Strategic Risk Management for School Board Trustees

Size: px
Start display at page:

Download "Strategic Risk Management for School Board Trustees"

Transcription

1 Strategic Management for School Board Trustees A Management Process Framework May, 2012

2 Table of Contents Introduction Page I. Purpose II. Applicability and Scope III. Basic Definitions Framework Application 1. Background Objectives Strategic Management Process Alignment Application of Strategic Management Process Long Term Planning References

3 3 I. Purpose The Strategic Management Framework is intended to provide guidance to school board trustees in the development and implementation of a Strategic Management Process. This document has been developed using a number of resources including the (COSO) Framework document entitled Enterprise Management Integrated Framework, as well as other published framework documents to assist in developing a basis for understanding strategic and enterprise risk management concepts and benefits and for school boards and their trustees. II. Applicability and Scope The Strategic Management Framework is relevant to all school board strategic and business functions and should be applied at every level of a school division. Distribution This is not a classified document and internal general distribution should be encouraged. III. Basic Definitions 1. Strategic Management Strategic Management is a process for identifying, assessing and managing risks and uncertainties, affected by internal and external events or scenarios that could inhibit an organization s ability to achieve its strategy and strategic objectives. 2. Strategic Management Process: The Strategic Management Process ensures that the methodology is documented and implemented to enable the organization to realize the advantages associated with the integrated management of risk events at a strategic and operational level. This is accomplished through the development of plans, comprehensive procedures and standardized provisions for Identification, Assessment, Response, guidance and Monitoring goals. (see page 8) 3. Philosophy: By realizing that risk is everyone s job, the school division can proactively identify risk. This framework provides the school board with the tools and capabilities to develop solutions that will enable it to reduce vulnerabilities. It allows the school board to develop risk mitigation activities and to anticipate and act on potential, risky opportunities.

4 4 4. Enterprise Management: The Enterprise Management ensures that a coherent and consolidated methodology is documented and implemented to enable the school board to realize the advantages associated with the integrated management of risk events at an organizational level. This is accomplished through the development of plans, comprehensive procedures and standardized provisions for Identification, Assessment, Response, guidance and Monitoring goals. 5. COSO Framework: The Committee of Sponsoring Organizations of the Treadway Commission (COSO) initiated a project to develop a conceptually sound framework providing integrated principles and guidance supporting entities programs to develop or benchmark their enterprise risk management process. Key elements include the explanation of underlying principles of enterprise risk management, as well as benefits, limitations, roles and responsibilities of various parties. 6. Critical Categories: Specific risks can be combined into similar categories to simplify the assessment process and identify related issues that may be of an enterprise nature. s of lower priority can be relegated to receive less attention, while high-risk (critical) issues can be focused on more quickly for mitigation or corrective action. 7. Vision: This is a vision that sets out how strategic risk management will be used and integrated within the strategic planning process. The risk vision discusses how the school board and its operating segments, will focus its attention on aligning risk appetite and strategy, enhancing risk response decisions, identifying and managing cross-enterprise risks, exploiting opportunities and assisting with determining the most efficient use of resources. 8. Appetite: The term considers broadly the levels of risks that the school board is prepared to accept. 9. Tolerance: The term establishes acceptable levels of variation around objectives. Operating within risk tolerances provides greater assurance that the school division is operating within the Board s risk appetite which, in turn, provides a higher degree of comfort that the school board will achieve its objectives. 10. : s are uncertain future events, decisions or initiatives that could influence the school board s ability to achieve its objectives.

5 5 1. Background Strategic risk management is an effective tool to help protect and enhance the strategic planning process by minimizing exposure, reducing uncertainty and maximizing opportunity. A disciplined approach to strategic risk management will help ensure strategic efforts are not diminished through avoidable loss as a result of change or uncertainty and will also harness an ability to seize emerging opportunities. Strategic risk management is an anticipatory, proactive process that becomes a key part of strategic planning. The intent of the strategic planning framework is to: provide a common culture, understanding and language to help overcome varying risk perceptions across the school division; guide the school board in achieving a better understanding of its risks; contribute to the development of risk awareness in decision making; and provide a consistent means with which risk identification and mitigation can be identified and implemented. 2. Objectives: The objective of this document is to provide guidelines for the strategic risk management process. It is important to note that the guidelines and recommendations provided are not exhaustive and are intended as general suggestions only. Because school boards are unique, they must develop strategic planning processes that are tailored to fit their own specific organizational needs. Nevertheless, it is hoped that the general guidelines noted herein will act as a stimulus to your school board in order to generate an effective strategic plan.

