Enterprise Risk Management in UNHCR



Similar documents
The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012

UN Board of Auditors recommendations (Report of the Board A/68/5/Add.5)

Fraud Risk Management

Policy : Enterprise Risk Management Policy

Policy. VBA Enterprise Risk Management. Governance Unit

In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including:

FINDING THE RISK IN RISK ASSESSMENTS NYSICA JULY 26, Presented by: Ken Shulman Internal Audit Director, New York State Insurance Fund

IFAD Policy on Enterprise Risk Management

Internal Audit Manual

Internal Audit Quality Assessment. Presented To: World Intellectual Property Organization

AUDIT REPORT. Services provided by the United Nations International Computing Centre to the UN Secretariat - Department of Field Support

ENTERPRISE RISK MANAGEMENT POLICY

Moving Forward with IT Governance and COBIT

Developing an Effective Enterprise Risk Management Program

Enterprise Risk Management & Information Technology

Matthew E. Breecher Breecher & Company PC November 12, 2008

Anti-money laundering and countering the financing of terrorism the Reserve Bank s supervisory approach

Introduction to TTC s Enterprise Risk Management (ERM) Program. TTC Audit and Risk Management Committee

fs viewpoint

Using COBiT For Sarbanes Oxley. Japan November 18 th 2006 Gary A Bannister

A tool for small-to-medium sized businesses. Anti-Money Laundering and Counter-Terrorism Financing Act 2006

Using Strategic Risk Management to Gain Assurance and Communicate More Effectively

Internal Oversight Division Internal Audit Manual

Infrastructure Ontario Enterprise Risk Management Program. National Executive Forum Yellowknife, NWT May 2013

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE

Work Plan for : Enhancing Audit Quality and Preparing for the Future. The IAASB s Work Plan for December 2014

E2E Project Management Process Governance (Electric Capital)

Integrated Risk Management Policy

AUDIT REPORT INTERNAL AUDIT DIVISION. UNHCR's relationship with implementing partners

Direct Line Insurance Group plc (the Company ) Board Risk Committee (the Committee ) Terms of Reference

REPORT 2016/047 INTERNAL AUDIT DIVISION. Audit of the operations in Egypt for the Office of the United Nations High Commissioner for Refugees

Agency Board Meeting 28 July 2015

Industry Services Quality Management System

AfDB New Procurement Policy: Training Program for the Bank s Procurement Staff. Risk-based design of Procurement Arrangements - Introduction

Core Fittings C-Core and CD-Core Fittings

Developing and Implementing a Fraud Risk Assessment. Josh Shilts CPA/CFF, CFE

Risk Management - Board & Management Responsibilities Murray Short, MBA, CPA CA Not-for-Profit Partner RLB LLP

The Companies Act The Social and Ethics Committee and the management of the Ethics Performance of the Company

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY

Core Infrastructure Risk Management Plan

Key Components of Enterprise Risk Management (ERM) Framework

Strategic Risk Management for School Board Trustees

Transnational Challenges and Approaches to Investigating Trafficking Offences. Ilias Chatzis, Chief, Human Trafficking and Migrant Smuggling Section

Office of Internal Audit and Investigations (OIAI) Report 2012/27. Report on an Audit of the Budgeting Process in UNICEF.

Enterprise Risk Management Program

Enterprise Risk Management: Taking the First Steps

Loan Review: A Critical Element of Effective Portfolio Risk Management

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Audit of Business Continuity Planning

CONTENTS PREFACE ACKNOWLEDGEMENT ACRONYMS INTRODUCTION 1. INTERNAL AUDIT FUNCTION FUNDAMENTALS

The Compliance and Ethics Essentials Toolkit

Security Management Systems (SEMS) for Air Transport Operators. Executive Summary

How To Write A Risk Management Policy For The University Of Kerry

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

Managing Conflicts of Interest. Michael Malone, Examination Manager, FINRA, Dallas District Office

COSO 2013: WHAT HAS CHANGED & STEPS TO TAKE TO ENSURE COMPLIANCE

Save the Children. Protecting Children in Zambia from Violence, Abuse, Neglect and Exploitation

Internal Audit Practice Guide

Compliance Risk Assessment and 3 rd Party Due Diligence & Monitoring

CFE 2. Enterprise Risk Management. Study Guide - Supplemental Background Material

Aberdeen City Council IT Governance

Understanding Enterprise Risk Management. Presented by Dorothy Gjerdrum Arthur J Gallagher

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

Aboriginal Affairs and Northern Development Canada. Internal Audit Report. Prepared by: Audit and Assurance Services Branch.

