regulatory requirements. Organisations are using GRC to more readily identify and manage their risks and in turn, respond to opportunities more quickly. There is still some way to go before most organisations achieve full integration of GRC across their different functions and regions. Progress is being driven by the recognition of complexity, a desire to reduce risk exposure and the enduring need to improve performance and reduce cost. Audit/Risk Committees often play a crucial role in the success of an integrated approach to GRC. They are a key sponsor and champion by promoting the benefits of the organisation s GRC approach, and ensuring that it is aligned to the organisational strategy and mission. Many organisations have separate risk, compliance and assurance structures, and some organisations have separate Audit and Risk Committees. This can make it challenging to obtain an overall view of the organisation s risk profile, insight into how these risks are being managed and comfort that they are obtaining the right breadth and depth of assurance over their key controls. This makes it increasingly important to have an integrated framework that cuts through the complexities and silos to effectively and efficiently manage GRC requirements. Governance, Risk and Compliance
9 Key questions to ask: > > Is the Audit/Risk Committee s role and depth of involvement in the oversight of our GRC framework understood? > > Do we have separate Risk and Audit committees? If so, how do they connect and work together? > > Do we know the total cost of activities related to our organisation s GRC efforts? 9
10 3. Integrating GRC A strategic approach to GRC offers a framework to unite and direct governance processes to support an organisation s corporate strategy. It allows the specific components of governance, risk management, compliance and assurance to be better aligned. Addressing the fragmentation across risk, compliance and assurance activities is an important piece of the GRC puzzle. To be effective, GRC has to link risk, compliance and assurance activities with the overall strategic decision-making and performance of the organisation. This is an area where many organisations continue to face difficulties. The Audit/Risk committee can assist with the convergence by being an advocate of the benefits of the organisation s GRC program and by ensuring that it is strongly aligned to the organisation s strategy. The risk component is critical to implementing an effective approach to GRC as this anchors the alignment to organisation s strategy. The GRC model does not propose a centralised approach to risk management; it recognises that risk is often best managed closest to the point of origin by management those who have the greatest understanding of the organisation s risks. A common language, methodology and approach to risk identification and assessment which is driven from the organisation s strategy is essential. Overlaying the organisation s risk appetite can help further focus GRC efforts on the risks that matter and potential areas to concentrate compliance and assurance activities. The risk profile distinguishes where in the organisation assurance and compliance activities should be conducted. Assurance mapping, using a shared view of the organisational business model, can then integrate all assurance and compliance activities in a single view and be used to identify gaps in coverage and duplication of efforts. It can inform management decisions about the overall state of assurance, including management self assessment, internal assurance and external assurance. Governance, Risk and Compliance
11 Key questions to ask: > > Do we have the key risks for our organisation identified and assessed? > > Have we articulated our risk appetite? Do we understand which key risks are not being sufficiently mitigated? > > Are we focusing efforts on the most critical risks? > > Do we have sufficient clarity on the true risk and compliance culture within the organisation? > > Do we have clear roles and responsibilities and reporting lines for all assurance and compliance providers (e.g. internal audit, external audit, OH&S and compliance)? > > Do we have a consistent reporting framework across our assurance and compliance activities, including rating of issues identified and tracking of issue resolution? > > Do we receive regular reporting from all assurance functions to management and the Board? > > Do we receive an integrated assurance map which provides transparency over the risks and areas of the organisation covered by assurance activities, and any gaps and duplication of effort? 11
