Enterprise Risk Management



Similar documents
The Role of the Patient Safety Officer

AT&T Global Network Client for Windows Product Support Matrix January 29, 2015

Matthew E. Breecher Breecher & Company PC November 12, 2008

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

Streamlining the Annual Risk Assessment Process

Analysis One Code Desc. Transaction Amount. Fiscal Period

Case 2:08-cv ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8

In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including:

Enhanced Vessel Traffic Management System Booking Slots Available and Vessels Booked per Day From 12-JAN-2016 To 30-JUN-2017

Key Components of Enterprise Risk Management (ERM) Framework

Media Planning. Marketing Communications 2002

Briefing Outline. Overview of the CUI Program. CUI and IT Implementation

Enterprise Risk Management

The Impact of Medicare Part D on the Percent Gross Margin Earned by Texas Independent Pharmacies for Dual Eligible Beneficiary Claims

Employers Compliance with the Health Insurance Act Annual Report 2015

Discussion Outline. A. KPIs Defined. B. Why KPIs Matter. C. KPI Menu. D. Implementation. E. Example KPIs. F. Pitfalls

P/T 2B: 2 nd Half of Term (8 weeks) Start: 25-AUG-2014 End: 19-OCT-2014 Start: 20-OCT-2014 End: 14-DEC-2014

P/T 2B: 2 nd Half of Term (8 weeks) Start: 26-AUG-2013 End: 20-OCT-2013 Start: 21-OCT-2013 End: 15-DEC-2013

P/T 2B: 2 nd Half of Term (8 weeks) Start: 24-AUG-2015 End: 18-OCT-2015 Start: 19-OCT-2015 End: 13-DEC-2015

Annexure B: Planning, Budgeting and Performance Management Programme

and Risk Tolerance in an Effective ERM Program

Ashley Institute of Training Schedule of VET Tuition Fees 2015

Developing an Effective Enterprise Risk Management Program

Health Insurance Exchange Finance Work Group Meeting August 22, 2012 Wakely Consulting Model Table Summaries - Updated

Infrastructure Ontario Enterprise Risk Management Program. National Executive Forum Yellowknife, NWT May 2013

BCOE Payroll Calendar. Monday Tuesday Wednesday Thursday Friday Jun Jul Full Force Calc

Performing a Compliance Risk Assessment for Compliance Auditing & Monitoring in Healthcare Organizations

ENTERPRISE RISK MANAGEMENT POLICY

State Annual Report Due Dates for Business Entities page 1 of 10

DHS BUDGET REQU~ST FOR FY

Consumer ID Theft Total Costs

CENTERPOINT ENERGY TEXARKANA SERVICE AREA GAS SUPPLY RATE (GSR) JULY Small Commercial Service (SCS-1) GSR

Accident & Emergency Department Clinical Quality Indicators

Enterprise Risk Management VCU Process

Detailed guidance for employers

Walton Centre. Document History Date Version Author Changes 01/10/ A Cobain L Wyatt. Monitoring & Audit

A Risk-Based Audit Strategy November 2006 Internal Audit Department

Analyzing Risks in Healthcare. February 12, 2014

Risk Assessment & Enterprise Risk Management

PointofView. You Need to be Known to be Liked: Applying Lessons from Corporate Reputation Management to the Public Sector

Qi Liu Rutgers Business School ISACA New York 2013

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012

STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES. ENTERPRISE RISK MANAGEMENT Framework

Enterprise-Wide Risk Assessment

Gilead Clinical Operations Risk Management Program

Computing & Telecommunications Services Monthly Report March 2015

Important Dates Calendar FALL

2015 Settlement Calendar for ASX Cash Market Products ¹ Published by ASX Settlement Pty Limited A.B.N

Department of Public Welfare (DPW)

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY

RIMS Risk Management Models. Traditional Risk Management Progressive Risk Management Strategic Risk Management

FY 2015 Schedule at a Glance

Academic Calendar Arkansas State University - Jonesboro

Proposal to Reduce Opening Hours at the Revenues & Benefits Coventry Call Centre

Independent Accountants Report on Applying Agreed-Upon Procedures

12 16 Memorial Physician Network Billing Cycle Audit Report

Operational Risk Management in a Debt Management Office

Risk Management Policy Adopted by:

Throughput and Outstanding Workload for High Court Criminal Jury Trials - August 2005 to July 2006

Get More Out of Your Risk Assessment. Austin Chapter of the IIA

The Corporation of the City of London Quarterly Report on Internal Audit Results

CAFIS REPORT

Interest Rates. Countrywide Building Society. Savings Growth Data Sheet. Gross (% per annum)