6 6 3. Strategic Management Process Alignment a. Alignment with planning, execution and measurement Strategic risk management framework is designed to help school boards meet their objectives through the alignment of mission and vision with day-to-day activities of the organization. b. Mission and Vision The mission and vision represents the starting point for setting the overall priorities of the school division. They establish the direction for the future and provide focus for the core operations of the organization. c. Strategic Planning Process With the mission and vision defined, the school board will make regular decisions that involve balancing the needs of stakeholders, risks and opportunities. Strategic objectives will be established that take this balancing process into account. The school board will then set specific performance targets for each strategic objective. The risks to the achievement of each objective will be identified and assessed. In prioritizing these risks, both the relative importance of the respective objectives and the potential impact of each risk will be considered. The school board will respond to each key risk and will expect the business units within the school division office to address each of the risks and develop mitigation options.

7 7 Mission Vision Strategic Strategic Planning Process Education Services Service Facilities Transportation Human Resources Operational Business Unit Plans Finance Process Identify Assess Respond Monitor Day-to-day Operations and Decision Making Process Operational d. School Division Business Units Business Unit plans set out actions required to make strategic objectives and selected risk responses a part of daily operations. These plans become the basis for setting the day-to-day priorities of the business operations and should help facilitate appropriate direction to its operating segments. While both internal and external factors pose risks to the strategic plan, the risk process at the school division level should consider the risks of delivering on expectations to support the school board s mission and strategic initiatives.

8 8 4. Application of the Strategic Management Process The strategic risk management model integrates the mission and vision setting with the establishment of strategic objectives, development of business plans and execution of operations on a day-to-day basis. The strategic risk management model provides a continuous means with which to the school board can validate objectives, identify roadblocks or hurdles, and develop and implement appropriate mitigation strategies. Identification register, risk context, categories and board level sponsorship Forward to appropriate mgmt level Assessment Likelihood, Impact, effectiveness of existing controls and Ratings Take next step or action Response define desired outcome, develop mitigation options, design control measures. Take next step or action Monitoring assess effectiveness, confirm expectations, reassess Tolerance a. Identification The first step in risk identification is to clearly identify the key strategic objectives. Next, the exposures, uncertainties and opportunities that relate to these objectives must be identified. The findings of this assessment provide the basis for the framework and will require continuous evaluation and updating. These need to be recorded in a risk register provided in the strategic risk management template. Where risks have been previously identified, steps will consist of confirming completeness with special consideration for changes in the planning or operational environment.

9 IMPACT 9 b. Assessment Once risks have been identified, they should be profiled and analyzed so that an appropriate mitigation strategy and action plan can be developed. s are to be profiled and prioritized on an ongoing basis to focus attention on the areas in which a response action is appropriate. s are characterized by: Severity the impact from insignificant (low) to catastrophic (high) of the potential occurrence on the achievement of objectives; and Probability the likelihood from rare (low) to almost certain (high) of the occurrence in the current environment. The risks will be prioritized based on a combination of the relative importance of the school board s strategic objectives to which the risks relate, and the profile of each risk relative to other identified risks. A comprehensive analysis of the risk must be performed to determine causal factors, such as personnel, funding, and technology, as well as the primary cause. This will necessitate a thorough understanding of the environment in which the objectives are set. For each risk category, specific symptoms or indicators are used to monitor the current state of the category. The summation of Impact and Likelihood provides a risk rating which represents the state of each particular risk category. The matrix appearing below will act as a dashboard for school boards to assist in the easy identification and prioritization of risks. Moderate Major Maximum Minor Moderate Major Matrix Minor Minor Moderate LIKELIHOOD c. Response Once risks have been analyzed, categorized and linked to strategic objectives a risk response can be developed to minimize unacceptable risk and maximize opportunity.

10 10 School boards have the following response options available to them: Accept the acceptance of within prescribed limits; Avoid the not undertaking the activity; Reduce the invest in Control mechanisms; and Transfer the cede or share the with others. The selected risk response should be specific to the circumstances considering the school boards mission, vision, costs, risk appetite and risk tolerance levels. Once a risk response strategy has been formulated, an action plan must be developed and implemented. These action plans may be captured in strategic initiatives, or individual performance objectives. Action plans should be supported by time-related deliverables with clear assignments of responsibility and accountability. Rating Likelihood Impact Consequences Action Indicated Maximum Drastic this could result in the complete failure of the initiative. Requires essential and immediate allocation and organization of resources within the program to manage/mitigate the risk. Establish plans and countermeasures. Assign a person to constantly monitor. Major Noticeable this will impact the strategy by delaying completion of tasks requiring investment of additional resources with the consequential increase in costs or the need to replan the work. Requires priority allocation of resources for management and/or mitigation. Establish plans and countermeasures. Assign a person to monitor at intervals. Moderate Some it may be that we cannot contain the disruption within existing time or budget contingencies, but are prepared to accept the consequences. Allocation of resources for study of the risk is desirable if available. Nominated person monitors the risk periodically. Minor Slight there is sufficient built-in contingency and the school board has the tools, techniques, resources, skills, finances, research facilities and network of contacts to contain the risk. identified and included in Report. reviewed periodically.

