WHITE PAPER. Inside Information: What Business Leaders are Saying About the Complexities of Enterprise Risk Management (ERM)
|
|
- Myra Robinson
- 8 years ago
- Views:
Transcription
1 Inside Information: What Business Leaders are Saying About the Complexities of Enterprise Risk Management (ERM)
2 As the third quarter of 2012 marches to a close and the end of the year approaches, economic uncertainties abound as investors continue to seek stable markets. Daily there are new instances of fraud and white collar crime permeating the news, leaving those in leadership positions with the task of answering tough questions and striving to build businesses able to withstand the economic storm currently playing out on both a micro and macro level. Uncertainties about changes to the regulatory environment and overall economic condition of the United States remain a central focus of politicians and business people equally, particularly during a presidential election year. As a thriving market covers all sins, the inverse has also proven to be true in the current economic environment as fraud is still pervasive and presents itself on a regular basis. This realization has left business leaders and law makers asking the question What measures should be undertaken to prevent this cycle from perpetuating itself? Since the onset of the financial crisis in 2008 and the resulting market corrections, politicians, scholars and the like have studied the causes, effects and outcomes in search of ways to prevent similar events from happening again. A quest for the contributing factors has led to new regulations as well as the implementation or redesign of corporate risk management programs. The industry response to these undertakings appears to be mixed. According to a survey 1 of over 400 C-level executives across the United States conducted by Mesirow Financial Consulting ( MFC ), nearly 40 percent of respondents felt that regulation has a very negative impact on their industry because it impedes the ability of business to grow. An overwhelming majority (78.5 percent) felt that their company had appropriate protocols in place to identify potential business risk, while 60.9 percent of the same respondents indicated they do not have an Enterprise Risk Management ( ERM ) program in place. Startlingly, 82.9 percent of those respondents without an ERM program in place also indicated that they are not looking to implement an enterprise-wide risk mitigation program. If that is the case, how do corporate executives evaluate risk mitigation programs while ensuring they are properly considering all potential risk factors facing their organizations? The History of Enterprise Risk Management (ERM) The advent of ERM can be traced back to compliance measures enacted in response to the Foreign Corrupt Practices Act in the late 1970s as well as the billion dollar failures in the financial sector in the mid-1990s. With the subsequent high-profile collapses of Tyco, Enron, WorldCom and others, greater and more stringent focus was placed on evaluating internal controls, risk management and corporate governance. In 2004, the Committee of Sponsoring Organizations of the Treadway Commission ( COSO ) 2 published a document to provide guidelines and best practices in the design and development of an enterprise-wide risk monitoring and management system. This initiative was led by a group of accounting and finance organizations and, as a result, was primarily formed on the basis of an accounting and audit methodology. According to a 2009 article by Michael Power, the Director of the Centre for the Analysis of Risk and Regulation at the London School of Economics, there is a necessary balance between a risk management program consisting of audit-type operational controls and the development of a holistic, dynamic and multi-faceted ERM program. He states the risk management of nothing and the impact of a model created on preserving the logic of the audit trail, rather than a boundary-challenging practice which confronts and addresses the complex realities of interconnectedness 3 results in the creation of a risk mitigation process focused 1 Mesirow Financial Consulting contracted IBOPE Zogby International to conduct an online survey of more than 400 C-level executives across the United States. The margin of error is +/- 5.0 percentage points 2 The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a joint initiative of the American Accounting Association, American Institute of CPA s, Financial Executives International, The Association of Accountants and Finance Professionals in Business and The Institute of Internal Auditors. It is dedicated to providing thought leadership through the development of frameworks and guidance on enterprise risk management, internal control and fraud deterrence. 3 Power, M. (2009). The risk management of nothing. Accounting, Organizations and Society,
