Introduction to Enterprise Risk Management at UVM DRAFT



Similar documents
IFAD Policy on Enterprise Risk Management

Understanding Enterprise Risk Management. Presented by Dorothy Gjerdrum Arthur J Gallagher

The New International Standard on the Practice of Risk Management A Comparison of ISO 31000:2009 and the COSO ERM Framework

IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Fraud Risk Management

Enterprise Risk Management: Taking the First Steps

UNITED NATIONS OFFICE FOR PROJECT SERVICES. ORGANIZATIONAL DIRECTIVE No. 33. UNOPS Strategic Risk Management Planning Framework

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY

Enterprise-Wide Risk Assessment

Matthew E. Breecher Breecher & Company PC November 12, 2008

RISK MANAGEMENT FRAMEWORK OKHAHLAMBA LOCAL MUNICIPALITYITY

Organizational Change Management: A Best Practice to Effective ERM Implementation

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Framework for Enterprise Risk Management

Beyond risk identification Evolving provider ERM programs

Guide to Risk Assessment & Response August 16, 2012

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012

University of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No June 2007

The Role of the Board in Enterprise Risk Management

ENTERPRISE RISK MANAGEMENT POLICY

Strategic Risk Management for School Board Trustees

Clarius Group Risk Management Policy and Framework

CSR / Sustainability Governance and Management Assessment By Coro Strandberg Principal, Strandberg Consulting

Enterprise Risk Management

IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

Enterprise Risk Management

University of Windsor Board of Governors. That the Board of Governors approve of the Enterprise Risk Management Framework.

International Diploma in Risk Management Syllabus

Key Considerations for Information Technology Governance. 900 Monroe NW Grand Rapids, MI (616)

Department of Veterans Affairs VA Directive VA Enterprise Risk Management (ERM)

Forget Chicken Little The Sky is Falling: Current Enterprise Risk Management Strategies for Product Recalls and Corporate Compliance Matters

How To Use Risk It

Confident in our Future, Risk Management Policy Statement and Strategy

Risk Management Policy Adopted by:

Enterprise Risk Management (ERM): In Action. January Co-presented by: Michael Yip, Marsh Risk Consulting Norma Essary, DFW International Airport

Enterprise Risk Management

Distributor Liability Contract Risk Management THOMAS DOUGLASS APRIL 15, 2015

Policy : Enterprise Risk Management Policy

Integrated Risk Management:

Policy and Procedure Statement

Enterprise Risk Management Framework Strengthening our commitment to risk management

Take the right steps 9 principles for building the Risk Intelligent Enterprise

Saldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology

Enterprise Risk Management

Governance and Risk Management in the Public Sector. Fernando A. Fernandez Inter-American Development Bank (202)

Enterprise Risk Management in Colleges and Universities

Sample risk committee charter

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation

Public Sector Pension Investment Board

Version Adoption by Council: 2013 Resolution Number: 2013/177 Current Version: V1.0 Administered by: Governance Coordinator

Risk Assessment & Enterprise Risk Management

SOL PLAATJE MUNICIPALITY ENTERPRISE RISK MANAGEMENT FRAMEWORK AND POLICY

Sample Enterprise Risk Management Work Plan Fiscal Years 20XX and 20YY Revised June Internal Environment / Objectives Setting

OAC Presentation to UNESCO Member States

Effective Enterprise Risk Management with ErmsCo ERM Foundation

Table of Contents PERFORMANCE REVIEWS STRATEGIC REVIEWS

POLICY. Number: Title: Enterprise Risk Management. Authorization

Avondale College Limited Enterprise Risk Management Framework

Infrastructure Ontario Enterprise Risk Management Program. National Executive Forum Yellowknife, NWT May 2013

Enterprise Risk Management Integrated Framework. Executive Summary

Enterprise Risk Management VCU Process

Standards for the Professional Practice of Internal Auditing

Consulting. PMOver Transforming the Program Management Office into a Results Management Office

LEVERAGING COSO ACROSS THE THREE LINES OF DEFENSE

Enterprise Risk Management, Compliance, Management Advisory Services: An Integrated Approach