If you are having technical difficulties, please call Go To Webinar at (800)

An Introduction to the. Society Program Portfolio Management Process

Legislative Brief: PAY OR PLAY PENALTIES LOOK BACK MEASUREMENT METHOD EXAMPLES. EmPowerHR

SCREEN ACTORS GUILD PRODUCERS HEALTH PLAN

About CREST R&D Grant

Annual Treasury And Investment Portfolio Update for 2015

Jeff Haby, P.E. Director Sewer System Improvements. September 15, Agenda

11/17/2015. Learning Objectives. What Is Data Mining? Presentation. At the conclusion of this presentation, the learner will be able to:

ITD Help Desk Traffic Report May 2002

The ACO Model/Capabilities Framework and Collaborative. Wes Champion Senior Vice President Premier Healthcare Alliance

Risk committee performance evaluation

Direct Line Insurance Group plc (the Company ) Board Risk Committee (the Committee ) Terms of Reference

Policy : Enterprise Risk Management Policy

Introduction to Enterprise Risk Management at UVM DRAFT

South Dakota Public Funds Investment Trust (FIT) Fixed Rate Investment Options & Services

Guidance Note: Corporate Governance - Board of Directors. March Ce document est aussi disponible en français.

14-Dec-15. Number Amount Number Amount Number Amount Number Amount Number Amount

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

DOE LHC Quarterly Review. Magnet Production Cable Testing Cost to Complete issues. Mike Harrison, BNL July 26, 2004

Resource Management Spreadsheet Capabilities. Stuart Dixon Resource Manager

FINDING THE RISK IN RISK ASSESSMENTS NYSICA JULY 26, Presented by: Ken Shulman Internal Audit Director, New York State Insurance Fund

Organizational Change Management: A Best Practice to Effective ERM Implementation

Share Trading Policy. Incitec Pivot Limited ABN Southbank Boulevard Southbank Victoria 3006 Australia V /

5-Minute Primer for Commercial Building Energy Audits

Colorado s Accountable Care Collaborative

How to Develop Successful Enterprise Risk and Vendor Management Programs

Navigating Rising Rates with Active, Multi-Sector Fixed Income Management

Transcription:

Enterprise Risk Management The Basics or ERM 101 1

Enterprise Risk Management Enterprise risk management deals with risks and opportunities affecting value creation or preservation, defined as: COSO s ERM Framework Enterprise risk management is a process, applied in strategy setting across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. COSO Who Regulates Health Care Federal Circuit Courts Supreme Court State Survey & Certification Congress Medicare Integrity Program Contractors Centers for Medicare and Medicaid Services Departmental Appeals OIG Courts Attorneys General Medicaid Health Boards Medical Boards PRRB Local Governments Licensure DME Regional Contractors Regional Offices Intermediaries Carriers PROs FDA Regional Home Health Intermediaries DOT OSHA DEA FAA OPOs SEC Health Care Providers DOI Treasury FBI Homeland Security IRS EPA FTC FCC HHS/HRSA HHS/NIOSH JCAHO NRC DOL CP1232867-1 2

The Connection Compliance and ERM Compliance Risk Activities OIG Work Plan Advisories and Opinions What issues are health care entities being sued for or settling out of court ERM Regulatory/Legal Finance Operational Reputational Risk Activities Internal Audit Services Internal Control Evaluations Legal External Auditors Compliance Lacks coordination External View 3

Managing Risk Usually not Integrated Finance Information Technology Internal Audit Services External Auditors Annual Audit, Quarterly Reviews Human Resources Compliance Legal Department Security Environmental Research Services Patient Care Medical School Board of Directors ASSESS RISK Risk assessment is the identification and analysis of risks to the achievement of business objectives. It forms a basis for determining how risks should be managed. 4

The Seven Elements 1. Code of Conduct Policies and Procedures 2. CO and Compliance Committee 3. Education 4. Monitoring and Auditing 5. Reporting and Investigation 6. Enforcement and Discipline 7. Response and Prevention 8. Risk Assessment 1 - Policies and Procedures What will be your process? Interviews Leadership Disruptors Diverse Thought Leaders Surveys Internally conducted Consultant effort Initial Refreshing 5

2 - Oversight Board of Directors Audit and Compliance Committee Committee Role of CEO and/or CAO Risk Officer or a combination of people CO IAS Risk Management (Hospital) 3 - Education Creating an ERM culture Focused Selective Just in time 6

4 Risk Identification and Mitigation Reputational Strategic Financial Operational Regulatory - Legal 5 - Reporting Ranking risk process Connections from year to year Old risks versus new risks Leadership Verification 7

