The Essentials of Enterprise Risk Management. Steven C. Tourek, Senior Vice President, General Counsel & Secretary, The Marvin Companies
|
|
- Bartholomew Hudson
- 8 years ago
- Views:
Transcription
1 The Essentials of Enterprise Risk Management Steven C. Tourek, Senior Vice President, General Counsel & Secretary, The Marvin Companies
2 Introduction How should an organization think about the management of risk in a VUCA world? 1
3 Overview of Traditional Risk Management Approach Focused on tangible assets to be found on a balance sheet and related contractual rights Management process tends to be fragmented, reactive and ad hoc Management activity is transaction-oriented, cost-based, narrowlyfocused and functionally-driven 2
4 Traditional Risk Management Focus on Tangible Assets Land Buildings Equipment Inventory Physical Assets Cash Receivables Investments Equity Prepaid and others Financial Assets 3
5 What is Enterprise Risk Management? A process, effected by an entity s Board of Directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. - Committee of Sponsoring Organizations (COSO) Enterprise Risk Management Integrated Framework (August 2004) A disciplined and integrated approach that supports the alignment of strategy, process, governance, people and technology and allows organizations to identify, prioritize and effectively manage their critical risks. - Integrated Governance Solutions 4
6 How Does ERM Differ from the Traditional Approach? The objective of the ERM approach is to enhance business strategy formation and attainment. Focus and application is broader: enhancing and protecting the unique combination of tangible and intangible assets comprising the organization s business model. Transitions risk management from a discipline of avoiding risk and hedging bets to one of enhancing as well as protecting enterprise value creation. 5
7 ERM Focus on Tangible and Intangible Assets Land Buildings Equipment Inventory Cash Receivables Investments Equity Prepaids and others Physical Assets Financial Assets Leadership Strategy Knowledge Values Physical Assets Organizational Assets Customer Assets Employee/ Supplier Assets Reputation Innovation Systems Process Customers Channels Affiliates Employees Suppliers Partners 6
8 What Is The Value Proposition For ERM? Provides reasonable assurance to management that business objectives are achievable by: Aligning risk appetite and strategy Improving risk response decisions Reducing operational surprises and resulting losses Identifying and managing cross enterprise risks Providing integrated responses to a portfolio of multiple risks Seizing opportunities and improving deployment of capital 7
9 Is ERM Only Appropriate For Large, Public Entities? ERM applies to all organizations, large and small, public and private because: Every successful organization faces risk. Every successful organization takes risks. Every successful organization responds to risk. ERM implementation proportionate to unique level of risk, aligned with other corporate activities and dynamic. 8
10 Framework Elements Of ERM A stable foundation for a healthy Enterprise Risk Management program includes six key elements: 1. Infrastructure 2. Identification 3. Assessment 4. Management 5. Monitoring 6. Reporting 9
11 Modification The ERM Framework Infrastructure The Organization s Strategic Objectives Risk Identification Risk Assessment Enterprise Risk Prioritization Risk Response Communication and Reporting Monitoring 24
12 ERM Infrastructure Provides the discipline, focus and structural support needed to advance the enterprise s capabilities around managing its priority risks. Elements include enterprise risk assessment process, clarity of roles and responsibilities related to management of risk, integration/alignment of risk management with strategy setting, risk reporting framework, common training and supporting technology. Represents the organizational commitment, processes, language and accountability for enterprise-wide risk management. 11
13 Risk Identification Sources of Value Catastrophic loss Unacceptable costs Poor economic performance Unexpected losses Insufficient liquidity Adapted from Proviti Guide to Enterprise Risk Management Physical Assets Financial Assets Unclear or obsolete strategies Ineffective/inefficient processes Obsolete systems Physical Assets Organizational Assets 12 Customer Assets Employee/ Supplier Assets Inadequate information for decision-making Business interruption Brand erosion Security breach Pervasive quality failures Significant losses of key customers or channels Talent shortages Work stoppages Excessive costs & lead times
14 Risk Identification Brainstorming Involve direct reports and those with significant knowledge of the function or business unit. Utilize broad categories of risk to generate ideas. Free-thinking but each risk, current mitigation program and potential consequence should be identified and examined. Categories are used to generate ideas; assignment of risk to a particular category is not important. Large number of identified risks are narrowed through a voting process. 13