Maryland Association of Boards of Education Insurance Programs

Developing a Corporate Governance Framework

Commonwealth Risk Management Policy

MEMORANDUM. Comments on the Updating of the LSC Risk Management Program

Attorney Perspectives: Enterprise Risk Management in a Time of Innovation

Regulatory Excellence Framework

RSA ARCHER OPERATIONAL RISK MANAGEMENT

FY 2015 Year in Review Internal Audit Division

ORGANISING COMMITTEE POLICY AND GOVERNANCE FOR RISKS TO REPUTATION

Enterprise Risk Management Plan FY December 2014

Analytics Strategy Information Architecture Data Management Analytics Value and Governance Realization

Aligning Compliance Program Priorities with Business Objectives

How ERM programs evolve

Risk Management Policy and Framework

Risk Management Policy

Enterprise Risk Management: Concepts & Issues

The Integration of Strategic Planning and Portfolio Management

SAMPLE JOB DESCRIPTIONS

Risk health check When is yours?

Accreditation Application Forms

How To Transform It Risk Management

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

Internal Audit and Advisory Services DRAFT

RIMS Risk Management Models. Traditional Risk Management Progressive Risk Management Strategic Risk Management

COMMITTEE JOB DESCRIPTIONS

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE

P3M3 Portfolio Management Self-Assessment

RISK MANAGEMENT POLICY

Office of the Chief Information Officer

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

Export Development Canada

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

Transcription:

Introduction to Enterprise Management at UVM 1

Enterprise What is Enterprise Management? Enterprise risk management is a structured, consistent, and continuous process across the whole organization for identifying, assessing, deciding on responses to, and reporting on opportunities and threats that affect the achievement of its objectives. Institute of Internal Auditors A tool to enhance management decision making, corporate governance, and accountability Facilitates effective management of the uncertainty and associated risks and opportunities facing an organization Helps an organization get to where it wants to go, and avoid pitfalls and surprises along the way (COSO) A systematic approach to a historically intuitive exercise (Klein, Mandl, and Sencer)

Management: A Broad Approach to Enterprise 1. All organizations exist to achieve their objectives 2. Many internal and external factors affect those objectives, causing uncertainty about whether the organization will achieve them 3. The effect this uncertainty has on an organization s objectives is risk

How ERM Differs from Traditional Management ERM takes an enterprise wide approach considers the potential impact of all types of risks on all processes, activities, stakeholders, products and services ERM looks at both upside risk (opportunities) and downside risk (potential losses or damage) ERM assesses risk and opportunity in the context of strategic objectives ERM enhances existing strategic planning and budgeting processes it s not a standalone process Hazard Financial Enterprise Management The purview of traditional Management Operational Human Capital Strategic Compliance ERM engages risk owners or subject matter experts to address and manage risks, with consulting and support 4

Benefits of ERM Supports the achievement of strategic objectives Enhances institutional decision making Creates a risk aware culture across the organization Reduces operational surprises and losses Prepares the organization to act on acceptable opportunities Assures greater business continuity Improves deployment of capital by aligning risk and resources with strategic objectives Bridges departmental silos; develops a center of excellence for managing risk; and draws on the expertise of highly skilled individual managers

Relationship Among Strategy,, and Budget 1 Where do we want to go? UNIVERSITY OF VERMONT Strategic Plan 2009 2013: Sustaining the Advance STRATEGIC OBJECTIVES 2 How do we get there? Project 2 STRATEGIC INITIATIVES Project 1 Project 3 4 How should we best allocate our resources? xxxxx xxx xxxxxxxx xxx 3 What uncertainties could help or hinder us? xxx xxx xxxxxxxx xxx BUDGET xxx xxx xxxxxxxx xxx xxxxx xxx xxxxxxxx xxx RISKS & OPPORTUNITIES xxxxx xxx xxxxxxxx xxx

Why is UVM Implementing ERM? Enterprise Deloitte & Touche external audit identified weaknesses in our internal control environment Follow up external audit by PwC endorsed the proposed ERM initiative and noted it as leading practice Emerging best practice in higher education and private sector Bond rating agencies now look for ERM when rating non financial organizations UVM Board of Trustees supports taking an enterprise level view of risk Managing risk supports strategic goals, lessens uncertainty, and helps maintain competitive advantage Example: economic downturn and resulting financial challenges