12 4. Implementing a strategic approach to GRC Any GRC initiative can be a complex, multi-year journey that requires input from a wide variety of stakeholders across the organisation. Although the process for achieving convergence within GRC will vary from one organisation to the next, the following principles can be a useful guide in maximising the chances of success: 1. Consider the big picture first A strategic approach to GRC should be viewed as a journey and therefore not all of the current convergence challenges can be addressed at once. It is important to identify what is important (e.g., do you need consistent and reliable information), what current challenges exist and prioritise the issues and actions. 2. Form a cross-functional team or committee The GRC journey requires a move away from siloed problem resolution. To assist it is important to establish an appropriately sponsored cross functional team or committee. This cross functional team/committee will provide a forum to discuss existing challenges/issues and collaboratively formulate solutions to obtain buy in across the organisation. 3. Define roles and responsibilities early in the process Effective GRC is predicated on the sharing of information across functional business lines; underpinning this, is the need to clearly define each GRC function s roles and responsibilities to minimise the level of task duplication. 4. Beware of building another silo GRC should be viewed as a framework/approach which supports the existing risk, compliance and assurance functions and not a reason to insert additional levels of bureaucracy through the creation of a GRC cottage industry. 5. Get the processes worked out before investing in the technology Technology is a support tool of GRC but not an essential element. It is important prior to investing significantly in new technology that you have clearly defined what your GRC requirements are and whether your existing systems can support your ongoing and future business needs. Governance, Risk and Compliance
13 6. Seek out overlaps and build efficiencies A clear understanding of each function s roles and responsibilities can enable the identification and removal of duplicate roles and infrastructure to focus on cost savings, whilst at the same time being cognisant of not creating inconsistencies and errors in compliance. 7. Create a common language and understanding around risk A common risk language, methodology and approach to risk identification and assessment provides the platform for an enterprise wide view of risk and the ability to aggregate information in a consistent manner which has been provided by different compliance and assurance providers. 8. Don t lose the detail in the convergence process GRC recognises that risk, compliance and assurance functions within an organisation may be at different stages of maturity and therefore, it is important not to create a standardised reporting approach that results in a loss of risk detail and expertise. 9. Remember that GRC is a gradual process GRC is not a one off wholesale change to existing risk, compliance and assurance processes, it is a gradual journey which focuses on implementing change in a sustainable manner across the organisation. In summary, an effective GRC framework protects and enhances organisation value by fostering a risk-aware culture, supporting informed decision-making and by addressing multiple layers of compliance and assurance. It enhances operational efficiency by rationalising risk management, controls and assurance. With the right GRC model in place, leaders should get the information they need to understand and respond to the risks facing the business, as well as anticipating and meeting changing stakeholder and regulatory demands. 13
14 5. Glossary Assurance Compliance Compliance management system Corporate governance Internal audit Internal controls Risk appetite Risk profile Resilience Risk management An independent professional service, with the goal of improving the information or the context of the information so that decision makers can make more informed, and presumably better decisions. Conforming to a rule, such as a specification, policy, standard or law. Compliance management takes care of the legal and ethical aspects of an organisation s activities. The role of person(s) or organisation(s) with responsibility for overseeing the strategic direction of the entity and obligations related to the accountability of the entity. An independent appraisal activity which includes, amongst other things, examining, evaluating and monitoring the adequacy and effectiveness of internal control. The process designed, implemented and maintained by those charged with governance, management and other personnel to provide reasonable assurance about the achievement of an entity s objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations, and compliance with applicable laws and regulations. The term controls refers to any aspects of one or more of the components of internal control. Risk appetite is the level and nature of risk the organisation is willing to take to achieve its objectives. The result of an integrated and organisation-wide assessment of those exposure areas that threaten strategy, objectives and existence of the enterprise. The ability of an enterprise to survive and recover from serious organisation setbacks. Covers the various coordinated activities that direct and control an organisation s approach to respond to an organisation s risks. Governance, Risk and Compliance
15
16 Contact details KPMG Sally Freeman Partner in Charge Internal Audit Risk & Control Services Phone Michael Hill Partner Internal Audit Risk & Control Services Phone The Institute of Chartered Accountants in Australia National Office 33 Erskine Street Sydney NSW 2000 GPO Box 9985, Sydney NSW 2001 Service Phone 100 per cent +61 recycled (2) 9290 paper supporting 1344 responsible use of forest resources. Fax +61 (2) charteredaccountants.com.au kpmg.com.au Printed on ecostar a 100% recycled paper supporting responsible use of forest resources.
