Effective Enterprise Risk Management with ErmsCo ERM Foundation

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Effective Enterprise Risk Management with ErmsCo ERM Foundation"

Transcription

1 Executive Brief Effective Enterprise Risk Management with ErmsCo ERM Foundation

2 Introduction to ErmsCo About ErmsCo ErmsCo is a consulting and training firm that focuses on assisting financial institutions with optimizing their enterprise risk management (ERM) processes. Our mission is to help our clients optimize the resources and controls used to manage risk. At the same time we work with clients to fine-tune risk management resources to the performance objectives of the financial institution. Using proven methods and solutions to achieve targeted results, ErmsCo consistently delivers outstanding value to our clients. Our Team The ErmsCo team includes experienced banking professionals who have strong expertise in enterprise risk management. Our areas of expertise include risk management in governance, credit, operations, information technology and markets. Our professionals fully understand the challenges that bankers face with managing risk and we approach each client with careful consideration of the demands on time, resources, and pressures bankers face to deliver results. We are lead by Mr. John Drew, who has served as a Chief Risk and Credit Officer with large regional banks. Over the years, Mr. Drew has been an active board member on risk management trade associations. In addition, he has assisted with training of bank examiners at the national and state level on risk and credit management practices. Malvern National Services Malvern National Services represents ErmsCo with business development activities. In conjunction with ErmsCo, Malvern National Services works closely with its clients to optimize performance with a proven set of solutions and services. 2

3 Need for Effective Enterprise Risk Management Risk is routinely managed as part of banking responsibilities. However the processes used to manage risk varies widely. The most effective method for managing risk is through a well-designed and forward-looking enterprise risk management process. Many banks use periodic risk assessments that look at past performance compared to a forward-looking process that has well defined risks, implementation of effective controls and continuous alerts to changes in risk through key risk indicators. Backward Looking Forward Looking Silo-View Risk Management vs. Enterprise Risk Management When using a forward-looking risk control process, enterprise risk management can provide a cross-functional view of risk management across the enterprise rather than a silo-view approach. In addition, business units can see inter-dependent risks within the enterprise while a silo view of risks prohibits inter-dependent views. Enterprise Risk Focus IT Operations Credit Treasury Banking Finance Networks Support Applications Production Payments Credit Finance Commercial Business Consumer Investments Cash Mgmt Branches Commercial Fin Services Accounting Tax Audit Enterprise risk management starts with senior management setting the standards for risk appetite and returns. Management also adopts a common risk language with standard definitions along with a clear and consistent rating scale that allows for a comparable review of risk ratings. In addition, risks are tied to specific processes which are then assigned to owners who are accountable for the management and control of the risk. 3

4 The ErmsCo ERM Foundation Solution With ErmsCo ERM Foundation a bank can begin preparing to implement a functional and robust enterprise risk management program. ERM Foundation includes a complete set of plans, sample documents and proven models/components which enable a bank to cover all the necessary steps to build Enterprise Risk Management without overlooking key success factors. Frameworks, Organization Structures, Charters, Policy/Procedures ERM Foundations starts with a complete set of administrative and organizational components to define and build an effective enterprise risk management program. Included are examples to build the frameworks, organizational structures, charters and associated policies and procedures from the board level down to individual risk owners. Getting a structure and framework that works correctly for the unique profile of an individual bank is critical to the functional success of enterprise risk management. ERM Foundations provides both proven components and a road map to implement a sound ERM program. Complete Inventory of Risks, Controls, Key Risk Indicators and Rating System Defining an adequate list of risks and associated risk controls is a challenge for any size bank. ERM Foundation comes with a proven inventory of risks definitions, functional controls and selected key risk indicators to enable a bank to manage risk in a proactive and strategic manner. Risk management should be viewed both as a key success factor as well as a competitive advantage if risk is understood and effectively managed. ERM Foundations provides proven content that enables a bank to select the risk content that best matches the bank s unique business model. Training and Advisor Options Banks have a wide array of experience and skill sets associated with risk management. ErmsCo understands that some clients will utilize ERM Foundation with very little assistance due to internal resources while other banks may wish to have selected training on enterprise risk management. ErmsCo has an array or training programs and advisor options that can be tailored to the needs of a bank. All of these services are optional, affordable and flexible to the needs of our clients. 4