3 only on quantifiable risks. The exclusion of the non-quantifiable risks is problematic as it oversimplifies the operating environment of many businesses and the creation of a check-the-box compliance exercise described as ERM by the numbers. 4 In a survey conducted in 2010, COSO found that in the six years since the implementation of the 2004 guidelines, 60 percent of the respondents indicated that their risk management tracking was informal and not enterprise wide. 5 These findings corroborate the results reported in the MFC survey conducted almost two years later and suggest that even with the passage of The Dodd-Frank Act ( Dodd-Frank ) in 2010, corporations are still struggling with the concept of an enterprise-wide risk management system and continue to focus on defined, quantifiable elements of risk. The MFC survey also highlighted the fact that nearly 75 percent 6 of respondents feel they have done enough to prevent fraud and 68.3 percent feel they have done enough to protect whistleblowers. Moreover, nearly 80 percent reported that they had strong internal controls and an appropriate system in place to identify potential business risks. With the juxtaposition of the number of survey respondents who indicate they have appropriate controls in place relative to those respondents that state they do not currently have, nor do they plan to implement an ERM program, we are left to ponder what it all means in a period of increased public scrutiny, governance and regulation? Finding the Right Mix While the amount, type and administration methods of financial regulation can be controversial, it is a tool used by governments and businesses to increase transparency, maintain confidence and prevent wrongdoing internally and externally. Despite the survey strongly indicating that business leaders feel regulation has a very negative impact on their industries, the results also indicated that the largest percentage of those surveyed feel there are too few regulations in the areas of anti-fraud, anti-corruption and insider trading. Financial regulation empowers and requires organizations to monitor activities and to manage risk to the business as well as the marketplace. From a macro perspective, this is carried out through various government agencies and federal and state lawmakers. Financial regulation aims to identify risks that arise out of the interconnectedness of U.S. business and financial institutions and provide a tool and window into businesses to be sure that laws are being obeyed and ultimately investors and interested parties are being protected. Conversely, from a micro angle, financial regulation manifests itself through internal corporate governance and ERM programs. Regulatory requirements are a part of the overall framework companies can use to develop a robust risk management program. If done correctly, a robust risk management program complements a firm s unique relationship with government and regulators in the context of their business and industry. When developing an ERM system, it is essential to identify and assess quantifiable and qualifiable risks to ensure their proper handling comprehensively across an organization. This assessment includes the necessary step of considering how these risks are measured, evaluated and tied to individual performance and rewards. A 2010 study found that there are three unique types of ERM programs that companies attempt to integrate into their organization: compliance, corporate governance and pervasive performance. 7 The compliance model of ERM is predominately focused on the internal management of risk and tends to be based on the audit methodology of internal controls. 4 Arena, M., Arnaboldi, M., & Azzone, G. (2010). The organizational dynamics of Enterprise Risk Management. Accounting, Organizations and Society, COSO s 2010 Report on ERM 6 Approximately 73.3 percent 7 Arena, M., Arnaboldi, M., & Azzone, G. (2010). The organizational dynamics of Enterprise Risk Management. Accounting, Organizations and Society,
4 This focus does not provide employees a mechanism to identify unknown risks as they are only attentive to the sources of risks they already know. The corporate governance model of ERM is focused on identifying mostly known internal risks, but simultaneously providing the external market (and customers and shareholders) a feeling of assurance regarding the ERM program in place. This type of ERM program is still not holistically embedded in the organization and does not provide the basis for employee autonomy in the identification of new risks or threats. Pervasive performance, however, attempts to marry the organization s and the employee s responsibility to identify, manage and communicate risk issues. By creating a sense of shared ownership in risk management, the pervasive performance model of ERM creates a culture of action whereby managers and line employees assess each of their actions and the potential impact in the framework of a holistic risk management program. Recommendations When considering improvement to businesses, the implementation of a strong ERM / Internal