Understanding and articulating risk appetite
Understanding and articulating risk appetite advisory Understanding and articulating risk appetite Understanding and articulating risk appetite When risk appetite is properly understood and clearly defined,
Compliance Policy AGL Energy Limited
Compliance Policy AGL Energy Limited November 2013 Table of Contents 1. About this Document... 3 2. Policy Statement... 4 3. Purpose... 4 4. AGL Compliance Context... 4 5. Scope... 5 6. Objectives... 5
FRAMEWORK FOR AN ETHICAL MATURITY INDEX. Authors: Elena Demidenko and Patrick McNutt
FRAMEWORK FOR AN ETHICAL MATURITY INDEX Authors: Elena Demidenko and Patrick McNutt Across key Enterprise risk management frameworks, COSO ERM (http://www.coso.org) and ASNZ4360 (ASNZ 4360: 2004 (http://www.standards.com.au)
Avondale College Limited Enterprise Risk Management Framework 2014 2017
Avondale College Limited Enterprise Risk Management Framework 2014 2017 President s message Risk management is part of our daily life, something we do regularly; often without realising we are doing it.
Competency Requirements for Assurance Practitioners of Second Tier Companies Limited by Guarantee
Joint Accounting Bodies CPA Australia Ltd, The Institute of Chartered Accountants in Australia & the National Institute of Accountants Competency Requirements for Assurance Practitioners of Second Tier
COCA-COLA HELLENIC BOTTLING COMPANY RISK MANAGEMENT POLICY
COCA-COLA HELLENIC BOTTLING COMPANY RISK MANAGEMENT POLICY 1. INTRODUCTION The effective management of risk is central to the ongoing success and resilience of Coca-Cola Hellenic Bottling Company (CCHBC).
Guide to the National Safety and Quality Health Service Standards for health service organisation boards
Guide to the National Safety and Quality Health Service Standards for health service organisation boards April 2015 ISBN Print: 978-1-925224-10-8 Electronic: 978-1-925224-11-5 Suggested citation: Australian
Department of Infrastructure and Planning: Governance Framework for Infrastructure Delivery Special Purpose Vehicles
Department of Infrastructure and Planning: Governance Framework for Infrastructure Delivery Special Purpose Vehicles Governance Framework for Special Purpose Vehicles Table of Contents Executive Summary...3
Guideline. Records Management Strategy. Public Record Office Victoria PROS 10/10 Strategic Management. Version Number: 1.0. Issue Date: 19/07/2010
Public Record Office Victoria PROS 10/10 Strategic Management Guideline 5 Records Management Strategy Version Number: 1.0 Issue Date: 19/07/2010 Expiry Date: 19/07/2015 State of Victoria 2010 Version 1.0
Enterprise Risk Management Framework 2012 2016. Strengthening our commitment to risk management
Enterprise Risk Management Framework 2012 2016 Strengthening our commitment to risk management Contents Director-General s message... 3 Introduction... 4 Purpose... 4 What is risk management?... 4 Benefits
Confident in our Future, Risk Management Policy Statement and Strategy
Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents
Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide
Standard 1 Governance for Safety and Quality in Health Service Organisations Safety and Quality Improvement Guide 1 1 1October 1 2012 ISBN: Print: 978-1-921983-27-6 Electronic: 978-1-921983-28-3 Suggested
Interim report: Review of the optimal approach to transition to the full NDIS
Interim report: Review of the optimal approach to transition to the full NDIS This interim report has been prepared for the Board of the National Disability Insurance Agency 16 July 2014 Disclaimer Inherent
Victorian Government Risk Management Framework. March 2015
Victorian Government Risk Management Framework March 2015 This document reproduces parts of the AS/NZS ISO 31000:2099 Risk Management Principles and Guidelines. Permission has been granted by SAI Global
RISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer
RISK MANAGEMENT FRAMEWORK 1 SUMMARY The Risk Management Framework consists of the following: Risk Management policy Risk Management strategy Risk Management accountability Risk Management framework structure.
Better Practice Guide
Better Practice Guide June 2008 Risk Management COMCOVER Commonwealth of Australia 2008 ISBN 1 921182 78 4 print ISBN 1 921182 79 2 online Department of Finance and Deregulation This work is copyright.