ERM Best Practices Best practices for ERM are still emerging, as ERM is relatively new, especially in higher education Obtain commitment, full engagement, and support of senior management and governing board set the tone at the top Tailor the ERM program to best meet the institution s unique needs and environment, using a best practice model as a framework Articulate the institution s approach to risk Establish a common institutional language for talking about risk Use cross functional groups to create buy in, awareness, and engagement, and to provide the broad perspective necessary for effective risk identification and assessment Integrate ERM into existing processes don t make it a separate layer or an add on Build a risk aware culture to increase awareness and consideration of risk in decisionmaking throughout the organization Integrate and retain the knowledge of specialist silos while taking an enterprise view Enhance internal controls around the areas of highest risk

What Should an ERM Program Consist of? Principles Framework Management Process Provide the foundation and describe the qualities of effective risk management in an organization Manages the overall process and its full integration into the organization Focuses on individual or groups of risks, their identification, analysis, evaluation, and response response Context identification analysis evaluation Monitoring, review, continual improvement, and communication occur throughout

UVM s ERM Framework ERM Context ERM Process Institutional Strategy University mission and vision University strategic plan External and internal context Institutional Governance Commitment, engagement, and sponsorship Roles and responsibilities Program oversight and management decisions ERM Culture ERM program goals and objectives ERM guiding principles UVM risk philosophy UVM risk tolerance awareness ownership Common language ERM policy and procedures assessment identification analysis evaluation response Communication, coordination & consultation Change management Education & training Monitoring & reporting Continuous improvement E N A B L I N G A C T I V I T I E S 10

ERM Program Purpose & Goals Enterprise The purpose of UVM s ERM program is to enhance the University s ability to achieve its mission, vision, and strategic objectives and strengthen its competitive position by fostering an institution wide culture of risk and opportunity awareness and by providing a structured, consistent, and continuous process for the early and proactive identification and reporting of material risks and opportunities to senior management and trustees. In support of this overall purpose, UVM has established the following goals and objectives for ERM: 1. Create a culture of risk awareness where all employees understand and consider risk in decision making. [Supporting objectives intentionally omitted] 2. Reduce operational surprises and losses. 3. Increase capacity to identify and seize opportunities by facilitating greater transparency and openness regarding risk. 4. Enhance institutional decision making by providing senior management and trustees with timely and robust information that improves their understanding of enterprise level risks and opportunities. [Supporting objectives intentionally omitted] 5. Improve the efficiency and effectiveness of institutional risk management efforts. [Supporting objectives intentionally omitted] 11

The Management Process Assessment 1 Context 2 Identification 3 Analysis 4 Evaluation 5 Response Understand organizational objectives and the external and internal environment Find, recognize, and describe risks Write a risk statement that includes sources, events, causes and consequences Comprehend the nature of risk and determine the level of a risk Determine the risk s potential impact and likelihood Compare the results of risk analysis with risk criteria to determine whether the risk is acceptable. Prioritize risks. Modify the risk by mitigating, avoiding, transferring, or accepting the risk. 6 Monitoring & Reporting Continually check the status of a risk to identify change from the performance level required or expected. 7 Communication & Consultation Inform and engage in dialogue with stakeholders regarding the current state of risks and their management. 12

The Management Process at UVM Assessment 1 Context 2 Identification 3 Analysis 4 Evaluation 5 Response President, other senior UVM officials establish UVM Strategic Plan Deans, Vice Presidents, and other senior officials establish College, School, and Divisional plans Assurance Group ( Mgmt & Safety, Compliance & Privacy, Internal Audit, VPFA, General Counsel) Senior UVM officials Preliminary risk inventory Responsible Officials and designated participants, facilitated by ERMAC Co Chairs ERM Advisory Committee President s Advisory Committee on ERM President s Sr. Leadership and Deans Council President register portfolio Responsible Officials develop plan PAC ERM reviews plans President approves plans Responsible Officials implement plans response plans & budgets 6 Monitoring & Reporting Responsible Officials and Assurance Group monitor status of risk and risk response 7 Communication & Consultation Quarterly ERM status reports and regular Compliance and Internal Audit reports to BoT Audit Committee ERM annual report including risk portfolio, heat map, and status of priority risks to Audit Committee and Committee of the Whole 13

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information