5 Key Results with ErmsCo ERM Foundation Less Time and Development of an ERM Program ERM Foundation can be considered ERM Tool Box because ErmsCo delivers a complete framework of ERM content that can be quickly applied to the development of a bank s ERM program. Countless hours of development of a program can be avoided by using ERM Foundation. The contents have been proven in other banks with sound success and results. On the following pages are listed the components included in ERM Foundation. Reduction in Loss Exposure One of the key results of a successful ERM program is the reduction in loss exposure. A sound ERM program will reveal areas where the bank is most vulnerable to the risk of loss. With the sound practices of ERM, a bank will be able to continuously gauge the changes in risk levels along with the resources applied to control risks. Executive management will be able to make informed decisions on prioritizing resources to address risks that are most threatening to the bank. Competitive Advantage Once a bank can effectively gauge risk in all relevant areas of the bank, the management team will be able to conduct strategic planning to determine the best rate of risk/return it can achieve against a competitive landscape. Establishment of Risk-Aware Culture While ERM can provide a methodology to manage risk, ERM can also build a riskaware culture whereby every risk owner becomes accountable for risk. This leads to all risk owners participating in the ERM process whereby everyone understands the cause/impact of proactive risk management. ERM also provides a conduit where risk owners are encouraged to report risk exposure in a timely fashion so that executive management can reduce risk exposure sooner rather than later. Ahead of the Regulatory Curve The financial industry and government agencies all acknowledge that financial institutions need to strengthen risk management with all aspects of banking. Areas such as credit, fraud, on-line security gain much of the headlines, however, many other areas of risk are also increasing such as compliance, reputational and operational to name a few. ERM helps to identify and manage in a proactive manner all important risks which is a preferred state of operating and viewed as a strong management practice. 5

6 ErmsCo ERM Foundation Contents The description of the seventeen individual components of ERM Foundation are listed on the next two pages of this brief. A detailed review of the individual components can be further reviewed during a presentation with ErmsCo. 1. Risk Management Process Enhancement Program Framework To get underway, a game plan is needed to successfully develop and implement a comprehensive Enterprise Risk Management Program. ERM Foundations starts with a sample Program Framework that is the basis for building a plan for ERM. This plan is built through collaborative representation from key stakeholders with the objective of alignment to the bank s strategic plan and risk management goals. 2. Risk Management Process Continuous Enhancement Model In order to keep management of risks updated and dynamic, a continuous enhancement model is required to set key activities to ensure successful implementation of a value driven Enterprise Risk Management process. A sample model and process is outlined in ERM Foundations. 3. Enterprise Risk Management Implementation Project Plan Outline A detailed project plan details all the key milestones, activities and tasks required to ensure the Risk Management Process Enhancement Program and Enterprise Risk Management process are effectively organized, resourced, sequenced, stay on track and completed timely. 4. Board Risk Management Committee Charter Framework A framework to define the Board s risk oversight responsibilities is included which states how a Board s Risk Management Committee should be empowered to enact and oversee the effective implementation and exercise of Enterprise Risk Management. 5. Board Committees Organizational Structure with ERM Integrated Board organizational structures are outlined to encompass the key risk oversight mandates of the corporate environment and governance responsibilities a Board should be empowered to perform. 6. Risk Management Organizational Process Model Alignment of Board and Executive Management level organizational structure examples are included to ensure risk management process integration, roles and accountability is performed. 7. Internal Management Committee Organizational Structure with ERM Examples of Executive Level, Senior Management and key internal to form operating committee alignment are presented which defines accountability to ensure risk culture integration into business processes. 8. Enterprise Risk Management Policy Framework Structure and key components for establishing Enterprise Risk Management policies within the bank including empowerment, delegation and reporting of risk information are included. 6

7 ErmsCo ERM Foundations Contents 9. Enterprise Risk Management Procedures Framework The development of necessary procedures are accomplished by developing a Procedures Framework. Examples of structure and key components for the delineation of responsibilities, accountability for Enterprise Risk Management on a day to day basis at all levels of the bank are included. 10. Enterprise Risk Management Taxonomy The language of enterprise risk management is included with a full taxonomy. Key terms and definitions of a common risk vocabulary are defined for all the Enterprise Risk Management activities conducted within the bank. 11. Risk Management Authority & Escalation Process Process examples are included to define the structure and key components for the delineation of risk decision accountability for Enterprise Risk Management on a day to day basis and at all levels of the bank. 12. Enterprise Risk Management Technology Solutions An evaluation method is provided which includes an approach for documentation and analysis of leading risk management system technologies available in the market including an assessment tool for system evaluation and selection. 13. Risk Rating Framework COSO aligned model for the development of the bank s Enterprise Risk Management risk and control rating matrix is provided. 14. Risk (500+) and Control (1500+) Inventory A comprehensive and complete foundational COSO-aligned inventory of typical regional bank risks and controls organized by key processes and sub-processes. This proven inventory covers all functional areas of a bank and can be implemented swiftly in financial institutions. 15. Initial Set of Key Risk Indicators Overview, orientation and development tools to build Key Risk Indicators are provided along with an initial set of KRI s typical for regional banks. 16. Board ERM Reporting Framework Set of Enterprise Risk Management reporting designs to facilitate audience appropriate value driven communication of key risk information are included. 17. Internal Risk Management Committee Reporting Framework A working framework to define what reporting elements to use for internal management purposes. 7