11 11 d. Monitoring Performance relative to the strategic risk management action plans should be monitored on an ongoing basis. This is accomplished through the establishment and monitoring of objective- and risk-related performance targets. 5. Long-Term and Ongoing Planning School boards should develop and maintain an active planning and review process of their strategic and operation plans. They should ensure the school division resources follow short and long-term goals and objectives and accomplish planning milestones. Specifically, long term planning should accomplish the following: ensure the school board is prepared to identify and respond to their unique situations that will affect their strategic goals and objectives; ensure the school board is prepared to take action to support their strategic objectives; provide a means of information sharing to ensure risks are coordinated between school boards and division offices and visa versa;

12 12 REFERENCES: 1. Enterprise Management Framework, Committee of Sponsoring Organizations of the Treadway Commission, September, Australia/New Zealand ERM Framework, AS/NZ4360, August, and Insurance Management Society - Strategic Management, Enterprise Management Framework (draft), November, Management Magazine - Development of Key Drivers, August, University of Washington Management Toolkit for Education 7. Business Continuity Planning A Frame work for Public Sector Organizations 8. University of Saskatchewan Presentation on the Value of Strategic Management for Board Members

The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework

The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework Dorothy Gjerdrum, ARM-P, Chair of the ISO 31000 US TAG and Executive Director,

More information

Enterprise Risk Management

Enterprise Risk Management 2013 Government Accounting and Auditing Update Enterprise Risk Management Understanding and Implementing an ERM Framework Mike Sargent, Director- CliftonLarsonAllen May 2013 cliftonlarsonallen.com Discussion

More information

Analyzing Risks in Healthcare. February 12, 2014

Analyzing Risks in Healthcare. February 12, 2014 Analyzing s in Healthcare February 12, 2014 1 Content What is Enterprise Management (ERM) ERM Benefits ERM Standards / ISO 31000:2009 ERM Process Register ERM Governance Model s Q&A 2 What is Enterprise

More information

Integrated Risk Management:

Integrated Risk Management: Integrated Risk Management: A Framework for Fraser Health For further information contact: Integrated Risk Management Fraser Health Corporate Office 300, 10334 152A Street Surrey, BC V3R 8T4 Phone: (604)

More information

Enterprise Risk Management

Enterprise Risk Management Cayman Islands Society of Professional Accountants Enterprise Risk Management March 19, 2015 Dr. Sandra B. Richtermeyer, CPA, CMA What is Risk Management? Risk management is a process, effected by an entity's

More information

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date

More information

IFAD Policy on Enterprise Risk Management

IFAD Policy on Enterprise Risk Management Document: EB 2008/94/R.4 Agenda: 5 Date: 6 August 2008 Distribution: Public Original: English E IFAD Policy on Enterprise Risk Management Executive Board Ninety-fourth Session Rome, 10-11 September 2008

More information

WFP ENTERPRISE RISK MANAGEMENT POLICY

WFP ENTERPRISE RISK MANAGEMENT POLICY WFP ENTERPRISE RISK MANAGEMENT POLICY Informal Consultation 3 March 2015 World Food Programme Rome, Italy EXECUTIVE SUMMARY For many organizations, risk management is about minimizing the risk to achievement

More information

IT Project Management Methodology. Project Risk Management Guide. Version 0.3

IT Project Management Methodology. Project Risk Management Guide. Version 0.3 NATIONAL INFORMATION TECHNOLOGY AUTHORITY - UGANDA IT Project Management Methodology Project Risk Management Guide Version 0.3 Project Risk Management Support Guide version 0.3 Page 1 Version Date Author

More information

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012 The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only Agenda Introduction Basic program components Recent trends in higher education risk management Why

More information

Saldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology

Saldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology Inclusive of, framework, procedures and methodology Contents 1 Introduction 1 1.1 Legislative Framework and best practice 1 1.2 Purpose of Enterprise Risk Management 2 1.3 Scope and Applicability 3 1.4

More information

Appendix V Risk Management Plan Template

Appendix V Risk Management Plan Template Appendix V Risk Management Plan Template Version 2 March 7, 2005 This page is intentionally left blank. Version 2 March 7, 2005 Title Page Document Control Panel Table of Contents List of Acronyms Definitions

More information

Introduction to Enterprise Risk Management at UVM DRAFT

Introduction to Enterprise Risk Management at UVM DRAFT Introduction to Enterprise Management at UVM 1 Enterprise What is Enterprise Management? Enterprise risk management is a structured, consistent, and continuous process across the whole organization for

More information

SAI GLOBAL LIMITED Risk Management Policy

SAI GLOBAL LIMITED Risk Management Policy SAI GLOBAL LIMITED Risk Management Policy SAI Global Ltd ABN 67050611642 Last Updated: February 2012 Contents 1. Risk Management... 3 2. Policy... 3 3. Risk Management Philosophy... 3 4. Risk Appetite...