Controls program is essential. Key steps to consider include: n Provide employees examples of risks that they play a hand in controlling and ask for them to critically assess and communicate other risks that they may not be currently focused on. n Include elements of risk management in employee presentations and communications, in addition to providing tangible reminders of the ERM program in the form of placards or desk tombstones. This is important as creating an enterprise-wide culture of risk management requires constant communication and branding of the effort. n Use historical examples to highlight pertinent instances where unexpected failures occurred. n Move the conversation away from ERM as a concept of things to be measured or reports to be generated and move towards a more strategic discussion of the various risks and issues that impact the business, identifying specifically what employees can help assess and control. n Ensure that performance management and reward plans give appropriate consideration for an employee s success or failure in helping to manage and mitigate the various risk components they can control. 3
5 About the Authors Kristin Trahan Winford is chief operating officer of MFC and has extensive experience with strategic operations and performance improvement services, corporate governance, enterprise risk management and the development and refinement of internal controls. With a strong background in global technology and professional services firms, Winford has a proven track record of partnering with executives to realize strategic business objectives, design highly effective organizational structures and ensure profitable growth. Currently, Winford leads all aspects of MFC s business operations and is chief operating officer of its global joint venture, BTG Mesirow Financial Consulting. Hannah Zeffiro is a senior associate and a member of MFC s Litigation, Investigative and Intelligence Services team. She has experience advising clients in fraud-related investigations, forensic accounting and other complex critical issues facing companies. 4
How To Get A Whistleblower Pass On A Corporation
FLORIDA SARBANES OXLEY ACT What a Whistleblower Needs to Know Corporations have a legal and moral obligation to both their employees and their investors to ensure that the company is both profitable and
More informationThe Upside of Risk: Enterprise Risk Management and Public Real Estate Companies
The Upside of Risk: Enterprise Risk Management and Public Real Estate Companies James Barkley, Simon Property Group, Inc. and David E. Weiss, DDR Corp. Introduction: As lawyers, particularly real estate
More informationENTERPRISE RISK MANAGEMENT FOR BANKS
ENTERPRISE RISK MANAGEMENT FOR BANKS Seshagiri Rao Vaidyula, Senior Manager, Governance, Risk and Compliance Jayaprakash Kavala, Consultant, Banking and Financial Services 1 www.wipro.com/industryresearch
More informationUnderstanding Enterprise Risk Management
Understanding Enterprise Risk Management Dr Alison Wakefield Senior Lecturer in Security Risk Management University of Portsmouth Head of the Research Directorate Security Institute Email: alison.wakefield@port.ac.uk
More informationHow To Understand And Understand Forensic Accounting
Forensic Accounting and Investigations University of Texas at Arlington 14 August 2013 Overview What is Forensic Accounting? Definition and Services The Forensic Accountant History Roles Within Organizations
More informationUNITED NATIONS OFFICE FOR PROJECT SERVICES. ORGANIZATIONAL DIRECTIVE No. 33. UNOPS Strategic Risk Management Planning Framework
UNOPS UNITED NATIONS OFFICE FOR PROJECT SERVICES Headquarters, Copenhagen O.D. No. 33 16 April 2010 ORGANIZATIONAL DIRECTIVE No. 33 UNOPS Strategic Risk Management Planning Framework 1. Introduction 1.1.
More informationThe Role of Internal Audit in Risk Governance
The Role of Internal Audit in Risk Governance How Organizations Are Positioning the Internal Audit Function to Support Their Approach to Risk Management Executive summary Risk is inherent in running any
More informationCAPABILITY STATEMENT CONTROL RISKS MEXICO
CAPABILITY STATEMENT CONTROL RISKS MEXICO GENERAL 15 AUGUST 2012 Control Risks Mexico, S.A. de C.V. Cottons Centre Cottons Lane London SE1 2QG United Kingdom T: +5255 5000 1700 www.controlrisks.com TABLE
More informationFraud-Related Compliance
Fraud-Related Compliance Areas of Compliance, Part 1: FCPA, SOX, PCAOB, Dodd-Frank 2015 Association of Certified Fraud Examiners, Inc. Foreign Corrupt Practices Act (FCPA) Enacted to prohibit corrupt payments
More informationIntegrating Risk Management with Performance Management * Margaret Woods Aston Business School
Integrating Risk Management with Performance Management * Margaret Woods Aston Business School Why Risk Management Matters Sometimes it is the things you don t see that really matter. Source: Enron Corporation
More informationfmswhitepaper Why community-based financial institutions should practice enterprise risk management.