15 Risk Identification Sources of Uncertainty Financial Risks Loss of Major Supplier(s) Externally Driven Currency Fluctuations Competition / New Entry Strategic Risks Interest Rate Fluctuations Technological Innovation Slow economic recovery Credit Loss Liquidity Default Risk Sourcing material costs Capital Availability Internally Driven Late to Market Capacity Constraints Inefficiency Risk Product Development Risk Market Saturation Channel Consolidation Customer Value Risk Supply Chain Risk Cyber Threat Fleet liability Power Outage Information system failure Product Failure Service Environmental Liability Aging workforce Appropriate staff expertise Workplace violence OSHA, EPA, EEOC, FCPA, ACA, etc Compliance and Cost Changes in standards and model codes Changes in Laws and Regulations Compliance Risks Operational Risks Catastrophic loss / Major damage to facility (fire, act of God) 14 Labor shortage Inability to attract talent Human Capital Risks
16 Risk Identification Top 10 Risks For Regulatory Changes and Scrutiny (67%) 2. Economic Conditions (56%) 3. Management of Cyber Threats (53%) 4. Talent Attraction and Retention (56%) 5. Inadequate Risk Culture (51%) 6. Resistance to Change (49%) 7. Privacy/Identity Management (52%) 8. Management of Unexpected Crisis (46%) 9. Customer Loyalty and Retention (48%) 10. Inability to Meet Performance Expectations (46%) - Feb Poole College ERM Initiative of North Carolina State University and Proviti Survey 15
17 Risk Assessment Scoring and Ranking Take each of the top X identified risks and score each on inherent and residual basis, using the probability, time until impact and severity equation: (Likelihood of Occurrence + Time Until Impact) X Severity = Ultimate Risk Score Once the ultimate residual risk score for each risk is determined, rank from highest to lowest. 16
18 Risk Assessment Scoring - Likelihood Score each top 10 risk by likelihood of occurrence (L): Factor Score Description Example Probability 1 Extremely rare Occurs once every 100 years 2 Rarely occurs Once every years 3 Periodically occurs Once every 5-7 years 4 Regularly occurs Once every 1-5 years 5 Occurs with such regularity to be accurately estimated Multiple times per year 17
19 Risk Assessment Scoring Time Until Impact Score each top 10 risk by time until impact (T): Factor Score Description Example Time to impact 1 2 Manifests gradually over a long period of time providing opportunity to adjust/react Occurs quickly limited advance warning 3 Occurs suddenly no advance warning Months or years of warning (e.g. regulatory or legislative change) Hours or days of warning (e.g. hurricane, flood) No warning (e.g. Fire or explosion, security, breach) 18
20 Risk Assessment Scoring Severity of Impact Score each top 10 risk by Severity Impact (S): Factor Score Description Example Severity 1 Small financial impact Self-insured workers compensation loss with no impact on business reputation or continuity Large financial loss or impact but not material with no impact on business strategy Significant or material financial loss or event which may slowdown or adversely impact business strategy Major financial loss and/or significant adverse impact to business strategy Potential to imperil organization s strategy/long-term adverse business strategy impact 19 Additional costs due to new regulation or loss of a customer with no impact on business reputation or continuity > 2 week information systems shut-down that slows sales and (in the short-term) damages reputation in the marketplace; > Key supplier fails causing shortage of component parts. Unable to produce certain products for 3 mos. > Technology innovation or regulatory change which changes access to market
21 Rank Top Risks by Score (Example ranked according to highest score) Risk (L + T) X S = Score 1. Loss of major supplier Staff s lack of expertise Information system failure Etc Risk Assessment (Likelihood + Time Until Impact) X Severity = Risk Score 20
22 Enterprise Risk Prioritization Implement Portfolio Perspective Collate all of the functional risk ranking scores and apply an enterprise-wide perspective. Look for clearly emerging enterprise-wide critical risks. Assess for strategic impact and interrelationships as well as aggregate impact. 21
23 1) Manageable Impact 2) Major 3) Critical Enterprise Risk Prioritization Consolidated Risk Profile Example Strategic Objectives Over the next three years: Grow the top line by 75 percent Improve customer satisfaction by 25 percent Motivate and retain exceptional people Develop distinctive brands 1 CONSOLIDATED RISK PROFILE Critical Risk Language 1. Catastrophic loss 2. Channel effectiveness 3. Customer wants 4. Environmental, health and safety 5. Human resources 6. Legal/regulatory 7. Reputation ) Remote 2) Possible 3) Likely Likelihood 22