8 Risk Management in News Recent Announcements In 2011, the Federal Reserve Bank issued proposed standards and early remediation requirements for risk management under the Dodd-Frank Act. Publicly traded bank holding companies with $10 billion or more in total consolidated assets must establish a risk committee of the board of directors that is responsible for oversight of enterprise-wide risk management. The risk committee must be comprised of an appropriate number of independent directors and include at least one risk management expert. Impact Banks of all sizes will eventually need to demonstrate advanced proficiency in managing risk across their enterprise. Learn More We would like the opportunity to be of further service to you and would be glad to schedule an executive session to review in detail how our program could perform for your bank. You can reach either Brian Blair or John Drew listed below for further discussion. Brian Blair President Malvern National Services ErmsCo Strategic Business Partner Office: Website: John Drew President Director of ERM Services Office: Website: Offices Philadelphia & Houston 8

9 Our Business Philosophy The ErmsCo operating model embodies these concepts to ensure effective relationships and results Common Sense: balanced approach to business decisions and judgment Candor: professionally state the question or call the point as needed Courage: take actions needed to optimize risk management and create value Communicate: professionally, fully and concisely Commitment: to our clients and completing our charge everyday v100 9

The Role of the Board in Enterprise Risk Management

The Role of the Board in Enterprise Risk Management Enterprise Risk The Role of the Board in Enterprise Risk Management The board of directors plays an essential role in ensuring that an effective ERM program is in place. Governance, policy, and assurance

More information

Guidelines for Financial Institutions Legislative Compliance Management (LCM) Date: July 2004 Introduction

Guidelines for Financial Institutions Legislative Compliance Management (LCM) Date: July 2004 Introduction Guidelines for Financial Institutions Legislative Compliance Management (LCM) Date: July 2004 Introduction Regulatory risk is the risk of non-compliance with applicable regulatory requirements. For the

More information

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide RISK BASED AUDITING: A VALUE ADD PROPOSITION Participant Guide About This Course About This Course Adding Value for Risk-based Auditing Seminar Description In this seminar, we will focus on: The foundation

More information

Enterprise Risk Management

Enterprise Risk Management Cayman Islands Society of Professional Accountants Enterprise Risk Management March 19, 2015 Dr. Sandra B. Richtermeyer, CPA, CMA What is Risk Management? Risk management is a process, effected by an entity's

More information

Guidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français.

Guidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français. Guidance Note: Corporate Governance - Board of Directors March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...

More information

Saldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology

Saldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology Inclusive of, framework, procedures and methodology Contents 1 Introduction 1 1.1 Legislative Framework and best practice 1 1.2 Purpose of Enterprise Risk Management 2 1.3 Scope and Applicability 3 1.4

More information

Internal Auditing Guidelines

Internal Auditing Guidelines Internal Auditing Guidelines Recommendations on Internal Auditing for Lottery Operators Issued by the WLA Security and Risk Management Committee V1.0, March 2007 The WLA Internal Auditing Guidelines may

More information

ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT POLICY TITLE OF POLICY POLICY OWNER POLICY CHAMPION DOCUMENT HISTORY: Policy Title Status Enterprise Risk Management Policy (current, revised, no change, redundant) Approving

More information

Fraud Risk Management

Fraud Risk Management Fraud Risk Management Overview Discussion Questions 1) Does your organization follow a specific risk management model? If so, which one? Do you think this model adequately addresses the risks your organization

More information

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation Tying It All Together: Practical ERM Integration Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation November 16, 2007 1 Agenda Basis for ERM Integration ERM Objectives ERM Focus

More information

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the Remarks by Carolyn G. DuChene Deputy Comptroller Operational Risk at the Bank Safety and Soundness Advisor Community Bank Enterprise Risk Management Seminar Washington, D.C. October 22, 2012 Good afternoon,

More information

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Revised: October 2012 i Table of contents Attribute Standards... 3 1000 Purpose, Authority, and Responsibility...

More information

Compliance Risk Management Survey A Point of View

Compliance Risk Management Survey A Point of View FINANCIAL SERVICES Compliance Risk Management Survey A Point of View July 2014 kpmg.com Compliance Risk Management Survey A Point of View 3 Introduction As the financial crisis unfolded, regulators looked

More information

Sample risk committee charter

Sample risk committee charter Sample risk committee charter 1 Next This sample risk committee charter is based on leading practices observed by Deloitte in the analysis of a variety of materials. It is important to note that the Risk

More information

ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT Approved by the Audit Committee on 14 February 2003 and adopted by resolution of the Board on 28 March 2003 Revisions approved by the Audit and Risk Committee on 14 February

More information

Pharmaceutical Compliance and Regulatory Congress 2009

Pharmaceutical Compliance and Regulatory Congress 2009 Pharmaceutical Compliance and Regulatory Congress 2009 Compliance Program Elements Track I: How Program Management Can Keep You On Track Edward H. Leskauskas Director, Compliance and Ethics Operations

More information

Department of Veterans Affairs VA Directive 0054. VA Enterprise Risk Management (ERM)