fmswhitepaper Why community-based financial institutions should practice enterprise risk management. By Michael D. Cohn, CPA, CISA, CGEIT Director, WolfPAC Solutions Group Unique Insights Implementation
More informationACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES
THOMSON REUTERS ACCELUS ACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES PROACTIVE. CONNECTED. INFORMED. THOMSON REUTERS ACCELUS Compliance management Solutions Introduction The advent of new and pending
More informationORACLE ENTERPRISE GOVERNANCE, RISK, AND COMPLIANCE MANAGER FUSION EDITION
ORACLE ENTERPRISE GOVERNANCE, RISK, AND COMPLIANCE MANAGER FUSION EDITION KEY FEATURES AND BENEFITS Manage multiple GRC initiatives on a single consolidated platform Support unique areas of operation with
More informationUniversity of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No. 2008-19 June 2007
University of St. Gallen Law School Law and Economics Research Paper Series Working Paper No. 2008-19 June 2007 Enterprise Risk Management A View from the Insurance Industry Wolfgang Errath and Andreas
More informationDRIVING ENTERPRISE RISK MANAGEMENT BEST PRACTICES FOR ENERGY FIRMS
DRIVING ENTERPRISE RISK MANAGEMENT BEST PRACTICES FOR ENERGY FIRMS The views and opinions expressed in this paper are those of the author and do not necessarily reflect the official policy or position
More informationA Risk-Based Audit Strategy November 2006 Internal Audit Department
Mental Health Mental Retardation Authority of Harris County ENTERPRISE RISK MANAGEMENT A Framework For Assessing, Evaluating And Measuring Our Agency s Risk A Risk-Based Audit Strategy November 2006 Internal
More informationEnterprise Risk Management: COSO, New COSO, ISO 31000. Review of ERM
Enterprise Risk Management: COSO, New COSO, Dr. Hugh Van Seaton, Ed. D., CSSGB, CGMA, CPA Review of ERM COSO a process, effected by an entity's board of directors, management and other personnel, applied
More informationEnterprise Risk Management
Enterprise Risk Management Topic Gateway Series No. 49 1 Prepared by Jasmin Harvey and Technical Information Service July 2008 About Topic Gateways Topic Gateways are intended as a refresher or introduction
More informationEnterprise Risk Management
Cayman Islands Society of Professional Accountants Enterprise Risk Management March 19, 2015 Dr. Sandra B. Richtermeyer, CPA, CMA What is Risk Management? Risk management is a process, effected by an entity's
More informationRisk Management. Did you know? What is Risk Management?
Risk Did you know? Financial services organizations help people buy houses, build businesses and protect their families financially. Banks, insurance companies, asset managers, pension administrators and
More informationFraud Prevention and Deterrence
Fraud Prevention and Deterrence Fraud Risk Assessment 2016 Association of Certified Fraud Examiners, Inc. What Is Fraud Risk? The vulnerability that an organization faces from individuals capable of combining
More informationEnhancing IT Governance, Risk and Compliance Management (IT GRC)
Enhancing IT Governance, Risk and Compliance Management (IT GRC) Enabling Reliable eservices Tawfiq F. Alrushaid Saudi Aramco Agenda GRC Overview IT GRC Introduction IT Governance IT Risk Management IT
More informationHow To Save Money At The University Of California
THE UNIVERSITY OF CALIFORNIA ERM PROGRAM REDUCES THE COSTS OF RISK AND BORROWING BY JOHN BUGALLA AND KRISTINA NARVAEZ In December 2005, the University of California s Department of Risk Management was
More informationThe Role of the Board in Enterprise Risk Management
Enterprise Risk The Role of the Board in Enterprise Risk Management The board of directors plays an essential role in ensuring that an effective ERM program is in place. Governance, policy, and assurance
More information1. Corporate Governance Corporate governance is discussed in the French-language document de référence in section 1.2. Gouvernement d entreprise.
Report of the Chairman of the Board of Directors as presented in the French-language document de référence (Section L. 225-37 of the French Commercial Code) In preparing this report, the Chairman consulted
More informationInforming the audit risk assessment Enquiries to those charged with governance Calderdale Council. Year ended 31 March 2013
Informing the audit risk assessment Enquiries to those charged with governance Calderdale Council This version of the report is a draft. Its contents and subject matter remain under review and its contents
More informationSOX and its effects on IT Security Governance
SOX and its effects on IT Security Governance Rosslin John Robles 1, Min-kyu Choi 1, Sung-Eon Cho 2, Yang-seon Lee 2, Tai-hoon Kim 1 School of Multimedia, Hannam University, Daejeon, Korea 2 Dept of Information
More informationContracts Management Software as a Tool for SOX Compliance
Contracts Management Software as a Tool for SOX Compliance White Paper (281) 334-6970 sales@prodagio.com www.prodagio.com In 2002, following the scandals involving corporations such as Enron, WorldCom,
More informationSHARED SERVICES. An Enabler for Managing Risk. Steve Tracy, Principal Consultant, ISG. www.isg-one.com
