Enterprise Risk Management Program Development Update. Finance & Audit Committee Meeting September 25, 2015
|
|
- Augustus Robbins
- 6 years ago
- Views:
Transcription
1 Enterprise Risk Management Program Development Update Finance & Audit Committee Meeting September 25, 2015
2 Enterprise Risk Management Presentation Topics Enterprise Risk Management ( ERM ) Overview Lead Roles - LIPA/PSEG-LI ERM Process Status of the 2015 ERM Cycle Summary of Results of the 2015 ERM Cycle Key Risks Comparison to Others in Utility Sector Internal Audit/Review ERM Cycle Areas of Improvement - Next Steps Finance & Audit ( F&A ) Committee Next Steps 2
3 ERM Overview ERM Overview Enterprise Risk Management ( ERM ) increases risk awareness, ensures the appropriate management of risks, and provides transparency. Encourages a comprehensive perspective of risks by assessing existing risk and mitigation efforts at both LIPA and PSEG-LI. Aligns Management s efforts to prevent risk events from occurring or mitigating risk events when they are unavoidable or outside LIPA s control. Formally identifies a Key Risk Owner for each high risk area. Key Risk Owner responsibilities include: Monitoring of mitigation efforts impacting their risks Reporting on risks and mitigation efforts on a regular basis Fulfills key recommendations from the Northstar Operations Audit Report (Chapter 7 Enterprise Risk Management and Strategic Planning ) dated September 13,
4 Lead Roles - LIPA/PSEG-LI ERM Process ERMC T. Falcone (Chairman), B. Chu, C. Horowitz, K. Kane, J. Little, M. Simione; and J. Bell (legal advisor to ERMC) Adopt ERM Procedures Manual, update as needed Review and approve ERM Program Timeline (Appendix Pg. 19) Determine the ERA working group Interview: F&A Committee members, LIPA & PSEG-LI Officers, Directors and Managers Determine appropriate owners for each Key Risk/Key Risk Category Approve appropriateness of risk mitigation: Completeness of documentation articulating risk mitigating activities/processes Determine tolerance or comfort with existing amount / level of risk mitigation Ensure ERM process is compliant with Board approved Policy Work with Internal Audit Department, conduct assessment of overall effectiveness of ERM program, and identify areas for enhancement 4
5 Lead Roles - LIPA/PSEG-LI ERM Process Director of Risk Management C. Horowitz Initiate and lead ERA effort Consolidate ERA results, mapping of ERA to Risk Framework * Develop and lead Risk Prioritization process to rank Risks Catalog Key Risk Mitigation Activities assigned by Risk Owners Review Risk Mitigation Activities with Risk Owners and address potential concerns Continuously monitor risk, including regular touch points with Risk Owners Provide ERMC with regular Risk Mitigation status updates Draft and present regular updates for the F&A Committee (no less than annually) *Identifies list of Environment Risks, Process Risks and Information for Decision-Making Risks - approximately 85 Risk components (Appendix Pg. 18) 5
6 Status of the 2015 ERM Cycle Protiviti retained by LIPA to assist with: Development of LIPA ERM Framework [Completed] Board Policy [Approved August 6 th, 2015] Delegates responsibilities to LIPA s ERMC and Staff Facilitate initial LIPA/PSEG-LI ERM Cycle [Completed] Enterprise-wide Risk Assessment ( ERA ) activities Risk Mitigation Worksheets ( RMW ) Draft LIPA s internal Policies, Procedures and Controls Manual for ERM [Near Completion] Details ERA and ERM Process ERM Process Timeline Monitoring Process [In Development] 6
7 Summary of Results of the 2015 ERM Cycle Following the 2015 ERA, LIPA identified the following Key Risk Categories to the organization, which will be monitored continuously: Rate Case and Success of Financial Policy Outsource & Partnership Relationship Concerns Cyber Security Personnel & Human Resources Concerns Understanding & Delivering on Customer Expectations and Needs External Influences & Interests NOTE: The above are potential risk events which are deemed to be key to monitor and take mitigating action on, and should not be interpreted as expected events, nor as events which have already occurred. 7