More information

Department of Veterans Affairs VA Directive 0054. VA Enterprise Risk Management (ERM)

Department of Veterans Affairs VA Directive 0054. VA Enterprise Risk Management (ERM) Department of Veterans Affairs VA Directive 0054 Washington, DC 20420 Transmittal Sheet April 8, 2014 VA Enterprise Risk Management (ERM) 1. REASON FOR ISSUE: This directive provides guidelines to help

More information

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: POL ENTERPRISE RISK MANAGEMENT SC51 POLICY CODE: SC51 DIRECTORATE: Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: Executive Support Services RESPONSIBLE OFFICER:

More information

ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT Approved by the Audit Committee on 14 February 2003 and adopted by resolution of the Board on 28 March 2003 Revisions approved by the Audit and Risk Committee on 14 February

More information

UNITED NATIONS OFFICE FOR PROJECT SERVICES. ORGANIZATIONAL DIRECTIVE No. 33. UNOPS Strategic Risk Management Planning Framework

UNITED NATIONS OFFICE FOR PROJECT SERVICES. ORGANIZATIONAL DIRECTIVE No. 33. UNOPS Strategic Risk Management Planning Framework UNOPS UNITED NATIONS OFFICE FOR PROJECT SERVICES Headquarters, Copenhagen O.D. No. 33 16 April 2010 ORGANIZATIONAL DIRECTIVE No. 33 UNOPS Strategic Risk Management Planning Framework 1. Introduction 1.1.

More information

STANDARD. Risk Assessment. Supply Chain Risk Management: A Compilation of Best Practices

STANDARD. Risk Assessment. Supply Chain Risk Management: A Compilation of Best Practices A S I S I N T E R N A T I O N A L Supply Chain Risk Management: Risk Assessment A Compilation of Best Practices ANSI/ASIS/RIMS SCRM.1-2014 RA.1-2015 STANDARD The worldwide leader in security standards

More information

Enterprise Risk Management: Concepts & Issues

Enterprise Risk Management: Concepts & Issues Enterprise Risk Management: Concepts & Issues Jacques Lapointe Internal Audit, Management Board Secretariat November 2003 1 The Basic Concept of Risk Management The active process of identifying risks,

More information

Business Analyst Position Description

Business Analyst Position Description Analyst Position Description September 4, 2015 Analysis Position Description September 4, 2015 Page i Table of Contents General Characteristics... 1 Career Path... 2 Explanation of Proficiency Level Definitions...

More information

Enterprise risk management: A pragmatic, four-phase implementation plan

Enterprise risk management: A pragmatic, four-phase implementation plan Enterprise risk management: A pragmatic, four-phase implementation plan Prepared by: John Brackett, Managing Director, Risk Advisory Services, RSM McGladrey, Inc. 704.442.3820, john.brackett@mcgladrey.com

More information

Exhibit 1: Structure of a heat map

Exhibit 1: Structure of a heat map Integrating risk and performance management processes Werner Bruggeman Geert Scheipers Valerie Decoene 1. Introduction Years ago, Kaplan & Norton interviewed managers about their time consumption and they

More information

NSW Government ICT Benefits Realisation and Project Management Guidance

NSW Government ICT Benefits Realisation and Project Management Guidance NSW Government ICT Benefits Realisation and Project Management Guidance November 2014 CONTENTS 1. Introduction 1 2. Document purpose 1 3. Benefits realisation 1 4. Project management 4 5. Document control

More information

Business Relationship Manager Position Description

Business Relationship Manager Position Description Manager Position Description February 9, 2015 Manager Position Description February 9, 2015 Page i Table of Contents General Characteristics... 1 Career Path... 2 Explanation of Proficiency Level Definitions...

More information

Governance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.

Governance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb. Governance and Risk Management in the Public Sector Fernando A. Fernandez Inter-American Development Bank (202) 623-1430 e-mail: fernandof@iadb.org 1 Agenda Governance, why is it important? Compliance

More information

Risk Management Policy Adopted by:

Risk Management Policy Adopted by: Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009

More information

ISO 31000:2009 - ISO/IEC 31010 & ISO Guide 73:2009 - New Standards for the Management of Risk

ISO 31000:2009 - ISO/IEC 31010 & ISO Guide 73:2009 - New Standards for the Management of Risk Kevin W Knight AM CPRM; Hon FRMIA; FIRM (UK); LMRMIA: ANZIIF (Mem) ISO 31000:2009 - ISO/IEC 31010 & ISO Guide 73:2009 - New Standards for the Management of Risk History of the ISO and Risk Management Over

More information

Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire. P3M3 Project Management Self-Assessment

Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire. P3M3 Project Management Self-Assessment Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire P3M3 Project Management Self-Assessment Contents Introduction 3 User Guidance 4 P3M3 Self-Assessment Questionnaire

More information

Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP

Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP 2 AGENDA About RLB / About Our Not-for-Profit Team Defining Risk Types of Organizational Risk

More information

P3M3 Portfolio Management Self-Assessment

P3M3 Portfolio Management Self-Assessment Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire P3M3 Portfolio Management Self-Assessment P3M3 is a registered trade mark of AXELOS Limited Contents Introduction