24 Risk Management Response/Treatment Options Four fundamental responses to identified critical risks: Avoid/Terminate Accept/Tolerate Reduce/Treat Share/Transfer 23
25 Risk Management Mitigation Plan For each priority risk (top 5 to 10) Define controls already in place. Determine what new actions should be taken. Assign accountability for each new action. Define measurable deliverables or metrics for each planned mitigation action or control. Once in place, reassess risk priority number. Monitor periodically for mitigation plan effectiveness in addressing risk. 24
26 Thank You 25
Risks and uncertainties
Risks and uncertainties Our risk management approach We have a well-established risk management methodology which we use throughout the business to allow us to identify and manage the principal risks that
More informationRISK MANAGEMENT IN A FOR-
RISK MANAGEMENT IN A FOR- PROFIT ORGANISATION 1 OBJECTIVES Explain the risk management framework The underlying process and cycle, and resources and people involved The framework can be applied in for
More informationGet More Out of Your Risk Assessment. Austin Chapter of the IIA
Get More Out of Your Risk Assessment Austin Chapter of the IIA Speakers Alyssa G. Martin, CPA Dallas Executive Partner, Advisory Services 25 years of public accounting experience, with a practice emphasis
More informationPrincipal risks and uncertainties
Principal risks and uncertainties Our risk management approach We have a well-established risk management methodology which we use throughout the business to allow us to identify and manage the principal
More informationRisk management + Strategic planning IT TAKES AN ENTIRE ORGANIZATION
1 Risk management + Strategic planning IT TAKES AN ENTIRE ORGANIZATION Background 2 Technology has become the central component of business operations Businesses have become more vulnerable to risks associated
More informationUniversity of Windsor Board of Governors. That the Board of Governors approve of the Enterprise Risk Management Framework.
University of Windsor Board of Governors BG130430-4.2.3 4.2.3 Enterprise Risk Management Framework Item for: Approval Forwarded by: Audit Committee MOTION: That the Board of Governors approve of the Enterprise
More informationFlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk
Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk 2012 The Flynt Group, Inc., All Rights Reserved FlyntGroup.com Enterprise Risk Management and Business
More informationDeveloping an Effective Enterprise Risk Management Program
Developing an Effective Enterprise Risk Management Program Jay Brietz, CPA and CIA Senior Manager This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record
More informationThe College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012
The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only Agenda Introduction Basic program components Recent trends in higher education risk management Why
More informationRisk Assessment & Enterprise Risk Management
Risk Assessment & Enterprise Risk 1 Healthcare Corporate Governance Today s environment requires building a culture of risk awareness and management of risk across the organization, while formulating less
More informationERM Program. Enterprise Risk Management Guideline
ERM Program Enterprise Management Guideline Table of Contents PREAMBLE... 2 When should I refer to this Guideline?... 3 Why do we need a Guideline?... 4 How do I use this Guideline?... 4 Who is responsible
More informationSan Francisco International Airport Enterprise Risk Management
San Francisco International Airport Enterprise Risk Management Mike Warren Airport Risk Manager WHAT IS ENTERPRISE RISK MANAGEMENT (ERM) It is a comprehensive program that focuses on a continuous and sustainable
More informationEnterprise Risk Management. Presented by: Lori Koethe, Director of Compliance & Risk Management University Hospitals Elyria Medical Center
Enterprise Risk Management Presented by: Lori Koethe, Director of Compliance & Risk Management University Hospitals Elyria Medical Center Objectives Define Enterprise Risk Management (ERM) and related
More informationPlacing a Value on Enterprise Risk Management ADVISORY
Placing a Value on Enterprise Risk Management ADVISORY Placing a Value on Enterprise Risk Management 1 In turbulent economic times, the case for investing in an enterprise risk management (ERM) program
More informationEnterprise-Wide Risk Assessment
Enterprise-Wide Risk Assessment Agenda 1. Definition of risk. 2. Risk drivers in higher education today. 3. Implementing an enterprise-wide risk management (ERM) program to effectively assess, manage,
More informationRISK MANAGEMENt AND INtERNAL CONtROL
RISK MANAGEMENt AND INtERNAL CONtROL Overview 02-09 Internal control the Board meets regularly throughout the year and has adopted a schedule of matters which are required to be brought to it for decision.