KPMG Advisory. Microsoft Dynamics CRM. Advisory, Design & Delivery Services. A KPMG Service for G-Cloud V. April 2014
KPMG Advisory Microsoft Dynamics CRM Advisory, Design & Delivery Services A KPMG Service for G-Cloud V April 2014 Table of Contents Service Definition Summary (What s the challenge?)... 3 Service Definition
Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS. www.fic.gov.bc.ca
Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS www.fic.gov.bc.ca INTRODUCTION The Financial Institutions Commission 1 (FICOM) holds the Board of Directors 2 (board) accountable for the stewardship
Effective risk management
Effective risk management Our holistic and disciplined risk management program is designed to mitigate risks at all levels of our business in order to protect our clients interests. 2 Vanguard > Effective
Meet challenges head on
Meet challenges head on Deal Advisory / Global We can help you master Financial Restructuring. Enhancing value through financial restructuring. / 1 Your vision. Our proven capabilities. Despite its challenges,
Pulling it all together: Integrated Solutions for Governance, Risk and Compliance
Customer Practice Profile Pulling it all together: Integrated Solutions for Governance, Risk and Compliance The business case for a new enterprise approach to GRC Integrated solutions for Governance, Risk
Middlesbrough Manager Competency Framework. Behaviours Business Skills Middlesbrough Manager
Middlesbrough Manager Competency Framework + = Behaviours Business Skills Middlesbrough Manager Middlesbrough Manager Competency Framework Background Middlesbrough Council is going through significant
Business Plan 2011-2014
Business Plan 2011-2014 April 2011 A private company limited by guarantee registered in England and Wales Company Number 05165006 Foreword 3 1. Executive Summary 4 2. NASMA Background 5 3. Core Roles 6
WHAT IS GRC AND WHERE IS IT HEADING? A BRIEFING PAPER. www.claytonutz.com
WHAT IS GRC AND WHERE IS IT HEADING? A BRIEFING PAPER www.claytonutz.com BACKGROUND Well established governance, risk and compliance functions have for many years formed a key part of management practice
Code of Practice for Directors
Code of Practice for Directors This Code provides guidance to directors to assist them in carrying out their duties and responsibilities in accordance with the highest professional standards. 1.0 INTRODUCTION
New Arrangements for Training Product Development for Australian Industry
New Arrangements for Training Product Development for Australian Industry ED15-0079 1 Key messages The Government aims to enhance Australia s economic prosperity by ensuring the future and emerging skills
Project organisation and establishing a programme management office
PROJECT ADVISORY Project organisation and establishing a programme office Leadership Series 1 kpmg.com/nz About the Leadership Series KPMG s Leadership Series is targeted towards owners of major capital
The Role of the Board in Enterprise Risk Management
Enterprise Risk The Role of the Board in Enterprise Risk Management The board of directors plays an essential role in ensuring that an effective ERM program is in place. Governance, policy, and assurance
MANAGING LEGAL RISK IN AN INTEGRATED GRC FRAMEWORK A BRIEFING PAPER. www.claytonutz.com
MANAGING LEGAL RISK IN AN INTEGRATED GRC FRAMEWORK A BRIEFING PAPER www.claytonutz.com BACKGROUND Organisations are finding that their stakeholders (particularly Boards) are seeking greater assurance of
Getting to strong Leading Practices for value-enhancing internal audit By Richard Reynolds and Abhinav Aggarwal - PricewaterhouseCoopers LLP
Getting to strong Leading Practices for value-enhancing internal audit By Richard Reynolds and Abhinav Aggarwal - PricewaterhouseCoopers LLP Today's unpredictable business climate and challenging regulatory
Mandate of the Working Group on the issue of human rights and transnational corporations and other business enterprises
HAUT-COMMISSARIAT AUX DROITS DE L HOMME OFFICE OF THE HIGH COMMISSIONER FOR HUMAN RIGHTS PALAIS DES NATIONS 1211 GENEVA 10, SWITZERLAND www.ohchr.org TEL: +41 22 928 9355 FAX: +41 22 928 9014 E-MAIL: wg-business@ohchr.org