SHARED SERVICES An Enabler for Managing Risk Steve Tracy, Principal Consultant, ISG www.isg-one.com INTRODUCTION During the last few years, companies have become increasingly focused on the need for effective
More informationEnterprise risk management: A pragmatic, four-phase implementation plan
Enterprise risk management: A pragmatic, four-phase implementation plan Prepared by: John Brackett, Managing Director, Risk Advisory Services, RSM McGladrey, Inc. 704.442.3820, john.brackett@mcgladrey.com
More information6 TH ANNUAL JOINT ACFE & IIA FRAUD CONFERENCE The Whistleblower Programs. April 17, 2015. Presented by:
6 TH ANNUAL JOINT ACFE & IIA FRAUD CONFERENCE The Whistleblower Programs April 17, 2015 1 PRESENTER MARCIA NARINE COMPLIANCE ADVISOR Marcia Narine serves as Compliance Advisor for MDOPartners. She is also
More informationDriving business performance with enterprise risk management
Driving business performance with enterprise risk management Empowering business managers to make smarter decisions that maximize value, reduce costs and balance risk with returns Contents: 1 Executive
More informationWFP ENTERPRISE RISK MANAGEMENT POLICY
WFP ENTERPRISE RISK MANAGEMENT POLICY Informal Consultation 3 March 2015 World Food Programme Rome, Italy EXECUTIVE SUMMARY For many organizations, risk management is about minimizing the risk to achievement
More informationEffective Enterprise Risk Management with ErmsCo ERM Foundation
Executive Brief Effective Enterprise Risk Management with ErmsCo ERM Foundation Introduction to ErmsCo About ErmsCo ErmsCo is a consulting and training firm that focuses on assisting financial institutions
More informationTake the right steps 9 principles for building the Risk Intelligent Enterprise
Take the right steps 9 principles for building the Risk Intelligent Enterprise Contents 9 principles for building a Risk Intelligent Enterprise 2 The Risk Intelligent Framework 4 1. Is risk a threat or
More informationMASTER OF JURISPRUDENCE AND GRADUATE CERTIFICATE PROGRAMS COURSE DESCRIPTIONS
MASTER OF JURISPRUDENCE AND GRADUATE CERTIFICATE PROGRAMS COURSE DESCRIPTIONS MJ 726: AGENCY REGULATIONS Elective (2 credit hours) This course studies the law governing administrative agencies in the task
More informationENTERPRISE RISK MANAGEMENT POLICY
ENTERPRISE RISK MANAGEMENT POLICY TITLE OF POLICY POLICY OWNER POLICY CHAMPION DOCUMENT HISTORY: Policy Title Status Enterprise Risk Management Policy (current, revised, no change, redundant) Approving
More informationENTERPRISE RISK MANAGEMENT FRAMEWORK
ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...
More informationExport Development Canada
Export Development Canada Special Examination Report 2009 Office of the Auditor General of Canada Bureau du vérificateur général du Canada Ce document est également publié en français. Office of the Auditor
More informationHow To Reward A Whistleblower
Davis Polk Webcast SEC Whistleblower Rules: What You Need to Know Presented by Angela T. Burgess William M. Kelly Linda Chatman Thomsen June 7, 2011 Davis Polk & Wardwell LLP Today s Discussion Overview
More informationWhat's Next for the Year-Old SEC Whistleblower Program? By: Marc S. Raspanti, Esq. and Bryan S. Neft, Esq.
What's Next for the Year-Old SEC Whistleblower Program? By: Marc S. Raspanti, Esq. and Bryan S. Neft, Esq. COMMENTARY For years, the Securities and Exchange Commission had a whistleblower program in place
More informationIT Audit Perspective on Continuous Auditing/ Continuous Monitoring KPMG LLP
IT Audit Perspective on Continuous Auditing/ Continuous Monitoring KPMG LLP IT Audit Perspective on Continuous Auditing/Continuous Monitoring INTRODUCTION New demands from the board, senior organizational
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationRisk management + Strategic planning IT TAKES AN ENTIRE ORGANIZATION
1 Risk management + Strategic planning IT TAKES AN ENTIRE ORGANIZATION Background 2 Technology has become the central component of business operations Businesses have become more vulnerable to risks associated
More informationRMBC s Governance Framework for Significant Partnerships
RMBC s Governance Framework for Significant Partnerships 1.0 Introduction 1.1 Corporate governance describes how organisations direct and control what they do. For a council, this includes how it relates
More informationThe Changing Landscape for Trade Compliance Enterprise Risk (and Opportunity) Management
The Changing Landscape for Trade Compliance Enterprise Risk (and Opportunity) Management API International Trade and Customs Conference H. Michael Leightman, Partner Customs and International Trade Practice
More informationTrends Impacting HR s Role in Enterprise Risk Management
Trends Impacting HR s Role in Enterprise Risk Management INTRODUCTION The management consulting firm, Deloitte, produced an astounding report titled, Human Capital Trends 2012: Leap Ahead. The report pointed
More informationTHE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT
THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT Let me begin by thanking Baruch College for giving me the opportunity to present this year s prestigious Emanuel Saxe Lecture in Accounting.