More informationHow To Understand The Role Of An Internal Audit
Top Ten Issues facing Internal Auditing in the Future The IIA Dallas Chapter April 6, 2006 Presented by: David A. Richards, CIA, CPA President The Institute of Internal Auditors drichards@theiia.org 1
More informationGuide to Enterprise Risk Management FREQUENTLY ASKED QUESTIONS
Guide to Enterprise Risk Management FREQUENTLY ASKED QUESTIONS Guide to Enterprise Risk Management: Frequently Asked Questions Page No. Introduction 1 The Fundamentals 1. What is Enterprise Risk Management
More informationSample Financial institution Risk Management Policy 2011
Sample Financial institution Risk Management Policy 2011 1 Contents Risk Management Program...2 Internal Control and Risk Management Diagram... 2 General Control Environment... 2 Specific Internal Control
More informationEnterprise Risk Management Handbook. June, 2010
Enterprise Risk Management Handbook June, 2010 Table of Contents Overview... 4 What is Enterprise Risk Management?... 5 Why Undertake Enterprise Risk Management?... 6 Draft UW System ERM Vision, Mission,
More informationEnterprise Risk Management
Cayman Islands Society of Professional Accountants Enterprise Risk Management March 19, 2015 Dr. Sandra B. Richtermeyer, CPA, CMA What is Risk Management? Risk management is a process, effected by an entity's
More informationCritical Change: Enterprise Risk Management Meets Healthcare. 18 TH Annual Compliance Institute San Diego, CA March 31, 2014.
Critical Change: Enterprise Risk Management Meets Healthcare 18 TH Annual Compliance Institute San Diego, CA March 31, 2014 Marie Moseley, JD, MPH, BSN, NNP-C, CHC, CHC-P 1 Objectives 1 Understand ERM
More informationEmergency Planning and Crisis Management initiatives rolled up into a viable Business Continuity and Enterprise Risk Management Program.
Emergency Planning and Crisis Management initiatives rolled up into a viable Business Continuity and Enterprise Risk Management Program. Or: How I Learned to Stop Worrying and Love the ERM! Is this You?
More informationCapital Market Services UK Limited Pillar 3 Disclosure
February 2013 Capital Market Services UK Limited Pillar 3 Disclosure Contents 1.0 Overview 2.0 Frequency and location of disclosure 3.0 Verification 4.0 Scope of application 5.1 Risk Management objectives
More informationHow to Develop Successful Enterprise Risk and Vendor Management Programs
Project Management Institute New York City Chapter January 2014 Chapter Meeting How to Develop Successful Enterprise Risk and Vendor Management Programs Christina S. Kite Senior Vice President Corporate
More informationfs viewpoint www.pwc.com/fsi
fs viewpoint www.pwc.com/fsi June 2013 02 11 16 21 24 Point of view Competitive intelligence A framework for response How PwC can help Appendix It takes two to tango: Managing technology risk is now a
More informationwww.pwc.com Business Resiliency Business Continuity Management - January 14, 2014
www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition
More informationRISK FACTORS AND RISK MANAGEMENT
Bangkok Bank Public Company Limited 044 RISK FACTORS AND RISK MANAGEMENT Bangkok Bank recognizes that effective risk management is fundamental to good banking practice. Accordingly, the Bank has established
More informationProcurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire. P3M3 Project Management Self-Assessment
Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire P3M3 Project Management Self-Assessment Contents Introduction 3 User Guidance 4 P3M3 Self-Assessment Questionnaire
More informationRISK MANAGEMENT & ISO 9001:2015. Greg Hutchins PE CERM Quality + Engineering CERM Academy GregH@CERMAcademy.com 800.COMPETE or 503.233.