STRATEGIC PLAN 2013-16
STRATEGIC PLAN 2013-16 CONTACT INFORMATION If you require further information or have any queries in relation to this Strategic Plan, please contact: National Health Funding Body PO Box 3139, Manuka ACT
Procurement Capability Standards
IPAA PROFESSIONAL CAPABILITIES PROJECT Procurement Capability Standards Definition Professional Role Procurement is the process of acquiring goods and/or services. It can include: identifying a procurement
The Asset Management Landscape
The Asset Management Landscape ISBN 978-0-9871799-1-3 Issued November 2011 www.gfmam.org The Asset Management Landscape www.gfmam.org ISBN 978-0-9871799-1-3 Published November 2011 This version replaces
GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012
GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental
Relationship Manager (Banking) Assessment Plan
1. Introduction and Overview Relationship Manager (Banking) Assessment Plan The Relationship Manager (Banking) is an apprenticeship that takes 3-4 years to complete and is at a Level 6. It forms a key
Project delivery strategy: getting it right
/01 PROJECT ADVISORY Project delivery strategy: getting it right Leadership Series 7 kpmg.com/nz About the Leadership Series KPMG s Leadership Series is targeted towards owners of major capital programmes,
Why choose ACCA? We help businesses grow by developing their finance capability and enhancing their brand reputation.
1 About ACCA ACCA (the Association of Chartered Certified Accountants) is the global body for professional accountants with 424,000 trainees and 147,000 qualified members in 170 countries. We help the
Risk Management Policy Adopted by:
Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009
TAX MANAGEMENT CONSULTING. How can you be more efficient at managing tax?
TAX MANAGEMENT CONSULTING How can you be more efficient at managing tax? NEW HEAD OF TAX/CFO TAX TRANSPARENCY Business Case Dispute Resolution Finance Transformation Authority Interaction Compliance Delivery
Risk Management Policy
Risk Management Policy Risk Management Policy Record Number D14/79827 Responsible Manager Manager Strategy and Governance Last reviewed 10 March 2015 Adoption reference Council Resolution number 90.5 Previous
Information Governance
WHITE PAPER Information Governance Irrelevant, overhead or central to survival? Setting the information governance agenda Table of Contents Introduction... 1 Defining the importance of information governance...
A Ready Business has total visibility and control. Seamlessly manage your global telecommuncations in a secure environment
A Ready Business has total visibility and control Seamlessly manage your global telecommuncations in a secure environment 2 We live in a world of rapid and unpredictable change 22% Only 22% of businesses
CAPABILITY MATURITY MODEL & ASSESSMENT
ENTERPRISE DATA GOVERNANCE CAPABILITY MATURITY MODEL & ASSESSMENT www.datalynx.com.au Data Governance Data governance is a key mechanism for establishing control of corporate data assets and enhancing
RISK MANAGEMENT POLICY AND PROCEDURE
RISK MANAGEMENT POLICY AND PROCEDURE SCOPE CONTEXT PURPOSE RISK MANAGEMENT FRAMEWORK Governance and Reporting Risk Statement RISK MANAGEMENT PROCESS Communicate and Consult Establish the Context Risk Identification
March 2014. Guide to the regulation of workplace defined contribution pensions
March 2014 Guide to the regulation of workplace defined contribution pensions The Financial Conduct Authority (FCA) and The Pensions Regulator have jointly developed this guide to provide an overview of
Role Description Director, Risk Management
Role Description Director, Risk Management Classification/Grade/Band Band 1 Senior Executive Work Level Standards ANZSCO Code PCAT Code Date of Approval Work Contribution Stream: Professional/Technical/Specialist
UNITED NATIONS OFFICE FOR PROJECT SERVICES. ORGANIZATIONAL DIRECTIVE No. 33. UNOPS Strategic Risk Management Planning Framework
UNOPS UNITED NATIONS OFFICE FOR PROJECT SERVICES Headquarters, Copenhagen O.D. No. 33 16 April 2010 ORGANIZATIONAL DIRECTIVE No. 33 UNOPS Strategic Risk Management Planning Framework 1. Introduction 1.1.