More information

Enterprise-Wide Risk Assessment

Enterprise-Wide Risk Assessment Enterprise-Wide Risk Assessment Agenda 1. Definition of risk. 2. Risk drivers in higher education today. 3. Implementing an enterprise-wide risk management (ERM) program to effectively assess, manage,

More information

FlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk

FlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk 2012 The Flynt Group, Inc., All Rights Reserved FlyntGroup.com Enterprise Risk Management and Business

More information

UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL

UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL Evaluation and Inspection Services Memorandum May 5, 2009 TO: FROM: SUBJECT: James Manning Acting Chief Operating Officer Federal Student

More information

Developing an Effective Enterprise Risk Management Program

Developing an Effective Enterprise Risk Management Program Developing an Effective Enterprise Risk Management Program Jay Brietz, CPA and CIA Senior Manager This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record

More information

AMTRAK CORPORATE GOVERNANCE: Implementing a Risk Management Framework is Essential to Achieving Amtrak s Strategic Goals

AMTRAK CORPORATE GOVERNANCE: Implementing a Risk Management Framework is Essential to Achieving Amtrak s Strategic Goals AMTRAK CORPORATE GOVERNANCE: Implementing a Risk Management Framework is Essential to Achieving Amtrak s Strategic Goals Report No. OIG-A-2012-007 March 30, 2012 NATIONAL RAILROAD PASSENGER CORPORATION

More information

ENTERPRISE RISK MANAGEMENT POLICY

ENTERPRISE RISK MANAGEMENT POLICY ENTERPRISE RISK MANAGEMENT POLICY TITLE OF POLICY POLICY OWNER POLICY CHAMPION DOCUMENT HISTORY: Policy Title Status Enterprise Risk Management Policy (current, revised, no change, redundant) Approving

More information

A Risk-Based Audit Strategy November 2006 Internal Audit Department

A Risk-Based Audit Strategy November 2006 Internal Audit Department Mental Health Mental Retardation Authority of Harris County ENTERPRISE RISK MANAGEMENT A Framework For Assessing, Evaluating And Measuring Our Agency s Risk A Risk-Based Audit Strategy November 2006 Internal

More information

Risk Management Framework for IT-Centric Micro and Small Companies

Risk Management Framework for IT-Centric Micro and Small Companies Risk Management Framework for IT-Centric Micro and Small Companies Jasmina Trajkovski 1, Ljupcho Antovski 2 1 Trajkovski & Partners Management Consulting Sveti Kliment Ohridski 24/2/1, 1000 Skopje, Macedonia

More information

IT Service Provider and Consumer Support Engineer Position Description

IT Service Provider and Consumer Support Engineer Position Description Engineer Position Description February 9, 2015 Engineer Position Description February 9, 2015 Page i Table of Contents General Characteristics... 1 Career Path... 2 Explanation of Proficiency Level Definitions...

More information

Tailoring enterprise risk management strategies to the Main-Street insurer

Tailoring enterprise risk management strategies to the Main-Street insurer Tailoring enterprise risk management strategies to the Main-Street insurer Prepared by: Jay Golonka, Partner, McGladrey LLP 816.751.1830, jay.golonka@mcgladrey.com Discussions of Enterprise Risk Management

More information

Beyond risk identification Evolving provider ERM programs

Beyond risk identification Evolving provider ERM programs Beyond risk identification Evolving provider ERM programs March 2016 At a glance PwC conducted research to assess the state of enterprise risk management (ERM) within healthcare providers and found many

More information

Risk Management: Coordinated activities to direct and control an organisation with regard to risk.

Risk Management: Coordinated activities to direct and control an organisation with regard to risk. POLICY CG01 RISK MANAGEMENT Document Control Statement This Policy is maintained by the Governance and Organisational Strategy. Any printed copy may not be up to date and you are advised to check the electronic

More information

Business Continuity Position Description

Business Continuity Position Description Position Description February 9, 2015 Position Description February 9, 2015 Page i Table of Contents General Characteristics... 2 Career Path... 3 Explanation of Proficiency Level Definitions... 8 Summary

More information

Risk Management Policy and Framework

Risk Management Policy and Framework Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871

More information

Defining change management

Defining change management Defining change management Helping others understand change management in relation to project management and organizational change by Tim Creasey Director of Research and Development Prosci and the Change

More information

A guide and tool kit for non-government organisations to plan future workforce needs

A guide and tool kit for non-government organisations to plan future workforce needs Workforce Planning A guide and tool kit for non-government organisations to plan future workforce needs Table of contents WORKFORCE PLANNING...1 TABLE OF CONTENTS...2 NON-GOVERNMENT ORGANISATIONS...4 INTRODUCTION...4

More information

PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT PROJECT RISK MANAGEMENT http://www.tutorialspoint.com/pmp-exams/project_risk_management.htm Copyright tutorialspoint.com Here is a list of sample questions which would help you to understand the pattern