More informationKNOW YOUR THIRD PARTY
Thomson Reuters KNOW YOUR THIRD PARTY EXECUTIVE SUMMARY The drive to improve profitability and streamline operations motivates many organizations to collaborate with other businesses, increase outsourcing
More informationMicrosoft Confidential
Brock Phillips, CPA, CFE, CCEP Forensic Accounting Sr. Manager Financial Integrity Unit Microsoft Audit Group Lou DeCola, CPA, CIA, CFE Forensic Accounting Sr. Manager Financial Integrity Unit Microsoft
More informationSaldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology
Inclusive of, framework, procedures and methodology Contents 1 Introduction 1 1.1 Legislative Framework and best practice 1 1.2 Purpose of Enterprise Risk Management 2 1.3 Scope and Applicability 3 1.4
More informationENTERPRISE RISK MANAGEMENT FRAMEWORK
ROCKHAMPTON REGIONAL COUNCIL ENTERPRISE RISK MANAGEMENT FRAMEWORK 2013 Adopted 25 June 2013 Reviewed: October 2015 TABLE OF CONTENTS 1. Introduction... 3 1.1 Council s Mission... 3 1.2 Council s Values...
More informationUniversity Audit and Compliance. Internal Controls Enterprise-Wide Risk Assessment
Internal Controls Enterprise-Wide Risk Assessment Balancing Risk and Controls In order to achieve goals and objectives, management needs to effectively balance risks and controls. Control procedures need
More informationMaximizing Recoveries from Securities Class Action Settlements. A Financial Recovery Technologies Whitepaper
Maximizing Recoveries from Securities Class Action Settlements A Financial Recovery Technologies Whitepaper Summary According to NERA Economic Consulting, over 2,200 federal securities class actions have
More informationOWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT
OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT ERM as the foundation for regulatory compliance and strategic business decision making CONTENTS Introduction... 3 Steps to developing an
More informationSarbanes-Oxley Compliance: Section 404-Past, Present, and Future
Sarbanes-Oxley Compliance: Section 404-Past, Present, and Future BADM 590/395 IT Governance MS1 Professor Michael Shaw Submitted by: Amy Smith BA in MIS University of Illinois at Urbana-Champaign Smith
More informationBusiness Continuity Standards A Primer
INTELLIGENT NOTIFICATION Alphabet Soup: Making Sense of BC/DR Standards Part 1: Business Continuity Standards A Primer Why all the attention now? One of the hottest topics in BC/DR these days is standards.
More informationIIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT
IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT Revised: Page 1 of 8 Introduction The importance to strong corporate governance of managing risk has been increasingly
More informationBusiness Continuity Management
Business Continuity Management Factsheet To prepare for change, change the way you prepare In an intensely competitive environment, a permanent market presence is essential in order to satisfy customers
More informationOrganization transformation in times of change
Organization transformation in times of change Insurance is sold, not bought is a phrase of unknown attribution, but common wisdom for decades. Thus, insurers and most financial services organizations
More informationFramework for Enterprise Risk Management
Framework for Enterprise Risk Management 2013 Johnson & Johnson Contents Introduction.... 4 J&J Strategic Framework... 5 What is Risk?.......................................................... 7 J&J Approach
More informationExecutiveAction Series
ExecutiveAction Series Corporate Oversight and Stakeholder Lines of Defense Stakeholders Demand a Critical Review of Corporate Oversight by Sean Lyons The financial crisis of 2008 exposed weaknesses in
More informationTHOMSON REUTERS ACCELUS. The FCA: A Game Changer
THOMSON REUTERS ACCELUS The FCA: A Game Changer for Company Training Statement of intent This whitepaper, brought to you by Thomson Reuters, discusses the implications of the new financial regulatory framework
More informationLeveraging Network and Vulnerability metrics Using RedSeal
SOLUTION BRIEF Transforming IT Security Management Via Outcome-Oriented Metrics Leveraging Network and Vulnerability metrics Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965 Freedom
More informationInvestment Management: Rising to the Risk and Compliance Challenge kpmg.com
KPMG Regulatory Risk and Compliance Practice Investment Management: Rising to the Risk and Compliance Challenge kpmg.com CONTENTS New Regulatory Frontiers: Forging Ahead in a Changing Landscape 1 A Proactive
More informationDefining and Managing Reputation Risk
BEIJING BRUSSELS CHICAGO DALLAS FRANKFURT GENEVA HONG KONG HOUSTON LONDON LOS ANGELES NEW YORK PALO ALTO SAN FRANCISCO SHANGHAI SINGAPORE SYDNEY TOKYO WASHINGTON, D.C. Defining and Managing Reputation
More informationU.S. SQUASH Whistleblower Policy
General The United States Squash Racquets Association, Inc. d/b/a U.S. SQUASH ( U.S. SQUASH ) Ethics, Principles and Conflict of Interest Policy ( Ethics Policy ) requires directors, officers and employees
More informationSTANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework
STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES ENTERPRISE RISK MANAGEMENT Framework September 2011 Notice This document is intended as a reference tool to assist Ontario credit unions to develop an
More informationThe AICPA s Enterprise Risk Management Initiative
The AICPA s Enterprise Risk Management Initiative For more information and resources on ERM, visit aicpa.org/erm Table of Contents Introduction... 1 A New Endeavor... 2 Cross-Functional Collaboration...