Department of Veterans Affairs VA Directive 0054. VA Enterprise Risk Management (ERM) Department of Veterans Affairs VA Directive 0054 Washington, DC 20420 Transmittal Sheet April 8, 2014 VA Enterprise Risk Management (ERM) 1. REASON FOR ISSUE: This directive provides guidelines to help

More information

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY PRESENTED BY: LEN WIATR, CHIEF RISK OFFICER Len s Risk Management Philosophy Build a

More information

10-005 Enterprise Risk Management

10-005 Enterprise Risk Management 10-005 Enterprise Risk Management Current update: 09/16/10 Original Issuance: 03/31/08 Purpose This policy provides guidance and direction to State Board of Administration business unit heads for identifying,

More information

Building a Strong Organization CORPORATE GOVERNANCE AND ORGANIZATIONAL STRUCTURE

Building a Strong Organization CORPORATE GOVERNANCE AND ORGANIZATIONAL STRUCTURE chapter III Building a Strong Organization To remain a strong organization that is able to fulfil its mandate, CMHC draws on sound corporate governance, financial and risk management practices, progressive

More information

ERM and GRC Fundamentals. Risk Management Definitions & Guiding Principles. Module 1

ERM and GRC Fundamentals. Risk Management Definitions & Guiding Principles. Module 1 ERM and GRC Fundamentals Risk Management Definitions & Guiding Principles Module 1 Agenda Introduction: Purpose and Goal of the Training (5 min.) Section 1: ERM / GRC Terms & Concepts (15 min.) Section

More information

Operational Risk Management Program Version 1.0 October 2013

Operational Risk Management Program Version 1.0 October 2013 Introduction This module applies to Fannie Mae and Freddie Mac (collectively, the Enterprises), the Federal Home Loan Banks (FHLBanks), and the Office of Finance, (which for purposes of this module are

More information

Enterprise Risk Management (ERM): In Action. January 2010. Co-presented by: Michael Yip, Marsh Risk Consulting Norma Essary, DFW International Airport

Enterprise Risk Management (ERM): In Action. January 2010. Co-presented by: Michael Yip, Marsh Risk Consulting Norma Essary, DFW International Airport January 2010 Enterprise Risk Management (ERM): In Action Co-presented by: Michael Yip, Risk Consulting Norma Essary, DFW International Airport www.marsh.com Discussion Topics Enterprise Risk Management

More information

Integrated Risk Management:

Integrated Risk Management: Integrated Risk Management: A Framework for Fraser Health For further information contact: Integrated Risk Management Fraser Health Corporate Office 300, 10334 152A Street Surrey, BC V3R 8T4 Phone: (604)

More information

The Treasury 3.0 Framework: Deploying a Model of Best Practices. 2013 Treasury Strategies, Inc. All rights reserved.

The Treasury 3.0 Framework: Deploying a Model of Best Practices. 2013 Treasury Strategies, Inc. All rights reserved. The Treasury 3.0 Framework: Deploying a Model of Best Practices 2013 Treasury Strategies, Inc. All rights reserved. Agenda Treasury: The Future State Successful Treasury Traits Moving to the Ideal State:

More information

Risk and Contingency Planning. Today s Topics. Key Terms. A Vital Component of Your ICD-10 Program

Risk and Contingency Planning. Today s Topics. Key Terms. A Vital Component of Your ICD-10 Program Risk and Planning A Vital Component of Your ICD-10 Program Today s Topics Key Terms Why is Risk Management Critical for ICD-10? Effective Risk Management and Best Concepts ICD-10 Risk Management Examples

More information

RSA ARCHER OPERATIONAL RISK MANAGEMENT

RSA ARCHER OPERATIONAL RISK MANAGEMENT RSA ARCHER OPERATIONAL RISK MANAGEMENT 87% of organizations surveyed have seen the volume and complexity of risks increase over the past five years. Another 20% of these organizations have seen the volume

More information

Fraud Prevention and Deterrence

Fraud Prevention and Deterrence Fraud Prevention and Deterrence Fraud Risk Assessment 2016 Association of Certified Fraud Examiners, Inc. What Is Fraud Risk? The vulnerability that an organization faces from individuals capable of combining

More information

STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework

STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES ENTERPRISE RISK MANAGEMENT Framework September 2011 Notice This document is intended as a reference tool to assist Ontario credit unions to develop an

More information

Effective Internal Audit in the Financial Services Sector

Effective Internal Audit in the Financial Services Sector Effective Internal Audit in the Financial Services Sector Recommendations from the Committee on Internal Audit Guidance for Financial Services: How They Relate to the Global Institute of Internal Auditors

More information

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Introduction to the International Standards Internal auditing is conducted in diverse legal and cultural environments;