More information

ACMP Certification Committee. Methods for Demonstrating Competency

ACMP Certification Committee. Methods for Demonstrating Competency ACMP Certification Committee Methods for Demonstrating Competency 6 February 2014 CCMP Assessment of Competency ACMP s Certification Committee recommended a two-part assessment through which CCMP applicants

More information

Get More Out of Your Risk Assessment. Austin Chapter of the IIA

Get More Out of Your Risk Assessment. Austin Chapter of the IIA Get More Out of Your Risk Assessment Austin Chapter of the IIA Speakers Alyssa G. Martin, CPA Dallas Executive Partner, Advisory Services 25 years of public accounting experience, with a practice emphasis

More information

Risk Assessment & Enterprise Risk Management

Risk Assessment & Enterprise Risk Management Risk Assessment & Enterprise Risk 1 Healthcare Corporate Governance Today s environment requires building a culture of risk awareness and management of risk across the organization, while formulating less

More information

Effective Enterprise Risk Management with ErmsCo ERM Foundation

Effective Enterprise Risk Management with ErmsCo ERM Foundation Executive Brief Effective Enterprise Risk Management with ErmsCo ERM Foundation Introduction to ErmsCo About ErmsCo ErmsCo is a consulting and training firm that focuses on assisting financial institutions

More information

University of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No. 2008-19 June 2007

University of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No. 2008-19 June 2007 University of St. Gallen Law School Law and Economics Research Paper Series Working Paper No. 2008-19 June 2007 Enterprise Risk Management A View from the Insurance Industry Wolfgang Errath and Andreas

More information

Negative Risk. Risk Can Be Positive. The Importance of Project Risk Management

Negative Risk. Risk Can Be Positive. The Importance of Project Risk Management The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding to risk throughout the life of a project and in the best interests t of

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ROCKHAMPTON REGIONAL COUNCIL ENTERPRISE RISK MANAGEMENT FRAMEWORK 2013 Adopted 25 June 2013 Reviewed: October 2015 TABLE OF CONTENTS 1. Introduction... 3 1.1 Council s Mission... 3 1.2 Council s Values...

More information

Proactive Risk Management with SAP BusinessObjects

Proactive Risk Management with SAP BusinessObjects Proactive Risk Management with SAP BusinessObjects Leveraging Technology to Gain Enterprise Transparency and Rapid Insight into Changing Business Conditions INTRODUCTION What is the totality of our enterprise

More information

RISK MANAGEMENT POLICY

RISK MANAGEMENT POLICY RISK MANAGEMENT POLICY Regd. Office: Nanubhai Amin Marg, Industrial Area, P.O. Chemical Industries, Vadodara 390 003 CIN: L36990GJ1943PLC000363 1. BACKGROUND Risk Management Policy Jyoti Ltd. (the Company)

More information

The Lowitja Institute Risk Management Plan

The Lowitja Institute Risk Management Plan The Lowitja Institute Risk Management Plan 1. PURPOSE This Plan provides instructions to management and staff for the implementation of consistent risk management practices throughout the Lowitja Institute

More information

Risk/Issue Management Plan

Risk/Issue Management Plan Risk/Issue Management Plan Centralized Revenue Opportunity System November 2014 Version 2.0 This page intentionally left blank Table of Contents 1. Overview... 3 1.1 Purpose... 3 1.2 Scope... 3 2. Roles

More information

IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS

IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS 1 Module 1: Principles of Risk and Risk Management Module aims The aim of this module is to provide an introduction to the principles and concepts of risk and

More information

Risk IT A set of guiding principles and. the first framework to help enterprises identify, govern and effectively manage IT risk.

Risk IT A set of guiding principles and. the first framework to help enterprises identify, govern and effectively manage IT risk. Risk IT A set of guiding principles and the first framework to help enterprises identify, govern and effectively manage IT risk. In business today, risk plays a critical role. Almost every business decision

More information

IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE

IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE ABSTRACT Changing regulatory requirements, increased attack surfaces and a need to more efficiently deliver access to the business

More information

Enterprise Risk Management: COSO, New COSO, ISO 31000. Review of ERM

Enterprise Risk Management: COSO, New COSO, ISO 31000. Review of ERM Enterprise Risk Management: COSO, New COSO, Dr. Hugh Van Seaton, Ed. D., CSSGB, CGMA, CPA Review of ERM COSO a process, effected by an entity's board of directors, management and other personnel, applied

More information

Essential Elements for Any Successful Project

Essential Elements for Any Successful Project In this chapter Learn what comprises a successful project Understand the common characteristics of troubled projects Review the common characteristics of successful projects Learn which tools are indispensable

More information

Policy 10.105: Enterprise Risk Management Policy

Policy 10.105: Enterprise Risk Management Policy Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January