More informationSuccessfully identifying, assessing and managing risks for stakeholders
Introduction Names like Enron, Worldcom, Barings Bank and Menu Foods are household names but unfortunately as examples of what can go wrong. With these recent high profile business failures, people have
More informationA Risk Management Standard
A Risk Management Standard Introduction This Risk Management Standard is the result of work by a team drawn from the major risk management organisations in the UK, including the Institute of Risk management
More informationThe Importance of Taking a Pro-Active Approach to Risk Management in the LPL Marketplace.
The Importance of Taking a Pro-Active Approach to Risk Management in the LPL Marketplace. WHITE PAPER A White Paper for Risk Management in the Lawyers Professional Liability Market LPL Risk Management
More informationCOCA-COLA HELLENIC BOTTLING COMPANY RISK MANAGEMENT POLICY
COCA-COLA HELLENIC BOTTLING COMPANY RISK MANAGEMENT POLICY 1. INTRODUCTION The effective management of risk is central to the ongoing success and resilience of Coca-Cola Hellenic Bottling Company (CCHBC).
More informationInternal Controls and Risk Management Report
42 Internal Controls and Risk Management Report Responsibility Our Board of Directors has the overall responsibility to ensure that sound and effective internal controls are maintained, while management
More informationSarbanes-Oxley: Challenges and Opportunities in the New Regulatory Environment
Doculabs White Paper Sarbanes-Oxley: Challenges and Opportunities in the New Regulatory Environment The Sarbanes-Oxley Act of 2002 (Sarbanes-Oxley) has ushered in sweeping changes to corporate governance,
More informationContinuous Auditing / Continuous Monitoring
Continuous Auditing / Continuous Monitoring Using Technology to Drive Value by Managing Risk and Improving Performance KPMG LLP Introduction As business risks of all kinds continue to proliferate, management
More informationMobility Intelligence
transforming the mobile enterprise Mobility Intelligence White Paper Where Business Intelligence meets the Mobile Enterprise EXECUTIVE SUMMARY Business Intelligence (BI) has become a strategic enabler
More informationInternal Auditing Guidelines
Internal Auditing Guidelines Recommendations on Internal Auditing for Lottery Operators Issued by the WLA Security and Risk Management Committee V1.0, March 2007 The WLA Internal Auditing Guidelines may
More informationFlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk
Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk 2012 The Flynt Group, Inc., All Rights Reserved FlyntGroup.com Enterprise Risk Management and Business
More informationSurviving an Identity Audit
What small and midsize organizations need to know about the identity portion of an IT compliance audit Whitepaper Contents Executive Overview.......................................... 2 Introduction..............................................
More informationDeciding what opportunities to fund, which risks to protect
Deciding what opportunities to fund, which risks to protect The critical role of enterprise risk management in strategic decision making By Linda Conrad Director of Strategic Business Risk Zurich Global
More informationEnterprise-Wide Risk Assessment
Enterprise-Wide Risk Assessment Agenda 1. Definition of risk. 2. Risk drivers in higher education today. 3. Implementing an enterprise-wide risk management (ERM) program to effectively assess, manage,
More informationBend the administrative cost curve with payment integrity best practices
Bend the administrative cost curve with payment integrity best practices Expert presenters Donna Holmes, Vice President, Operations Consulting Health plans currently transforming their business models
More informationMatthew E. Breecher Breecher & Company PC November 12, 2008
Applying COSO s Enterprise Risk Management Integrated Framework Matthew E. Breecher Breecher & Company PC November 12, 2008 The basic outline for this presentation was provided by: Objectives for the session:
More informationTechnology Services Strategic Plan
Technology Services Strategic Plan 2014 Table of Contents A Changing Landscape... 3 Values... 4 Technology Services Goals... 5 Employee Engagement... 6 Operational Efficiency... 7 Agency Satisfaction...