More information

Enterprise risk management: A pragmatic, four-phase implementation plan

Enterprise risk management: A pragmatic, four-phase implementation plan Enterprise risk management: A pragmatic, four-phase implementation plan Prepared by: John Brackett, Managing Director, Risk Advisory Services, RSM McGladrey, Inc. 704.442.3820, john.brackett@mcgladrey.com

More information

Table of Contents PERFORMANCE REVIEWS STRATEGIC REVIEWS

Table of Contents PERFORMANCE REVIEWS STRATEGIC REVIEWS SECTION 270 PERFORMANCE AND STRATEGIC REVIEWS Table of Contents 270.1 To which agencies does this section apply? 270.2 What is the purpose of this section? PERFORMANCE REVIEWS 270.3 What is the purpose

More information

fs viewpoint www.pwc.com/fsi

fs viewpoint www.pwc.com/fsi fs viewpoint www.pwc.com/fsi June 2013 02 11 16 21 24 Point of view Competitive intelligence A framework for response How PwC can help Appendix It takes two to tango: Managing technology risk is now a

More information

New Risk Management Paradigms for Asset Managers

New Risk Management Paradigms for Asset Managers April 2014 Asset Management New Management Paradigms for Asset Managers Point of view The financial crisis has caused deep reflection by regulators, asset managers and investors as to the effectiveness

More information

Introduction to Enterprise Risk Management at UVM DRAFT

Introduction to Enterprise Risk Management at UVM DRAFT Introduction to Enterprise Management at UVM 1 Enterprise What is Enterprise Management? Enterprise risk management is a structured, consistent, and continuous process across the whole organization for

More information

DRAFT Report on Office of the Superintendent of Financial Report on Institutions Office of the Superintendent of Financial

DRAFT Report on Office of the Superintendent of Financial Report on Institutions Office of the Superintendent of Financial DRAFT Report on Office of the Superintendent of Financial Report on Institutions Office of the Superintendent of Financial Institutions Regulation Sector Approvals & Precedents Group Office of the Chief

More information

Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP

Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP 2 AGENDA About RLB / About Our Not-for-Profit Team Defining Risk Types of Organizational Risk

More information

The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework

The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework Dorothy Gjerdrum, ARM-P, Chair of the ISO 31000 US TAG and Executive Director,

More information

Matthew E. Breecher Breecher & Company PC November 12, 2008

Matthew E. Breecher Breecher & Company PC November 12, 2008 Applying COSO s Enterprise Risk Management Integrated Framework Matthew E. Breecher Breecher & Company PC November 12, 2008 The basic outline for this presentation was provided by: Objectives for the session:

More information

Risk Management Policy Adopted by:

Risk Management Policy Adopted by: Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009

More information

AMTRAK CORPORATE GOVERNANCE: Implementing a Risk Management Framework is Essential to Achieving Amtrak s Strategic Goals

AMTRAK CORPORATE GOVERNANCE: Implementing a Risk Management Framework is Essential to Achieving Amtrak s Strategic Goals AMTRAK CORPORATE GOVERNANCE: Implementing a Risk Management Framework is Essential to Achieving Amtrak s Strategic Goals Report No. OIG-A-2012-007 March 30, 2012 NATIONAL RAILROAD PASSENGER CORPORATION

More information

Mission/Purpose: Committee Responsibilities:

Mission/Purpose: Committee Responsibilities: Joint Charter of the Risk Assessment Committees of the Boards of Directors of New York Community Bancorp, Inc., New York Community Bank and New York Commercial Bank The following states the Joint Charter

More information

CSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting www.corostrandberg.

CSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting www.corostrandberg. Introduction CSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting www.corostrandberg.com June 2015 Companies which adopt CSR or sustainability 1

More information

Risk Assessment & Enterprise Risk Management

Risk Assessment & Enterprise Risk Management Risk Assessment & Enterprise Risk 1 Healthcare Corporate Governance Today s environment requires building a culture of risk awareness and management of risk across the organization, while formulating less

More information

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012 GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental

More information

Policy 10.105: Enterprise Risk Management Policy

Policy 10.105: Enterprise Risk Management Policy Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January

More information

Delphi Automotive PLC. Corporate Governance Guidelines

Delphi Automotive PLC. Corporate Governance Guidelines Delphi Automotive PLC Corporate Governance Guidelines TABLE OF CONTENTS DELPHI VISION AND VALUES... 3 Delphi Vision: Why We Exist and the Essence of Our Business... 3 Delphi Values: How We Conduct Ourselves...

More information

THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT

THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT Let me begin by thanking Baruch College for giving me the opportunity to present this year s prestigious Emanuel Saxe Lecture in Accounting.

More information

Internal Audit Report on. IT Security Access. January 2010. 2010 January - English - Information Technology - Security Access - FINAL.