More information

Table of Contents PERFORMANCE REVIEWS STRATEGIC REVIEWS

Table of Contents PERFORMANCE REVIEWS STRATEGIC REVIEWS SECTION 270 PERFORMANCE AND STRATEGIC REVIEWS Table of Contents 270.1 To which agencies does this section apply? 270.2 What is the purpose of this section? PERFORMANCE REVIEWS 270.3 What is the purpose

More information

6. Risk management plans for high risk activities and special events

6. Risk management plans for high risk activities and special events 6. Risk management plans for high risk activities and special events What is a high risk activity or special event? The answer to this question will be different for every organisation. A high risk activity

More information

Enterprise Risk Management in Compliance 360

Enterprise Risk Management in Compliance 360 Enterprise Risk Management in Compliance 360 2 Enterprise Risk Management in Compliance 360 Effective risk management involves identifying and understanding the risks the organization is faced with, analyzing

More information

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the Remarks by Carolyn G. DuChene Deputy Comptroller Operational Risk at the Bank Safety and Soundness Advisor Community Bank Enterprise Risk Management Seminar Washington, D.C. October 22, 2012 Good afternoon,

More information

Project Management Guidelines

Project Management Guidelines Project Management Guidelines Overview Section 86-1506 (5) directs the NITC to adopt guidelines regarding project planning and management. The goal of project management is to achieve the objectives of

More information

ISO 31000 and Risk Management

ISO 31000 and Risk Management ISO 31000 and Risk Management August 19, 2010 What is risk? All management is risk management! Risk Management Boot camp Threat + Vulnerability = Risk Risk Controls = Residual Risk Residual Risk Probability

More information

THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT

THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT Let me begin by thanking Baruch College for giving me the opportunity to present this year s prestigious Emanuel Saxe Lecture in Accounting.

More information

Risk Identification in Project Management

Risk Identification in Project Management Available online at www.icesba.eu Procedia of Economics and Business Administration ISSN: 2392-8174, ISSN-L: 2392-8166 Risk Identification in Project Management Ungureanu Anca, Braicu Cezar, Ungureanu

More information

International Diploma in Risk Management Syllabus

International Diploma in Risk Management Syllabus International Diploma in Risk Management Syllabus Module 1: Principles of Risk and Risk Management The aim of this module is to provide an introduction to the principles and concepts of risk and risk management.

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from December 2008 Date last amended December 2012

More information

Incorporating Risk Assessment into Project Forecasting

Incorporating Risk Assessment into Project Forecasting Incorporating Risk Assessment into Project Forecasting Author: Dione Palomino Conde Laratta, PMP Company: ICF International - USA Phone: +1 (858) 444-3969 Dione.laratta@icfi.com Subject Category: Project

More information

Hand IN Hand: Balanced Scorecards

Hand IN Hand: Balanced Scorecards ANNUAL CONFERENCE T O P I C Risk Management WORKING Hand IN Hand: Balanced Scorecards AND Enterprise Risk Management B Y M ARK B EASLEY, CPA; A L C HEN; K AREN N UNEZ, CMA; AND L ORRAINE W RIGHT Recent

More information

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY The Define/Align/Approve Reference Series NEEDS BASED PLANNING FOR IT DISASTER RECOVERY Disaster recovery planning is essential it s also expensive. That s why every step taken and dollar spent must be

More information

PROJECT MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE:

PROJECT MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE: PROJECT MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE: Project Name Project Management Plan Document Information Document Title Version Author Owner Project Management Plan Amendment History

More information

Sample Enterprise Risk Management Work Plan Fiscal Years 20XX and 20YY Revised June 2009. Internal Environment / Objectives Setting

Sample Enterprise Risk Management Work Plan Fiscal Years 20XX and 20YY Revised June 2009. Internal Environment / Objectives Setting STRATEGIC OPERATIONS REPORTING Internal Environment Objective Setting Event Identification Risk Assessment Risk Response Control Activities Information & Communication COMPLIANCE DEPARTMENT SCHOOL CAMPUS

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Risk Management Policy Record Number D14/79827 Responsible Manager Manager Strategy and Governance Last reviewed 10 March 2015 Adoption reference Council Resolution number 90.5 Previous

More information

Welcome to the Data Analytic Toolkit PowerPoint presentation an introduction to project management. In this presentation, we will take a brief look

Welcome to the Data Analytic Toolkit PowerPoint presentation an introduction to project management. In this presentation, we will take a brief look Welcome to the Data Analytic Toolkit PowerPoint presentation an introduction to project management. In this presentation, we will take a brief look at project management to understand the process and some

More information

In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including:

In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including: Enterprise Risk Management Process and Procedures Scope In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including: Risk identification

More information

Matthew E. Breecher Breecher & Company PC November 12, 2008

Matthew E. Breecher Breecher & Company PC November 12, 2008 Applying COSO s Enterprise Risk Management Integrated Framework Matthew E. Breecher Breecher & Company PC November 12, 2008 The basic outline for this presentation was provided by: Objectives for the session:

More information

Key Components of a Risk-Based Security Plan

Key Components of a Risk-Based Security Plan Key Components of a Risk-Based Security Plan How to Create a Plan That Works Authors: Vivek Chudgar Principal Consultant Foundstone Professional Services Jason Bevis Director Foundstone Professional Services

More information

Fraud Risk Management

Fraud Risk Management Fraud Risk Management Overview Discussion Questions 1) Does your organization follow a specific risk management model? If so, which one? Do you think this model adequately addresses the risks your organization

More information

Understanding Enterprise Risk Management. Presented by Dorothy Gjerdrum Arthur J Gallagher

Understanding Enterprise Risk Management. Presented by Dorothy Gjerdrum Arthur J Gallagher Understanding Enterprise Risk Management Presented by Dorothy Gjerdrum Arthur J Gallagher Learning Objectives Understand the components of a wellrun ERM program Review scope and process Explore the role

More information

RISK AND OPPORTUNITY MANAGEMENT STRATEGY 2013-2014

RISK AND OPPORTUNITY MANAGEMENT STRATEGY 2013-2014 RISK AND OPPORTUNITY MANAGEMENT STRATEGY 2013-2014 Version 1.0 October 2013 Not protectively marked INDEX PAGE NO TITLE 3 Executive Summary 4 Our Shared Vision and Priorities 5 Outline of the Risk and

More information

Policy and Procedure Statement

Policy and Procedure Statement Policy and Procedure Statement SUBJECT: Enterprise Risk CATEGORY: General Administration NO. 502-G PREAMBLE Risk exists in all activities and cannot be avoided, nor can it always be eliminated. However,

More information

Enterprise Risk Management in a Highly Uncertain World. A Presentation to the Government-University- Industry Research Roundtable June 20, 2012

Enterprise Risk Management in a Highly Uncertain World. A Presentation to the Government-University- Industry Research Roundtable June 20, 2012 Enterprise Risk Management in a Highly Uncertain World A Presentation to the Government-University- Industry Research Roundtable June 20, 2012 CRO Council Introduction Mission The North American CRO Council

More information

Effective reporting for construction projects: increasing the likelihood of project success

Effective reporting for construction projects: increasing the likelihood of project success PROJECT ADVISORY Effective reporting for construction projects: increasing the likelihood of project success Thought Leadership Series 13 kpmg.com/nz About the Leadership Series KPMG s Leadership Series

More information

Business Logistics Specialist Position Description

Business Logistics Specialist Position Description Specialist Position Description March 23, 2015 MIT Specialist Position Description March 23, 2015 Page i Table of Contents General Characteristics... 1 Career Path... 2 Explanation of Proficiency Level

More information

Transportation Security Administration Enterprise Risk Management. ERM Policy Manual. August 2014

Transportation Security Administration Enterprise Risk Management. ERM Policy Manual. August 2014 Transportation Security Administration Enterprise Risk Management ERM Policy Manual August 2014 1 Contents Abbreviations...4 Introduction...5 Purpose of this document...6 ERM Objective...7 Enterprise Risk

More information

A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000

A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000 A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000 Contents Executive summary Introduction Acknowledgements Part 1: Risk, risk management and ISO 31000 1 Nature

More information

Enterprise Risk Management in Colleges and Universities

Enterprise Risk Management in Colleges and Universities Enterprise Risk Management in Colleges and Universities Cherry Bekaert & Holland, L.L.P. Neal Beggan, CISA, CRISC Shane Hester, CPA, CISA Cherry, Bekaert & Holland, L.L.P. The Firm of Choice. 1 Cherry,

More information

Risk management framework

Risk management framework Risk management framework Security classification: PUBLIC Reference number: DSITI:FW:001P Policy owner: Executive Director, Strategic Transformation & Performance Contact officer: Principal Consultant,

More information

Project Risk Management

Project Risk Management PROJECT ADVISORY Project Risk Management Leadership Series 9 kpmg.com/nz About the Leadership Series KPMG s Leadership Series is targeted towards owners of major capital programmes, but its content is

More information

Intel Business Continuity Practices

Intel Business Continuity Practices Intel Business Continuity Practices As a global corporation with locations and suppliers all over the world, Intel requires every designated Intel organization to embed business continuity as a core business

More information

CHANGE MANAGEMENT PLAN WORKBOOK AND TEMPLATE

CHANGE MANAGEMENT PLAN WORKBOOK AND TEMPLATE CHANGE MANAGEMENT PLAN WORKBOOK AND TEMPLATE TABLE OF CONTENTS STEP 1 IDENTIFY THE CHANGE... 5 1.1 TYPE OF CHANGE... 5 1.2 REASON FOR THE CHANGE... 5 1.3 SCOPE THE CHANGE... 6 1.4 WHERE ARE YOU NOW?...

More information

RISK MANAGEMENT POLICY

RISK MANAGEMENT POLICY RISK MANAGEMENT POLICY Nuffield College s Risk Management Policy defines the College's approach to risk and how risk management should be embedded into management processes to ensure that the major risks

More information