Pragmatic cloud computing Six keys to successfully using the cloud
Pragmatic cloud computing Six keys to successfully using the cloud It is imperative to develop a clear cloud strategy that is based on facts, that articulates the benefits and risks and that is holistic
Our connection to the South Australian Strategic Plan and Economic Priorities
General information Title: Principal Biosecurity Officer, Weeds Classification: PO4 Division: Biosecurity SA Type of appointment: Branch: NRM Biosecurity Ongoing Business NRM Biosecurity Term contract
Insight Report. Digital marketing governance From fragmentation to alignment to impact. In this report
Insight Report In this report Using standards to create a globally consistent digital experience Creating a digital governance framework Monitoring and measurement Digital marketing governance From fragmentation
Guide to Integrated Strategic Asset Management
Guide to Integrated Strategic Asset Management Issue date: 14 November 2011 Acknowledgements This guide is based on the Australasian Procurement and Construction Council Inc. s (APCC) publication, Asset
Australian Government Cyber Security Review
Australian Government Cyber Security Review The Cisco Response Today, governments are almost universally pursuing a development and modernisation agenda to nurture their society into the digital age, and
Asset Management Excellence Utilising the AMCL Asset Management Excellence Model (AMEM) to achieve world class Asset Management.
Excellence Utilising the AMCL Excellence Model (AMEM) to achieve world class. What is Excellence is the culmination of a long history of development in the management of physical assets. It is about asset
Linking Risk Management to Business Strategy, Processes, Operations and Reporting
Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles
Turning Information into Knowledge in a post-bradley Environment Monish Paul & Bhavesh Chavda
Turning Information into Knowledge in a post-bradley Environment Monish Paul & Bhavesh Chavda 12 November 2009 Agenda Monish Paul - The changing landscape : the burning platform for performance management
ASAE s Job Task Analysis Strategic Level Competencies
ASAE s Job Task Analysis Strategic Level Competencies During 2013, ASAE funded an extensive, psychometrically valid study to document the competencies essential to the practice of association management
ENTERPRISE RISK MANAGEMENT POLICY
ENTERPRISE RISK MANAGEMENT Approved by the Audit Committee on 14 February 2003 and adopted by resolution of the Board on 28 March 2003 Revisions approved by the Audit and Risk Committee on 14 February
University of New England Compliance Management Framework and Procedures
University of New England Compliance Management Framework and Procedures Document data: Document type: Administering entity: Framework and Procedures Audit and Risk Directorate Records management system
The National Commission of Audit
CA Technologies submission to The National Commission of Audit November, 2013 Kristen Bresch CA Technologies Executive Summary CA Technologies is pleased to present the National Commission of Audit the
NDIS Transition Readiness and Business Support Services
NDIS Transition Readiness and Business Support Services High Level Introduction Specific skills and expertise we make available to ACT providers looking to undertake major strategic/structural reform A
Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE
Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE March 2012 Table of Contents Executive Summary... 1 Introduction... 1 Risk Management and Assurance (Assurance Services)... 1 Assurance Framework...
Diversity Matters Cultural Diversity Framework
Diversity Matters Cultural Diversity Framework 2014 2017 December 2010 October 2012 Message from the Secretary Our commitment to people from culturally and linguistically diverse communities At Family
Information Paper The Roles and Domain of the Professional Accountant in Business
Information Paper The Roles and Domain of the Professional Accountant in Business Published by the Professional Accountants in Business Committee Professional Accountants in Business Committee International
Bridgend County Borough Council. Corporate Risk Management Policy
Bridgend County Borough Council Corporate Risk Management Policy December 2014 Index Section Page No Introduction 3 Definition of risk 3 Aims and objectives 4 Strategy 4 Accountabilities and roles 5 Risk
Foreword... 11 Introduction - The Global Food Safety Initiative (GFSI)... 11 Scope... 12 Section Overview... 12 Normative References...