Internal Audit Report on. IT Security Access. January 2010. 2010 January - English - Information Technology - Security Access - FINAL. Internal Audit Report on January 2010 2010 January - English - Information Technology - Security Access - FINAL.doc Contents Background...3 Introduction...3 IT Security Architecture,Diagram 1...4 Terms

More information

Business Resilience and Risk Management

Business Resilience and Risk Management Policy Business Resilience and Risk Management Document Number GOV-POL-37 1.0 Policy Statement Stanwell is committed to delivering a business resilience platform across all levels of the business and its

More information

Get More Out of Your Risk Assessment. Austin Chapter of the IIA

Get More Out of Your Risk Assessment. Austin Chapter of the IIA Get More Out of Your Risk Assessment Austin Chapter of the IIA Speakers Alyssa G. Martin, CPA Dallas Executive Partner, Advisory Services 25 years of public accounting experience, with a practice emphasis

More information

Export Development Canada

Export Development Canada Export Development Canada Special Examination Report 2009 Office of the Auditor General of Canada Bureau du vérificateur général du Canada Ce document est également publié en français. Office of the Auditor

More information

The transformation of IT Risk Management. kpmg.com

The transformation of IT Risk Management. kpmg.com The transformation of IT Risk Management kpmg.com The transformation of IT Risk Management The role of IT Risk Management Scope of IT risk management Examples of IT risk areas of focus How KPMG can help

More information

Fund Board Oversight of Risk Management. September 2011

Fund Board Oversight of Risk Management. September 2011 Fund Board Oversight of Risk Management September 2011 Nothing contained in this report is intended to serve as legal advice. Each investment company board should seek the advice of counsel for issues

More information

Analyzing Risks in Healthcare. February 12, 2014

Analyzing Risks in Healthcare. February 12, 2014 Analyzing s in Healthcare February 12, 2014 1 Content What is Enterprise Management (ERM) ERM Benefits ERM Standards / ISO 31000:2009 ERM Process Register ERM Governance Model s Q&A 2 What is Enterprise

More information

Aegon Global Compliance

Aegon Global Compliance Aegon Global Compliance GLOBAL Charter COMPLIANCE CHARTER aegon.com The Hague, June 1, 2013 Information sheet Target audience: All employees and management of Aegon companies Issued by: Aegon N.V. Group

More information

Strategic Risk Management for School Board Trustees

Strategic Risk Management for School Board Trustees Strategic Management for School Board Trustees A Management Process Framework May, 2012 Table of Contents Introduction Page I. Purpose....................................... 3 II. Applicability and Scope............................

More information

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc. JOB ANNOUNCEMENT Chief Security Officer, Cheniere Energy, Inc. Position Overview The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President

More information

HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE

HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE I. Committee Purpose The Risk Committee is appointed by the Board of Directors of HSBC Finance Corporation (the Corporation ) and is responsible,

More information

Enterprise Risk Management in Colleges and Universities

Enterprise Risk Management in Colleges and Universities Enterprise Risk Management in Colleges and Universities Cherry Bekaert & Holland, L.L.P. Neal Beggan, CISA, CRISC Shane Hester, CPA, CISA Cherry, Bekaert & Holland, L.L.P. The Firm of Choice. 1 Cherry,

More information

Enterprise Risk Management Handbook. June, 2010

Enterprise Risk Management Handbook. June, 2010 Enterprise Risk Management Handbook June, 2010 Table of Contents Overview... 4 What is Enterprise Risk Management?... 5 Why Undertake Enterprise Risk Management?... 6 Draft UW System ERM Vision, Mission,

More information

SEARCH PROFILE. Executive Director Policy, Planning and Legislative Services. Alberta Seniors and Housing. Executive Manager I

SEARCH PROFILE. Executive Director Policy, Planning and Legislative Services. Alberta Seniors and Housing. Executive Manager I SEARCH PROFILE Executive Director Policy, Planning and Legislative Services Alberta Seniors and Housing Executive Manager I Salary Range: $125,318 - $164,691 ($4,801.47 $6,310.03 bi-weekly) Limited Competition

More information

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Collaboration and communication between technical

More information

building a business case for governance, risk and compliance

building a business case for governance, risk and compliance building a business case for governance, risk and compliance contents introduction...3 assurance: THe last major business function To be integrated...3 current state of grc: THe challenges... 4 building

More information

OPERATIONAL RISK EXAMINATION TECHNIQUES

OPERATIONAL RISK EXAMINATION TECHNIQUES OPERATIONAL RISK EXAMINATION TECHNIQUES 1 OVERVIEW Examination Planning Oversight Policies, Procedures, and Limits Measurement, Monitoring, and MIS Internal Controls and Audit 2 Risk Assessment: Develop

More information

Enterprise Risk Management: Taking the First Steps

Enterprise Risk Management: Taking the First Steps Enterprise Risk Management: Taking the First Steps TN PRIMA, 2012 DOROTHY GJERDRUM, ARM, CIRM NOVEMBER 15, 2012 Agenda Goal: To understand how to begin to implement a broader approach to risk management

More information

Governance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.