RISK MANAGEMENT & ISO 9001:2015 Greg Hutchins PE CERM Quality + Engineering CERM Academy GregH@CERMAcademy.com 800.COMPETE or 503.233.1012 2 Who is Quality + Engineering? Background: Portland Oregon based
More informationPOLICY. Number: 7311-10-005 Title: Enterprise Risk Management. Authorization
POLICY Number: 7311-10-005 Title: Enterprise Risk Management Authorization [ ] President and CEO [ X] Vice President, Finance and Corporate Services Source: Director, Enterprise Risk Management Cross Index:
More informationBusiness Continuity Planning. Presentation and. Direction
Business Continuity Planning Presentation and Direction Thomas Bronack, president Data Center Assistance Group, Inc. 15180 20 th Avenue Whitestone, NY 11357 Phone: (718) 591-5553 Email: bronackt@dcag.com
More informationProactive Risk Management with SAP BusinessObjects
Proactive Risk Management with SAP BusinessObjects Leveraging Technology to Gain Enterprise Transparency and Rapid Insight into Changing Business Conditions INTRODUCTION What is the totality of our enterprise
More informationEnterprise Risk Management: Concepts & Issues
Enterprise Risk Management: Concepts & Issues Jacques Lapointe Internal Audit, Management Board Secretariat November 2003 1 The Basic Concept of Risk Management The active process of identifying risks,
More informationA To Do List to Improve Supply Chain Risk Management Capabilities
A To Do List to Improve Supply Chain Risk Management Capabilities Investigators: Debra Elkins General Motors R&D Center Mailcode 480-106-359 30500 Mound Road Warren, MI 48090 Phone: 586-986-2750 FAX: 586-986-0574
More informationEnterprise Risk Management Process Improvement. Secure Banking Solutions, LLC
Enterprise Risk Management Process Improvement 2 Contact Information Contact Information Chad Knutson Senior Information Security Consultant CISSP, CISA, CRISC Phone: 605-480-3366 chad.knutson@protectmybank.com
More informationTHE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK
THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date
More informationTHE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT
THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT Let me begin by thanking Baruch College for giving me the opportunity to present this year s prestigious Emanuel Saxe Lecture in Accounting.
More informationand Risk Tolerance in an Effective ERM Program
The Roles of Risk Appetite and Risk Tolerance in an Effective ERM Program Eric Gerner, Risk Advisory Services Director Tuesday, July 10, 2012 General Information Share the webinar Ask a question Votes
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
More informationManaging Risk at Bank of America Corporation. Overview
Managing Risk at Bank of America Corporation Overview Risk is inherent in every material business activity that we undertake. Our business exposes us to strategic, credit, market, liquidity, compliance,
More informationMaryland Association of Boards of Education Insurance Programs
Insurance Programs ENTERPRISE RISK MANAGEMENT John Magoon, ARM (P, E), CBCP, MBCI Risk Management Officer, MABE jmagoon@mabe.org 443 603 0399 A PERFECT DAY Our Goals 1.2 1 0.8 0.6 0.4 0.2 0 Actual Goal
More informationUS LOAN SERVICES APRIL 2016 NICK OLDFIELD / TOBY WELLS
US LOAN SERVICES APRIL 2016 NICK OLDFIELD / TOBY WELLS US Mortgage Servicing Market $10 trillion in New mortgage Business debt outstanding, with more than $1 trillion in new originations each year Corporate
More informationP3M3 Portfolio Management Self-Assessment
Procurement Programmes & Projects P3M3 v2.1 Self-Assessment Instructions and Questionnaire P3M3 Portfolio Management Self-Assessment P3M3 is a registered trade mark of AXELOS Limited Contents Introduction
More informationInsurance management policy and guidelines. for general government sector, September 2007
Insurance management policy and guidelines for general government sector September 2007 i Contents 1. Introduction... 2 2. Identifying risk is the first step... 2 3. What is risk?... 2 4. Insurance is
More informationAnalyzing Risks in Healthcare. February 12, 2014
Analyzing s in Healthcare February 12, 2014 1 Content What is Enterprise Management (ERM) ERM Benefits ERM Standards / ISO 31000:2009 ERM Process Register ERM Governance Model s Q&A 2 What is Enterprise
More informationRisk Management Policy
Risk Management Policy June 2015 1 2 Contents 1. Policy Objectives and Background... 4 1.1. Policy Background... 4 1.2. Policy Objective... 4 1.3. Policy Sponsor and Maintenance... 4 2. Risk Types and