8 Summary of Results of the 2015 ERM Cycle Following the 2015 ERA, LIPA has identified the following Key Risk Categories to the organization: Outsource & Partnership Relationship Concerns Description: LIPA and its external service providers need to perform at best-in-class levels to deliver on LIPA's mission, goals & objectives, and improve customer perception of the Long Island electric utility. Risk Mitigation Activities: Maintain continuous oversight functions; participate in monthly PSEG-LI Scorecard Reporting meetings and PSEG-LI Monthly Management Board Review meetings; prepare audit universe as part of LIPA s 2016 oversight activities plan. Personnel & Human Resources Concerns Description: Success of LIPA, particularly in its OSA oversight role, requires attracting and retaining qualified staff. Risk Mitigation Activities: Create interim succession plan; implement utility industry training requirements and include as part of all employees 2016 performance evaluation goals; establish employee development program for continuous improvement; institute a competitive compensation program in 2016 to attract and retain qualified workforce. Understanding & Delivering on Customer Expectations and Needs Description: Customers desires for higher reliability and/or expanded distributed energy resources must align with the required infrastructure changes and costs. Improved emergency response an important customer requirement. Risk Mitigation Activities: LIPA and DPS annual review of the Emergency Response Plan (ERP) and contingencies; review of PSEG-LI reliability metrics, storm response and capital budgeting and capital development. 8
9 Summary of Results of the 2015 ERM Cycle Following the 2015 ERA, LIPA has identified the following Key Risk Categories to the organization: External Influences & Interests Description: Relationships with key stakeholders are important in order for the organization to efficiently conduct business. Risk Mitigation Activities: Oversight of PSEG-LI Public Relations programs; increase LIPA engagement with public stakeholders; implement focused Public Relations program and public hearings. Cyber Security Description: Properly secure key IT systems from outside attack or interference. Risk Mitigation Activities: Cyber security audit; NERC CIP-5 rule compliance of PSEG-LI control systems and data networks; User Access process technologies, and-lipa and PSEG-LI review of cyber security insurance products. Rate Case and Success of Financial Policy Description: Rate case includes LIPA s financial policy goals, which include improved credit ratings and achieving key financial ratios to reduce the cost of electric service for customers over time. Risk Mitigation Activities: Rate plan filing included sound financial plan; communication with financial community; improved access to financial and operating data. 9
10 Summary of Results of the 2015 ERM Cycle Following the 2015 ERA, PSEG-LI has identified the following Key Risk Categories to focus on, which will be monitored continuously by both organizations: Outcome of the Rate Case Managing the Utility in Compliance with the OSA Cyber Security Personnel & Human Resources Concerns Understanding & Delivering on Customer Expectations and Needs Regulations, External Influences & Interests NOTE: The above are potential risk events which are deemed to be key to monitor and take mitigating action on, and should not be interpreted as expected events, nor as events which have already occurred. 10
11 Summary of Results of the 2015 ERM Cycle Following the 2015 ERA, PSEG-LI has identified the following Key Risk Categories: Managing the Utility in Compliance with the OSA Description: The OSA must fairly and completely measure PSEG-LI s performance. OSA metrics and goals may not remain relevant throughout contract term. Risk Mitigation Activities: On-going monitoring of performance metrics to ensure compliance with the OSA; periodic review of metrics to assure relevance. Personnel & Human Resources Concerns Description: Success of organization requires ability to attract and retain qualified driven staff. Risk Mitigation Activities: Leadership Risk Management; employee training and development; employment branding. Understanding & Delivering on Customer Expectations and Needs Description: Customer s desires for improved reliability and increased renewable energy technologies must align with the required infrastructure changes and costs. Improved emergency response an important customer requirement. Risk Mitigation Activities: Customer communication; customer satisfaction initiatives; review of the monthly Scorecard Report and key operating metrics. 11
