Infrastructure Ontario Enterprise Risk Management Program. National Executive Forum Yellowknife, NWT May 2013



Similar documents
Policy : Enterprise Risk Management Policy

Risk Management Policy

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY

Risk Management Policy Adopted by:

ORGANIZATIONAL CHART FOR A TYPICAL LARGE REAL ESTATE COMPANY

Enterprise Risk Management & Information Technology

Matthew E. Breecher Breecher & Company PC November 12, 2008

Introduction to Enterprise Risk Management at UVM DRAFT

ENTERPRISE RISK MANAGEMENT POLICY

STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework

Enterprise Risk Management

Enterprise Risk Management VCU Process

Public Sector Pension Investment Board

Enterprise Risk Management: Concepts & Issues

Moving Forward with IT Governance and COBIT

University of Windsor Board of Governors. That the Board of Governors approve of the Enterprise Risk Management Framework.

Enterprise Risk Management

Operational Risk Management Program Version 1.0 October 2013

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

Enterprise Risk Management Program

Risk Management Strategy and Guidelines

ActiveTraderTM Treasury and Portfolio Management Fast and Secure

IFAD Policy on Enterprise Risk Management

Enterprise Risk Management in Colleges and Universities

Guidance Note: Corporate Governance - Board of Directors. March Ce document est aussi disponible en français.

The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework

Developing an Effective Enterprise Risk Management Program

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012

APPENDIX 50. Enterprise risk management - Risk management overview

Saldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology

Analyzing Risks in Healthcare. February 12, 2014

Sample Enterprise Risk Management Work Plan Fiscal Years 20XX and 20YY Revised June Internal Environment / Objectives Setting

Enterprise Risk Management

CORP RISK MANAGEMENT POLICY & METHODOLOGY

Enterprise Risk Management

Fraud Risk Management

Governance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202)

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

Export Development Canada

Risk Management Strategy EEA & Norway Grants Adopted by the Financial Mechanism Committee on 27 February 2013.

ERM Program. Enterprise Risk Management Guideline

Version: 5 Date: October 6, 2011

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Enterprise Risk Management Panel Discussion

Risk Management. Group Standard

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

The PNC Financial Services Group, Inc. Business Continuity Program

FIDUCIARY ADVISORY SERVICES

Conducting Consumer Compliance Risk Assessments Examiner Insights. Agenda. What is a Compliance Risk Assessment? 8/15/2013

The PNC Financial Services Group, Inc. Business Continuity Program

Table of Contents PERFORMANCE REVIEWS STRATEGIC REVIEWS

IT Governance. What is it and how to audit it. 21 April 2009

Financial Statement Closing Process Audit Report Report Nr. 3/14 August 26, 2014

Project Risk Management

Regulatory Compliance Framework An Electric Utility Model. Abstract. Grier Consulting Group LLC

In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including:

UBS presentation Key remediation actions

Key Components of Enterprise Risk Management (ERM) Framework

Risk Management Policy

A&CS Assurance Review. Accounting Policy Division Rule Making Participation in Standard Setting. Report

United Nations Industrial Development Organization

San Francisco International Airport Enterprise Risk Management

RSA ARCHER OPERATIONAL RISK MANAGEMENT

Transmittal Letter Objectives and Scope Approach Financial System Permitting Application... 9

SAI GLOBAL LIMITED Risk Management Policy

INFORMATION SECURITY STRATEGIC PLAN

Operational Risk Management - The Next Frontier The Risk Management Association (RMA)

3 August 2012 Policy updated to reflect name changes and alignment with current Aurora Energy Group Policy standards.

Can Energy Management Deliver Real Savings?

FINDING THE RISK IN RISK ASSESSMENTS NYSICA JULY 26, Presented by: Ken Shulman Internal Audit Director, New York State Insurance Fund

COCA-COLA HELLENIC BOTTLING COMPANY RISK MANAGEMENT POLICY

RISK MANAGEMENT STRATEGY

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation

DRAFT Report on Office of the Superintendent of Financial Report on Institutions Office of the Superintendent of Financial

Risk Mapping A Risk Management Tool with Powerful Applications in the New Economy

Streamlining the Annual Risk Assessment Process

Operational Risk Management in a Debt Management Office

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Professional. Compliance & Ethics. 19 The cost of unethical behavior. 33 Graduate degrees in Compliance: Training the next generation