Version 6.3 Overview Contents Foreword... 11 Introduction - The Global Food Safety Initiative (GFSI)... 11 Scope... 12 Section Overview... 12 Normative References... 13 9 Foreword Global Food Safety Initiative
Published by the National Regulatory System for Community Housing Directorate. Document Identification: 003-04-13/NRSD. Publication date: January 2014
Evidence guidelines Published by the National Regulatory System for Community Housing Directorate. Document Identification: 003-04-13/NRSD Publication date: January 2014 Supported by the Commonwealth Government
Strategy for 2015 2019: Fulfilling Our Public Interest Mandate in an Evolving World
The IAASB s Strategy for 2015 2019 December 2014 International Auditing and Assurance Standards Board Strategy for 2015 2019: Fulfilling Our Public Interest Mandate in an Evolving World This document was
POSITION DESCRIPTION. Role Purpose. Key Challenges. Key Result Areas
POSITION DESCRIPTION Position Title Manager, Technical Services Support Position Number Reports to Manager Technology Services Functional Auth HRM Auth Region IT Services Centre Head Office Date Feb 2011
the Defence Leadership framework
the Defence Leadership framework Growing Leaders at all Levels Professionalism Loyalty Integrity Courage Innovation Teamwork Foreword One of the founding elements of Building Force 2030, as outlined in
Enterprise Risk Management Aligning Risk with Strategy and Performance
Committee of Sponsoring Organizations of the Treadway Commission Enterprise Risk Management Aligning Risk with Strategy and Frequently Asked Questions November 2016 edition Table of Contents Project Background...
The transformation of IT Risk Management. kpmg.com
The transformation of IT Risk Management kpmg.com The transformation of IT Risk Management The role of IT Risk Management Scope of IT risk management Examples of IT risk areas of focus How KPMG can help
Resource Management. Compliments of. Published by
Why Four Professional Essential Steps Services for Building Organizations a Need GRC Improved Strategy Financial and Resource Management Compliments of Published by C U S T O M M E D I A S O L U T I O
Role Description Enterprise Architect and Solutions Delivery Manager
Role Description Enterprise Architect and Solutions Delivery Manager Cluster Agency Division Location Classification/Grade/Band Kind of Employment NSW Health Cancer Institute NSW Information Technology
A NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
Town of Port Hedland ICT Strategic Plan
Town of Port Hedland ICT Strategic Plan 2012-2017 Town of Port Hedland December2012 Table of Content Executive summary... 3 Town of Port Hedland Strategic Community Plan... 3 Business Context... 5 Activities
CORPORATE PHILANTHROPY. Achieving integrated social purpose
CORPORATE PHILANTHROPY Achieving integrated social purpose Corporate philanthropy: integrating social purpose into business Harnessing the power of capital to support what we most value is critical for
Transforming risk management into a competitive advantage kpmg.com
INSURANCE RISK MANAGEMENT ADVISORY SOLUTIONS Transforming risk management into a competitive advantage kpmg.com 2 Transforming risk management into a competitive advantage Assessing risk. Building value.