Governance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb. Governance and Risk Management in the Public Sector Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.org 1 Agenda Governance, why is it important? Compliance

More information

Enterprise Risk Management at Pennsylvania State University (A) Strategy Implementation in a Decentralized Organization

Enterprise Risk Management at Pennsylvania State University (A) Strategy Implementation in a Decentralized Organization Enterprise Risk Management at Pennsylvania State University (A) Strategy Implementation in a Decentralized Organization Case study Reference no 308-372-1 This case was written by Assistant Professor Harvey

More information

STANDARD. Risk Assessment. Supply Chain Risk Management: A Compilation of Best Practices

STANDARD. Risk Assessment. Supply Chain Risk Management: A Compilation of Best Practices A S I S I N T E R N A T I O N A L Supply Chain Risk Management: Risk Assessment A Compilation of Best Practices ANSI/ASIS/RIMS SCRM.1-2014 RA.1-2015 STANDARD The worldwide leader in security standards

More information

Finance Division. Strategic Plan 2014-2019

Finance Division. Strategic Plan 2014-2019 Finance Division Strategic Plan 2014-2019 Introduction Finance Division The Finance Division of Carnegie Mellon University (CMU) provides financial management, enterprise planning and stewardship in support

More information

Enterprise IT Portfolio Governance and Management Model

Enterprise IT Portfolio Governance and Management Model STATE OF MICHIGAN Department of Information Technology Enterprise IT Portfolio Governance and Management Model NASCIO 2007 RECOGNITION AWARDS CATEGORY: IT PROJECT AND PORTFOLIO MANAGEMENT Enterprise IT

More information

Driving business performance with enterprise risk management

Driving business performance with enterprise risk management Driving business performance with enterprise risk management Empowering business managers to make smarter decisions that maximize value, reduce costs and balance risk with returns Contents: 1 Executive

More information

Principles for An. Effective Risk Appetite Framework

Principles for An. Effective Risk Appetite Framework Principles for An Effective Risk Appetite Framework 18 November 2013 Table of Contents Page I. Introduction... 1 II. Key definitions... 2 III. Principles... 3 1. Risk appetite framework... 3 1.1 An effective

More information

FINDING THE RISK IN RISK ASSESSMENTS NYSICA JULY 26, 2012. Presented by: Ken Shulman Internal Audit Director, New York State Insurance Fund

FINDING THE RISK IN RISK ASSESSMENTS NYSICA JULY 26, 2012. Presented by: Ken Shulman Internal Audit Director, New York State Insurance Fund FINDING THE RISK IN RISK ASSESSMENTS NYSICA JULY 26, 2012 Presented by: Ken Shulman Internal Audit Director, New York State Insurance Fund There are different risk assessments prepared: Annual risk assessment

More information

Consulting. PMOver Transforming the Program Management Office into a Results Management Office

Consulting. PMOver Transforming the Program Management Office into a Results Management Office Consulting PMOver Transforming the Management Office into a Results Management Office Executive summary Regardless of size and complexity, most programs encounter hurdles and issues. Many are able to address

More information

Board of Directors Meeting 12/04/2010. Operational Risk Management Charter

Board of Directors Meeting 12/04/2010. Operational Risk Management Charter Board of Directors Meeting 12/04/2010 Document approved Operational Risk Management Charter Table of contents A. INTRODUCTION...3 I. Background...3 II. Purpose and Scope...3 III. Definitions...3 B. GOVERNANCE...4

More information

LEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE

LEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE Committee of Sponsoring Organizations of the Treadway Commission Governance and Internal Control LEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE By The Institute of Internal Auditors Douglas J. Anderson

More information

University Audit and Compliance. Internal Controls Enterprise-Wide Risk Assessment

University Audit and Compliance. Internal Controls Enterprise-Wide Risk Assessment Internal Controls Enterprise-Wide Risk Assessment Balancing Risk and Controls In order to achieve goals and objectives, management needs to effectively balance risks and controls. Control procedures need

More information

IT Governance Charter

IT Governance Charter Version : 1.01 Date : 16 September 2009 IT Governance Network South Africa USA UK Switzerland www.itgovernance.co.za info@itgovernance.co.za 0825588732 IT Governance Network, Copyright 2009 Page 1 1 Terms

More information

Office of the Chief Information Officer

Office of the Chief Information Officer Office of the Chief Information Officer Business Plan: 2012 2015 Department / Ministère: Executive Council Date: November 15, 2012 1 P a g e This Page Left Intentionally Blank 2 P a g e Contents The Business

More information

CREDIT UNION CENTRAL OF CANADA NNUAL OVERNANCE REPORT

CREDIT UNION CENTRAL OF CANADA NNUAL OVERNANCE REPORT CREDIT UNION CENTRAL OF CANADA 20 13 NNUAL OVERNANCE REPORT CREDIT UNION CENTRAL OF CANADA The 2013 Board of Directors 2013 Annual Governance Report Daniel Burns, Chair Central 1 Credit Union Graham Wetter,