More informationPRACTICAL APPLICATIONS FOR BUSINESS CONTINUITY MANAGEMENT
Karl D Bryant, MBCP, MBCI, CBCLA, PMP Senior Vice President PRACTICAL APPLICATIONS FOR BUSINESS CONTINUITY MANAGEMENT WWW.CHICAGOLANDRISKFORUM.ORG BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW BUSINESS
More informationTying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation
Tying It All Together: Practical ERM Integration Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation November 16, 2007 1 Agenda Basis for ERM Integration ERM Objectives ERM Focus
More informationHigh Value Audits: An Update on Information Technology Auditing. Robert B. Hirth Jr., Managing Director
High Value Audits: An Update on Information Technology Auditing Robert B. Hirth Jr., Managing Director The technology landscape and its impact on internal audit Technology is playing an ever-growing role
More informationAudit Director Roundtable Asia Emerging Risks Report
Audit Director Roundtable Asia Emerging Risks Report Q3 2012 A FRAMEWORK FOR MEMBER CONVERSATIONS The mission of The Corporate Executive Board Company and its affiliates (CEB) is to unlock the potential
More informationGetting the Focus on Enterprise Risk Management Right. by Al Decker & Donna Galer
Getting the Focus on Enterprise Risk Management Right by Al Decker & Donna Galer Definition and Purpose of Enterprise Risk Management (ERM) All business processes exist to achieve a specific end product
More informationENTERPRISE RISK MANAGEMENT AN OVERVIEW. November 2011
ENTERPRISE RISK MANAGEMENT AN OVERVIEW November 2011 Overview Overview of Enterprise Risk Management (ERM) Risk Assessment Process Identifying Business Risks Consideration of Impact and Likelihood Soliciting
More informationTapping the benefits of business analytics and optimization
IBM Sales and Distribution Chemicals and Petroleum White Paper Tapping the benefits of business analytics and optimization A rich source of intelligence for the chemicals and petroleum industries 2 Tapping
More informationRisk Considerations for Internal Audit
Risk Considerations for Internal Audit Cecile Galvez, Deloitte & Touche LLP Enterprise Risk Services Director Traci Mizoguchi, Deloitte & Touche LLP Enterprise Risk Services Senior Manager February 2013
More informationThe Nature of Accounting Systems
Basic Accounting & Budgeting February 4, 2009 The Nature of Accounting Systems Accounting is the process of recording, classifying, summarizing, reporting and interpreting information about the economic
More informationInformation Security Managing The Risk
Information Technology Capability Maturity Model Information Security Managing The Risk Introduction Information Security continues to be business critical and is increasingly complex to manage for the
More informationRISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide
RISK BASED AUDITING: A VALUE ADD PROPOSITION Participant Guide About This Course About This Course Adding Value for Risk-based Auditing Seminar Description In this seminar, we will focus on: The foundation
More informationwww.pwc.com Third Party Risk Management 12 April 2012
www.pwc.com Third Party Risk Management 12 April 2012 Agenda 1. Introductions 2. Drivers of Increased Focus on Third Parties 3. Governance 4. Third Party Risks and Scope 5. Third Party Risk Profiling 6.
More informationCOMPARATIVE STUDY BETWEEN TRADITIONAL AND ENTERPRISE RISK MANAGEMENT A THEORETICAL APPROACH
COMPARATIVE STUDY BETWEEN TRADITIONAL AND ENTERPRISE RISK MANAGEMENT A THEORETICAL APPROACH Cican Simona-Iulia Management, Faculty of Economics and Business Administration, West University of Timisoara,
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page
More informationA Risk-Based Audit Strategy November 2006 Internal Audit Department
Mental Health Mental Retardation Authority of Harris County ENTERPRISE RISK MANAGEMENT A Framework For Assessing, Evaluating And Measuring Our Agency s Risk A Risk-Based Audit Strategy November 2006 Internal
More informationEnterprise Risk Management
Enterprise Risk Management 1 Agenda Definition & Risk Response Environment Scan news from Insurance Confusion Reduction Lessons Learned from Others with an ERM program 2 Enterprise Risk Management Defined:
More informationKey Considerations for Information Technology Governance. 900 Monroe NW Grand Rapids, MI 49503 (616) 632-8000
Key Considerations for Information Technology Governance What is IT Governance? Big Picture approach to information and data management Sets priorities: Managing performance Delivering value Managing risk
More informationSytorus Information Security Assessment Overview