EFFECTIVE VENDOR MANAGEMENT: REAPING LONG-TERM BENEFITS FROM YOUR VENDOR RELATIONSHIPS
EFFECTIVE VENDOR MANAGEMENT: REAPING LONG-TERM BENEFITS FROM YOUR VENDOR RELATIONSHIPS TERRA FIRMA, AUGUST 2013 Leading organisations have understood for some time that active vendor management, as opposed
Risk Committee Charter
Director tools This is part of a series of Director Tools prepared by the Australian Institute of Company Directors. The tools have been designed to assist members with general background information and
Transition and Transformation. Transitioning services with minimal risk
IBM Global TECHNOLOGY Servicess and Transformation ing services with minimal risk Summary To transition services is a complex process involving many issues. When outsourcing to IBM, you gain the benefit
Standard costing. Insights from leading companies. February 2010
FINANCIAL MANAGEMENT Standard costing Insights from leading companies February 2010 ADVISORY Executive Summary The current economic crisis has created significant cost pressures on businesses. This coupled
Implementing the value chain of the future
Implementing the value chain of the future KPMG s Operations Advisory Practice Our mission Our vision is to help member firms clients create breakthrough competitive advantage by designing and implementing
A European Roadmap for Businesses Towards a Sustainable and Competitive Enterprise
A European Roadmap for Businesses Towards a Sustainable and Competitive Enterprise A EUROPEAN ROADMAP FOR BUSINESSES Towards a Sustainable and Competitive Enterprise AN OPEN INITIATIVE FOR ALL ENTERPRISES
Chief Executive Officer
ABOUT ATHLETICS AUSTRALIA Athletics Australia (AA) is the national governing body for Athletics in Australia. Athletics Australia has a critical role in leading, fostering and encouraging interest and
City and County of Swansea. Human Resources & Workforce Strategy 2013-2017. Ambition is Critical 1
City and County of Swansea Human Resources & Workforce Strategy 2013-2017 Ambition is Critical 1 Delivering quality services for a safer, greener, smarter, fairer, healthier, richer Swansea Executive Summary
IT Risk Closing the Gap
IT Risk Closing the Gap Giving the Board what it needs to understand, manage and challenge IT risk PWC Contents Foreword 1 Executive summary 3 Survey findings Does the Board fully understand the impact
Securing Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement.
Securing Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement June 2011 DISCLAIMER: This document is intended as a general guide only.
ETI PERSPECTIVE 2020: A FIVE YEAR STRATEGY
ETI PERSPECTIVE 2020: A FIVE YEAR STRATEGY Introduction This document is the final and Board approved version of ETI s strategic directions based on the ETI Board meeting discussion of 12 th March 2015.
NSW SENIOR EXECUTIVE SERVICE
NSW SENIOR EXECUTIVE SERVICE NSW DEPARTMENT OF EDUCATION AND TRAINING Position Description POSITION DETAILS Position Title: Reports to: Location: Directorate: Chief Financial Officer Deputy Director-General,
Risk Management Policy and Framework
Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871
National Standards for Safer Better Healthcare
National Standards for Safer Better Healthcare June 2012 About the Health Information and Quality Authority The (HIQA) is the independent Authority established to drive continuous improvement in Ireland
The Institute of Internal Auditors 247 Maitland Avenue Altamonte Springs, FL 32701-4201 USA
INTERNATIONAL Professional Practices Framework (IPPF) Disclosure Copyright 2009 by The Institute of Internal Auditors Research Foundation (IIARF), 247 Maitland Avenue, Altamonte Springs, Florida 32701-4201.
White Paper. PPP Governance
PPP Governance The Governance of Projects, Programs and Portfolios (PPP) (sometimes called project governance for convenience) is the sub-set of corporate and organisational governance 1 focused on assisting
Markup Version Proposed Changes to the Standards
The is releasing the exposure draft with proposed changes to the International Standards for the Professional Practice of Internal Auditing (Standards). The exposure period is from February 1 to April
C o r p o r at e p l a n. adding value to public sector performance and accountability
Departm 2007 10 C o r p o r at e p l a n adding value to public sector performance and accountability Commonwealth of Australia 2007 ISBN 0 642 80955 0 This work is copyright. Apart from any use permitted
HUNTER WATER CORPORATION. Greenprint For Sust ainable Urb an Wat er Managem ent
HUNTER WATER CORPORATION Greenprint For Sust ainable Urb an Wat er Managem ent NOVEMBER 2012 Table of Contents Message from the Managing Director 4 1. Introduction 5 1.1 Cities of the Future 5 1.2 Our
Better Practice Local Laws Strategy
Better Practice Local Laws Strategy December 2008 December 2008 Published by Local Government Victoria Department of Planning and Community Development Level 8, 55 Collins Street MELBOURNE VIC 3000 Tel:
OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT
OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT ERM as the foundation for regulatory compliance and strategic business decision making CONTENTS Introduction... 3 Steps to developing an
Basel II and Corporate Governance in Financial Institutions
in Financial Institutions Tel Aviv, *connectedthinking Agenda Basel Committee Corporate Governance Principles CEBS Guidance on Corporate Governance Governance issues identified during the financial crisis