GAINING CONTROL: Building Your Existing Framework into an ERM Model

Getting Started with Enterprise Risk Management

ENTERPRISE RISK MANAGEMENT. J. Joseph Hoey, Ed.D. Bridgepoint Education CAIR 2015

Enterprise Risk Management Framework Strengthening our commitment to risk management

FFIEC Cybersecurity Assessment Tool

Transcription:

Infrastructure Ontario Enterprise Risk Management Program National Executive Forum Yellowknife, NWT May 2013

Background Government Risk Management Agency Oversight The Memorandum of Understanding with the Ministry of Infrastructure outlines Infrastructure Ontario s (IO s) responsibility to ensure a Risk Management Framework is in place to manage risks in order to meet objectives. It also includes a requirement for ongoing risk reporting. Directives such as the Agency Establishment & Accountability Directive and Internal Audit Directive, stress the importance of risk management and require Ministries to use a risk based approach to manage and oversee Agencies. As of 2011, Ministries are to ensure the effective management of risk and are required to complete an annual risk assessment of their Agencies, as part of the Results-based Planning (RbP) process. The Ontario Internal Audit Division is provided regular updates of IO s ERM Program and audit activity. Infrastructure Ontario 2

Development of ERM Policy and Framework 3

Background Enterprise Risk Management at Infrastructure Ontario (IO) In 2011, subsequent to the merger between Infrastructure Ontario and Ontario Realty Corporation, IO completed the first phase of the ERM Program, the development of an ERM Policy and Risk Register, including a risk assessment for the organization. ERM Policy Provides a framework for risk management, including an overall approach to identifying, assessing and managing organizational risk. Corporate Objectives Identify Risk Assess Risk Manage Risk Monitor & Report Describes the key elements of the ERM Program, including the governance structure, reporting and monitoring requirements and the roles and responsibilities of key stakeholders, including the Audit Committee, CEO, and Operations Committee. Risks are ultimately owned at the business unit and process level. The various executive team members are responsible for managing/overseeing and reporting on all risks within or assigned to their unit. Infrastructure Ontario 4

Development of Corporate Risk Register 5

Background Corporate Risk Register Development Activities included: reviewing existing documentation from legacy organizations Surveys, meetings and workshops with VP s and the Senior Executive team to identify organizational risks and mitigating controls Risk Assessment Workshop with the Enterprise Risk Management Working Group based on impact and likelihood criteria Risk Validation Workshop with Senior Executive team to confirm high priority risks and the assessment of these risks The risk register is separated into Strategic, Financial and Operational risk categories. It is used to develop IO s 3-year Audit Plan. All risks with a residual risk assessment of medium or high are required to be monitored and reported to the Operations Committee, CEO and the Audit Committee. Infrastructure Ontario 6

ERM Working Group IO s ERM Program involves developing ongoing risk management and reporting processes. To help support and promote this initiative, IO has established an ERM Working Group, comprised of senior staff from all business lines. Member responsibilities include: Review the ERM Policy and Corporate Risk Register Collaborate with the ERM department to: identify and assess risks and mitigating controls develop and implement risk management action plans as required identify KPI s for significant risks review dashboard reports for ongoing risk monitoring escalate significant risk, opportunities and recommendations Facilitate the review, maintenance and monitoring of other organization risk management initiatives Infrastructure Ontario 7

Risk Assessment Process 8

Risk Assessment Inherent Risk Definition: The risk that is present in our organization stemming from our activities in the absence of any formalized or deliberate controls. Residual Risk Definition: The risk that is present in our organization stemming from our activities after the risk has been controlled. To prioritize the risks in the ERM WG workshop, we focused on residual risk using Impact and Likelihood Criteria outlined in our ERM policy and provided in the next slides. 9

Development of Heat Map 10

Heat Map 11

Day to Day Risk Management Activities Committees Corporate dashboards Divisional dashboards Ongoing meetings & communication with stakeholders KPI monitoring Assessments done at the operational level

IO Board Committees Audit responsible for ERM & internal controls Risk oversee IO s loan portfolio risk, treasury risk and loan credit risk Governance & Compensation Investment Committee - reviews and assesses public works, infrastructure and real estate projects

Management Committees Executive Investment & Risk Major Projects Credit Review Operations Real Estate Commercial Projects

Where we are now Completed annual refresh of risk register Separated Corporate and GREP risks Interviews taking place with risk owners Reviewing mitigation strategies/results Quarterly dashboard will be submitted to Audit Committee in June 2013

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information