Sytorus Information Assessment Overview Contents Contents 2 Section 1: Our Understanding of the challenge 3 1 The Challenge 4 Section 2: IT-CMF 5 2 The IT-CMF 6 Section 3: Information Management (ISM)
More informationZurich s approach to Enterprise Risk Management. John Scott Chief Risk Officer Zurich Global Corporate
Zurich s approach to Enterprise Risk Management John Scott Chief Risk Officer Zurich Global Corporate Agenda 1. The risks we face 2. Strategy risk and risk tolerance 3. Zurich s ERM framework 4. Capital
More informationThe Future of Consumer Health Care
The Future of Consumer Health Care Coming Together To Lead The Consumer Health Care Industry 2 Creating a New Business Model in Consumer Health Care 3 Serve More Consumers In More Parts of the World, More
More informationIRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS
IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS 1 Module 1: Principles of Risk and Risk Management Module aims The aim of this module is to provide an introduction to the principles and concepts of risk and
More informationGuidance notes: Financial Planning & Managing Risk
Guidance notes: Financial Planning & Managing Risk This guidance note is particularly for governors on the audit or finance committee, but will be of interest to all governors. What is the governing body
More informationExcerpt from the ACGR on Enterprise Risk Management
Excerpt from the ACGR on Enterprise Risk Management F. RISK MANAGEMENT SYSTEM 1) Disclose the following: (a) Overall risk management philosophy of the company; Objectives and Policies The Group has significant
More informationBusiness Continuity Planning for Schools, Departments & Support Units
Business Continuity Planning for Schools, Departments & Support Units 1 What is Business Continuity Planning? Examples Planning for an adverse, major or catastrophic event that would cause a disruption
More informationInformation Security in the framework of Enterprise Risk Management (ERM)
ERM, a widespread practice in Financial Institutions Value based ERM is driven by shareholder value Strategic ERM is driven by the internal control imperative Integral part of sound business management
More informationFramework for Enterprise Risk Management
Framework for Enterprise Risk Management 2013 Johnson & Johnson Contents Introduction.... 4 J&J Strategic Framework... 5 What is Risk?.......................................................... 7 J&J Approach
More informationRisk Management Framework
Risk Management Framework Mandate and commitment Design of framework for managing risks Continual improvement of the framework Implementing risk management Monitoring and review of the framework Source:
More informationPOL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:
POL ENTERPRISE RISK MANAGEMENT SC51 POLICY CODE: SC51 DIRECTORATE: Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: Executive Support Services RESPONSIBLE OFFICER:
More informationPerforming a Compliance Risk Assessment for Compliance Auditing & Monitoring in Healthcare Organizations
Performing a Compliance Risk Assessment for Compliance Auditing & Monitoring in Healthcare Organizations Author: Glen C. Mueller, Chief Audit & Compliance Officer, Scripps Health, San Diego, CA Introduction
More informationEnterprise Risk Management in a Highly Uncertain World. A Presentation to the Government-University- Industry Research Roundtable June 20, 2012
Enterprise Risk Management in a Highly Uncertain World A Presentation to the Government-University- Industry Research Roundtable June 20, 2012 CRO Council Introduction Mission The North American CRO Council
More informationNEED TO KNOW. IFRS 10 Consolidated Financial Statements
NEED TO KNOW IFRS 10 Consolidated Financial Statements 2 IFRS 10 Consolidated Financial Statements SUMMARY In May 2011 the International Accounting Standards Board (IASB) published a package of five new
More informationCENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
More informationChapter 1: An Overview of Emergency Preparedness and Business Continuity
Chapter 1: An Overview of Emergency Preparedness and Business Continuity After completing this chapter, students will be able to: Describe organization and facility stakeholder needs during and after emergencies.
More informationInternational Diploma in Risk Management Syllabus
International Diploma in Risk Management Syllabus Module 1: Principles of Risk and Risk Management The aim of this module is to provide an introduction to the principles and concepts of risk and risk management.