More information

Managing Risk at Bank of America Corporation. Overview

Managing Risk at Bank of America Corporation. Overview Managing Risk at Bank of America Corporation Overview Risk is inherent in every material business activity that we undertake. Our business exposes us to strategic, credit, market, liquidity, compliance,

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Bailador Technology Investments ACN 601 048 275 adopted on 25 September 2014 1 Introduction -------------------------------------------------------------------------------------------------

More information

Designing an Operational Risk Program for a Community Bank Stephan Salvador Managing Director, Risk Management Consulting

Designing an Operational Risk Program for a Community Bank Stephan Salvador Managing Director, Risk Management Consulting Consulting and Professional Services Designing an Operational Risk Program for a Community Bank Stephan Salvador Managing Director, Risk Management Consulting Designing an Operational Risk Program for

More information

SOLUTION BRIEF: CA CLARITY GRANTS MANAGER. CA Clarity Grants Manager

SOLUTION BRIEF: CA CLARITY GRANTS MANAGER. CA Clarity Grants Manager SOLUTION BRIEF: CA CLARITY GRANTS MANAGER CA Clarity Grants Manager Q: How Can I Manage the Entire Grants Lifecycle and Meet My Reporting and Transparency Requirements? A: CA Clarity Grants Manager helps

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ROCKHAMPTON REGIONAL COUNCIL ENTERPRISE RISK MANAGEMENT FRAMEWORK 2013 Adopted 25 June 2013 Reviewed: October 2015 TABLE OF CONTENTS 1. Introduction... 3 1.1 Council s Mission... 3 1.2 Council s Values...

More information

Tailoring enterprise risk management strategies to the Main-Street insurer

Tailoring enterprise risk management strategies to the Main-Street insurer Tailoring enterprise risk management strategies to the Main-Street insurer Prepared by: Jay Golonka, Partner, McGladrey LLP 816.751.1830, jay.golonka@mcgladrey.com Discussions of Enterprise Risk Management

More information

Board Oversight Plan of Risk Management, Internal Audit, and COPS Programs

Board Oversight Plan of Risk Management, Internal Audit, and COPS Programs Board Oversight Plan of Risk Management, Internal Audit, and COPS Programs Date Prepared: June 27, 2011 Page 1 The Order states: Within ninety (90) days of this Order, the Board shall submit to the Regional

More information

Enterprise Risk Management & Information Technology

Enterprise Risk Management & Information Technology Enterprise Risk Management & Information Technology Presented by Scott Perry and Gary Ross Slalom Consulting, San Francisco Agenda Introductions Session Objectives Overview of Enterprise Risk Management

More information

Agile Master Data Management TM : Data Governance in Action. A whitepaper by First San Francisco Partners

Agile Master Data Management TM : Data Governance in Action. A whitepaper by First San Francisco Partners Agile Master Data Management TM : Data Governance in Action A whitepaper by First San Francisco Partners First San Francisco Partners Whitepaper Executive Summary What do data management, master data management,

More information

A CobiT Case Study. Drawing on CobiT for the implementation of an Enterprise Risk Management Framework. December 2008

A CobiT Case Study. Drawing on CobiT for the implementation of an Enterprise Risk Management Framework. December 2008 A CobiT Case Study Drawing on CobiT for the implementation of an Enterprise Risk Management Framework December 2008 Presenter: Clive E. Waugh, CISSP C/EH 1 Risk Management Framework Objectives CobiT provided

More information

Chief Integrity and Compliance Officer. St. Joseph s Hospital and Health Center Syracuse, New York

Chief Integrity and Compliance Officer. St. Joseph s Hospital and Health Center Syracuse, New York Chief Integrity and Compliance Officer St. Joseph s Hospital and Health Center Syracuse, New York Position Specification June 2016 400 TradeCenter, Suite 5900, Woburn, MA 01801 781-938-1975 www.zurickdavis.com

More information

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014 WOOLWORTHS HOLDINGS LIMITED CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 This table is a useful reference to each of the King III principles

More information

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed

More information

Final. North Carolina Procurement Transformation. Governance Model March 11, 2011

Final. North Carolina Procurement Transformation. Governance Model March 11, 2011 North Carolina Procurement Transformation Governance Model March 11, 2011 Executive Summary Design Approach Process Governance Model Overview Recommended Governance Structure Recommended Governance Processes

More information

Successfully identifying, assessing and managing risks for stakeholders

Successfully identifying, assessing and managing risks for stakeholders Introduction Names like Enron, Worldcom, Barings Bank and Menu Foods are household names but unfortunately as examples of what can go wrong. With these recent high profile business failures, people have

More information

Consumer Goods and Services

Consumer Goods and Services Accenture Risk Management Industry Report Consumer Goods and Services 2011 Global Risk Management Point of View Consumer Goods and Services 2011 Global Risk Management Point of View Consumer Goods and

More information