6 - Commitment CEO and CA0 Board of Directors Audit and Compliance Committee TIME! 7 Response and Prevention Controls Emerging Risks Management Accountability Governance Oversight 8

ERM High Level Process Overview Identify Evaluate Report & Monitor Approval External Benchmarking Survey Interviews Strategic Planning Workgroups & Assessments Prioritize & Categorize Risk Risk Assessments -Leadership Risk Assessments -Operating Objective Assessments Risk Follow-Up CERM MT ERM Dashboard - Heat Maps - Audit Risk & Control Matrix BOG Audit Committee NOW WHAT? Hundreds of potential risks identified Each person has their risk priorities This process is qualitative at best Where do you go from here? 9

RANKING RISKS Consequence Financial Reputational Legal/compliance Operational Short Term < 18 months Likelihood Long Term > 5 years Past experience Experience of others National Trends DETERMINE RISK APPETITE Risk appetite is the amount of risk on a broad level an entity is willing to accept in pursuit of value. Use quantitative or qualitative terms (e.g. earnings at risk vs. reputation risk), and consider risk tolerance (range of acceptable variation). 10

DETERMINE RISK APPETITE Key questions: What risks will the organization not accept? (e.g. environmental or quality compromises) What risks will the organization take on new initiatives? (e.g. new product lines) What risks will the organization accept for competing objectives? (e.g. gross profit vs. market share?) RISK EVALUATION 1. Primary Ownership within one department or work unit 2. Inter-departmental ownership occurs where risks cuts across multiple departments 3. Those dependent on strategic initiatives or strategic plan 11

IDENTIFY RISK RESPONSES Quantification of risk exposure Options available: - Accept = monitor - Avoid = eliminate (get out of situation) - Reduce = institute controls - Share = partner with someone (e.g. insurance) Residual risk (unmitigated risk e.g. shrinkage) VALIDATING RISKS AND RANKINGS Core Group Compliance Office Internal Audit Services Internal Control Activities Validate with CEO, CAO, CFO, CLO 12

PREPARE REPORTS Management Leadership Boards Heat Maps Lo Likelihood Hi MONITOR ACCEPT STRATEGIC CHOICES URGENT ACTIONS EVALUATE ALTERNATIVES Lo Significance Hi 13

Risk Control and Audit Matrix Risk Information Ownership / Oversight Coverage Ref # Specific Risk Rating Risk Owner Operational Governance/ Committee Policy and/or Procedure Review Cycle Audit Plan or Compliance Plan Strategic Risks S-1 S-2 Financial F-5 F-6 Operational O-8 O-9 Compliance/Legal C-11 C-12 Confidential 1 Risk Assessment: Prioritization and Responsibilities Priority Ranking Business Risk Senior Management Responsible BOD Committee 2 3 4 5 6 7 8 9 10 11 12 19 20 27 14

Mayo Clinic ERM COSO Considerations Internal Environment Leadership (MT, BOG & ACC) Commitment to Risk Management. Objective Setting External Benchmarking with Health Care Industry, Other Industry & External Experts. Information & Communication 1. ERM Heat Maps 2. ERM Risk, Control, & Audit Matrix Monitoring Monthly Management Team meetings to include risk assessment for each risk. Event Identification / Risk Assessment / Risk Response / Control Activities 1. Leadership Risk Assessments 2. Operating Objective Assessments Source : COSO Enterprise Risk Management Cube ERM Calendar Overview Q4 DEC Q1 Q2 Q3 Q4 JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC External Benchmarking Health Care Industry, Other Industry & External Experts Survey Distribute Risk Identification Survey Distribute Prioritization Survey Summarize Survey Results Interviews 20 Leadership Interviews 20 Leadership Interviews 20 Leadership Interviews 20 Leadership Interviews Strategic Planning Identify Key Strategic Risks Workgroups & Assessments Establish Standardized Process & Reporting Ongoing Reporting to Mayo Clinic Enterprise Risk Management Risk Assessments (Facilitated Dialogues) Monthly Management Team Meetings: Leadership Risk Assessments and Operating Objective Assessments (Strategic Planning) Approval / Board Communications Quarterly ERM Reporting to ACC Quarterly ERM Reporting to ACC Quarterly ERM Reporting to ACC Quarterly ERM Reporting to ACC 15

RISK PROCESS Identify Rank Prioritize Assign/Recognize Accountability Mitigation LIMITATIONS Decision making - responses Human failure simple errors Circumvention collusion Ability to override controls 16

17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information