More informationHow To Understand The Role Of The Captive In An Enterprise Risk Management Program
Combined: Transforming Risk: The Captive s Role in Sustaining an Enterprise Risk Management Program Moderator: Michael Maglaras, Michael Maglaras & Co. Speaker: Ruth Cardiello, Stamford Health System Today
More informationCyber-Security Risk Management Framework (CSRM)
ABSTRACT The Security-Centric, Cyber-Security Risk Management (CSRM) framework expands on both the Internal Control Framework as well as Enterprise Risk Management Framework and proposes an effective Integrated
More informationIntroduction to Enterprise Risk Management at UVM DRAFT
Introduction to Enterprise Management at UVM 1 Enterprise What is Enterprise Management? Enterprise risk management is a structured, consistent, and continuous process across the whole organization for
More informationHealthcare Risk Management: The Path Forward
Healthcare Risk Management: The Path Forward Legislative regulation and mounting patient expectations have created seismic shifts in U.S. healthcare that are compelling practitioners to abandon well-established
More informationRisk Management How to manage your brand & build business resilience to improve your bottom line
2010 RMIA Members Forum Primary focus for RMIA in 2011 Risk Management How to manage your brand & build business resilience to improve your bottom line Grant Whitehorn RMIA Chief Executive Officer CPA
More informationThe Bulletin. Credit Rating Analysis of Enterprise Risk Management at Nonfinancial Companies: Are You Ready? S&P s point of view VOLUME 3 ISSUE 2
The Bulletin VOLUME 3 ISSUE 2 Credit Rating Analysis of Enterprise Risk Management at Nonfinancial Companies: Are You Ready? Note: This issue of The Bulletin has been updated in response to Standard &
More informationCorporate Governance of Banks: A Credit Rating Agency s Approach. presented by Janet Holmes
Corporate Governance of Banks: A Credit Rating Agency s Approach presented by Janet Holmes Overview Introduction Meaning of credit ratings Moody s general approach to corporate governance analysis Moody
More informationHow to achieve excellent enterprise risk management Why risk assessments fail
How to achieve excellent enterprise risk management Why risk assessments fail Overview Risk assessments are a common tool for understanding business issues and potential consequences from uncertainties.
More informationImproving Financial Performance, Governance and Compliance
Enterprise Risk Management Improving Financial Performance, Governance and Compliance Through A Structured Approach Experis Finance By: Fred E. Lutzeier National ERM Director Fred.Lutzeier@Experis.Com
More informationBEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT
BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT Communications Company One Company s Supply Chain Transformation Journey INTERVIEWS Senior Manager Supply Chain Operations Strategy Manager Procurement
More informationUPDATES TO THE ELABORATION OF AN ENTERPRISE RISK MANAGEMENT PROGRAM FOR THE CLIMATE INVESTMENT FUNDS
August 22, 2013 UPDATES TO THE ELABORATION OF AN ENTERPRISE RISK MANAGEMENT PROGRAM FOR THE CLIMATE INVESTMENT FUNDS The following decision approving the attached paper on the Updates to the Elaboration
More informationNCUA LETTER TO CREDIT UNIONS
NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: December 2001 LETTER NO.: 01-CU-21 TO: SUBJ: ENCL: All Federally Insured Credit Unions Disaster
More informationGlobal Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com
W H I T E P A P E R L a c k o f O p e r a t i o n a l R e s i l i e n c e W i l l U n d e r m i n e E n t e r p r i s e C o m p e t i t i v e n e s s : A S t r a t e g y f o r A v a i l a b i l i t y Sponsored
More informationRisk management and the transition of projects to business as usual
Advisory Risk management and the transition of projects to business as usual Financial Services kpmg.com 2 Risk Management and the Transition of Projects to Business as Usual Introduction Today s banks,
More informationSample Enterprise Risk Management Work Plan Fiscal Years 20XX and 20YY Revised June 2009. Internal Environment / Objectives Setting
STRATEGIC OPERATIONS REPORTING Internal Environment Objective Setting Event Identification Risk Assessment Risk Response Control Activities Information & Communication COMPLIANCE DEPARTMENT SCHOOL CAMPUS
More informationRemarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the
Remarks by Carolyn G. DuChene Deputy Comptroller Operational Risk at the Bank Safety and Soundness Advisor Community Bank Enterprise Risk Management Seminar Washington, D.C. October 22, 2012 Good afternoon,
More informationThe New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework
The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework Dorothy Gjerdrum, ARM-P, Chair of the ISO 31000 US TAG and Executive Director,
More informationEnterprise Risk Management & Information Technology
Enterprise Risk Management & Information Technology Presented by Scott Perry and Gary Ross Slalom Consulting, San Francisco Agenda Introductions Session Objectives Overview of Enterprise Risk Management
More informationForensic Services. Third Party Risks. March 2013
Forensic Services Third Party Risks Landscape of third party risk Focus on third parties that: perform functions on behalf of the company provide products and services that the company does not originate
More information