More informationFraud Risk Management
Fraud Risk Management Overview Discussion Questions 1) Does your organization follow a specific risk management model? If so, which one? Do you think this model adequately addresses the risks your organization
More informationCONTINUOUS CONTROLS MONITORING
Clarity. Certainty. Confidence. CONTINUOUS CONTROLS MONITORING Support Regulatory Compliance Improve Cost Management Drive Operational Performance Executives today are more challenged than ever to make
More informationConsumer Goods and Services
Accenture Risk Management Industry Report Consumer Goods and Services 2011 Global Risk Management Point of View Consumer Goods and Services 2011 Global Risk Management Point of View Consumer Goods and
More informationCOMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS COMPLIANCE MANAGEMENT SOLUTIONS
THOMSON REUTERS ACCELUS COMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS Our solutions dynamically connect business transactions, strategy, and operations to the ever-changing regulatory environment,
More informationApplying Integrated Risk Management Scenarios for Improving Enterprise Governance
Applying Integrated Risk Management Scenarios for Improving Enterprise Governance János Ivanyos Trusted Business Partners Ltd, Budapest, Hungary, ivanyos@trusted.hu Abstract: The term of scenario is used
More informationIFAD Policy on Enterprise Risk Management
Document: EB 2008/94/R.4 Agenda: 5 Date: 6 August 2008 Distribution: Public Original: English E IFAD Policy on Enterprise Risk Management Executive Board Ninety-fourth Session Rome, 10-11 September 2008
More informationIFRS 10 Consolidated Financial Statements and IFRS 12 Disclosure of Interests in Other Entities
September 2011 (updated July 2013) Effect analysis IFRS 10 Consolidated Financial Statements and IFRS 12 Disclosure of Interests in Other Entities The IASB s approach to effect analysis Before we issue
More informationCORPORATE GOVERNANCE AND THE ROLE OF MANAGEMENT. Dr. Tariq Hassan
CORPORATE GOVERNANCE AND THE ROLE OF MANAGEMENT Dr. Tariq Hassan Dr. Ishrat Husain, Honorable Governor, State Bank of Pakistan Mr. Javed Iqbal, President, Management Association of Pakistan Distinguished
More informationDeloitte Adriatic Forensic Services Save 5% of your income. Say NO to fraud.
Deloitte Adriatic Forensic Services Save 5% of your income. Say NO to fraud. The only way to know your future is to create it. Let s do it together! Dear Clients, As a result of the economic recession,
More informationPolicy 10.105: Enterprise Risk Management Policy
Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January
More informationInvestor Contact: 302-774-4994
Media Contact: Dan Turner 302-996-8372 daniel.a.turner@dupont.com Investor Contact: 302-774-4994 Ellen Kullman to Retire as Chair and CEO of DuPont Edward Breen, DuPont Board Member, to Serve as Interim
More informationSponsored by the international insurance firm AON Global, Hong Kong
The Governance of Critical Risk - the new frontier in corporate governance Sponsored by the international insurance firm AON Global, Hong Kong Most boards now recognize the significance of enterprise risk
More informationengage. empower. evolve. SARBANES-OXLEY COMPLIANCE
engage. empower. evolve. SARBANES-OXLEY COMPLIANCE engage. empower. evolve. OVERVIEW OF THE SARBANES-OXLEY ACT The Sarbanes-Oxley Act of 2002 is the single most important piece of legislation affecting
More information1. What Is Risk? 3. Perspectives on Risk. Risk Management. 6. Characteristics of Risk Management 7. Advantages of Risk Management
Risk Management 1. What Is Risk? 2. Why Do We Accept or Assume Risks? 3. Perspectives on Risk 4. What is Risk Management? 5. The Risk Management Process 6. Characteristics of Risk Management 7. Advantages
More informationServices Overview. Internal Audit & Assurance...Page 5. What Makes Us Different... Page 2. Board... Page 3. Fraud & Compliance.
Services Overview What Makes Us Different... Page 2 Board... Page 3 Board Risk Oversight Gap Assessments Board Risk Oversight Support Packages Officer/Director Litigation Support Management. Page 4 Sarbanes-Oxley
More information