Independent Evaluation of NRC s Implementation of the Federal Information Security Modernization Act of 2014 for Fiscal Year 2015

Enterprise Risk Management

Saldanha Bay Municipality. Risk Management Strategy. Inclusive of, framework, procedures and methodology

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

Regulatory Solvency Assessment of Property/Casualty Insurance Companies in the United States

1. This bulletin, which contains the Charter of the Office of Internal Oversight Services (IOS) of

C o m m i t t e e o f S p o n s o r i n g O r g a n i z a t i o n s o f t h e T r e a d w a y C o m m i s s i o n

Fraud Prevention and Deterrence

The Lowitja Institute Risk Management Plan

Enterprise Risk Management: Concepts & Issues

Practice Guide ASSESSING ORGANIZATIONAL GOVERNANCE IN THE PUBLIC SECTOR

E Distribution: GENERAL POLICY ISSUES. Agenda item 4 WFP ANTI-FRAUD AND ANTI-CORRUPTION POLICY. For approval

Corporate risk register

Risk Based Internal Auditing & Enterprise Risk

INVESTIGATING AND PROSECUTING MONEY LAUNDERING

Quality Risk Management in Pharmaceutical Industry: A Review

Enterprise Risk Management Panel Discussion

TERMS OF REFERENCE. Online Training Programme Developer Records and Archives Section / Division of External Relations Copenhagen

How To Ensure That Non-Peoplesoft Applications Can Withstand Adverse Events

Applying Risk Assessment to Your Audit Plan Break-out Session T3, Tuesday, October 26 2:00-2:50pm

ELEMENTS OF FINANCIAL CRIMES INVESTIGATIONS

ELEMENTS OF FINANCIAL CRIMES INVESTIGATIONS

University of Windsor Board of Governors. That the Board of Governors approve of the Enterprise Risk Management Framework.

DRAFT: SunTrust Mortgage: Consent Order - Response. Version: 3.0 Date: December 6, 2011

Transcription:

Enterprise Risk Management in UNHCR Briefing for Members and Observers of the Executive Committee and the Standing Committee Mr. Arman Harutyunyan, Chief Risk Officer 7 May 2015

Towards Enterprise Risk Management (ERM) in UNHCR 2005-6: Risk profiling supported by PricewaterhouseCoopers 2007-8: Risk assessment by the internal audit 2011: External audit recommends ERM 2012-13: Internal conceptualization 2014-onwards: Formal adoption of ERM and implementation 2017: Scheduled policy review & revision as needed 2

Internal frameworks contributing to risk management Policy and procedures on anti-money laundering Policy for addressing resettlement fraud perpetrated by refugees Risk-based policies related to Implementing Partnerships High-level internal control framework with focus on financial management Security management policy Guidance on programme criticality Risk Management Strategic framework for the prevention of fraud and corruption 3

2012-13 Internal conceptualization UNHCR-specific approach to ERM developed Pilot risk assessments in the field HQ focus groups conduct preliminary risk assessments Initial development of detailed guidance and training material ISO 31000 adopted as the guiding framework Main roles and responsibilities outlined Implementation options considered Pilot risk assessments conducted in 4 field operations Assessment methodology reviewed and revised Implementation options tested Focus group generated a preliminary outline of risks Risk categories reviewed and revised Assessment methodology revisited Multi-functional project advisory group created Draft guidance and training material produced Supporting tools developed (templates and dashboards) 4

2014-onwards: Formal adoption and implementation Policy and administrative instructions issued ERM focal points trained ERM elearning for all staff launched First risk assessment completed in Q1/2015 Mandatory annual risk reviews to be held in Q4 Monitoring and treatment of high priority risks First risk assessment already covered over 85% of 2015 prioritized plans/budgets in the field. 5

ERM policy and administrative instructions Purpose, scope, rationale and main principles Risk management process Key roles and responsibilities Definitions (risk categories, risk attributes) Implementation instructions and procedures Organization-wide risk criteria/appetite Prescriptive risk treatments 6

Main roles and responsibilities Key roles Risk owners: the High Commissioner, Heads of HQ entities, Field Representatives Risk management focal points: key field and HQ staff Key activities Develop and maintain risk registers, annual review at the time of detailed planning Treat priority risks throughout programme implementation Monitoring and review ERM unit Support the risk management process throughout the organization Manage ERM rollout, provide training, facilitate risk assessments Maintain Corporate and Strategic risk registers Organization-wide monitoring, reporting and trend analysis Enterprise Risk Management and Oversight functions ERM will support planning of oversight activities (audits, inspections, others) Audit will provide assurance on effectiveness of risk management IAOC regularly reviews progress of ERM implementation 7

UNHCR Risk Registers (designed for internal use only) Risk info detailed description of a risk, including: Causes, risk event, consequences Impact level of impact on objectives, expressed as: Insignificant Minor Moderate Major Disastrous Likelihood likelihood of a risk to occur, expressed as: Very Low Low Medium High Very High Risk categories thematic grouping into three categories for analysis: Institutional; management and support; operations / implementation Risk treatment Corporate risk register: Field risks + HQ entity risks measures in place, measures needed to be put in place: Proactive treatments; reactive treatments Strategic risk register: Significant organization-wide risks 8

Thank you Q & A 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information