12 Summary of Results of the 2015 ERM Cycle Following the 2015 ERA, PSEG-LI has identified the following Key Risk Categories: Regulations, External Influences & Interests Description: Relationships with all key stakeholders are important in order for the organization to efficiently conduct business. Risk Mitigation Activities: Strategic staffing; increase engagement with planning committees for project development; focused Public Relations program geared towards community outreach. Cyber Security Description: Key IT systems may be susceptible to outside attack or interference. Systems may include business systems with non-public information or operations systems that would interfere with substations, power generation or T&D infrastructure. Risk Mitigation Activities: Compliance with NERC Cybersecurity Standards; User Access processes and technology. Outcome of the Rate Case Description: The rate case may affect PSEG-LI s ability to achieve its goals required under the OSA and LIPA Reform Act. Risk Mitigation Activities: Daily rate case calls and activities; monthly Management Review Board meetings, monthly Scorecard Report meetings; 2016 O&M budget submittal. 12
13 Key Risks Comparison to Others in Utility Sector Executive Perspectives on Top Risks for 2015 * Key Issues Being Discussed in the Boardroom and C-Suite Energy and Utilities Regulatory changes and heightened regulatory scrutiny Economic conditions in markets we currently serve Cybersecurity threats Resistance to change Succession challenges and ability to attract and retain top talent LIPA has identified many of these risks for 2015 * Research Conducted by North Carolina State University s ERM Initiative and Protiviti 13
14 Internal Audit s Role: Internal Audit/Review Assess the appropriateness of the ERM Program Policies, Procedures and Controls Manual established by the ERMC Determine the effectiveness of the processes used by LIPA and PSEG-LI to identify Key Risks and Emerging Risks Perform an appraisal of the ERM processes in place at LIPA and PSEG-LI to measure, monitor, manage and mitigate Key Risks Report observations to the F&A Committee no less than annually 14
15 ERM Cycle Areas of Improvement - Next Steps Next Steps for ERM Process Improvement: Continue documenting existing Risk Mitigation efforts taken by LIPA and PSEG-LI Develop greater participation and communications across entire staff at LIPA and PSEG-LI throughout ERM process Implement continuous Risk Management-Risk Owner feedback mechanism: Has Key Risk occurred? If so, was Mitigation Activity effective to minimize impact within desired risk tolerance Is there any new Emerging Risks that require ERMC or Senior Management s immediate attention? Reach out to other Municipal entities to gain insights into other ERM programs Benchmark LIPA s ERM Program Monitoring and Reporting Move from manual process to automated process by implementing ERM monitoring software Review reporting documentation needs and frequency across various levels of management up to and including the Board 15
16 Finance & Audit Committee - Next Steps Next Steps for F&A Committee ERM Review: LIPA Staff to reflect 2015 ERM cycle results in 2016 Goals and Operating Budgets LIPA Staff to continually monitor Key Risks and/or Emerging Risks and periodically report back to the F&A Committee Internal Audit will schedule a review of the ERM process and report observations to the F&A Committee ERMC to meet with the F&A Committee during the 1 st Quarter of 2016 prior to the kick-off of the 2016 ERM cycle 16
17 Appendix Appendix 17
18 ERM Risk Framework Customer Wants Technological Innovation Stakeholder Expectations Capital Availability Legal Environment Regulatory Environment Financial Markets Catastrophic Loss Asset Location/ Community Concerns External Influence & Interests FINANCIAL Price Interest Rate Commodity Basis Volatility Liquidity Cash Flow Concentration Commodity Volatility Credit Default Concentration Settlement Rating Customer Satisfaction Human Resources Knowledge Capital Efficiency Capacity Partnering EMPOWERMENT Leadership Authority/Limit Outsourcing Performance Incentives Change Readiness Communications INFORMATION TECHNOLOGY Integrity Access Availability Infrastructure Cyber Security OPERATIONS Performance Gap Cycle Time Supply Chain Physical Asset Reliability Rate Case GOVERNANCE Organizational Culture Ethical Behavior Board Effectiveness Succession Planning Compliance REPUTATION Image and Branding Stakeholder Relations INTEGRITY Management Fraud Employee Fraud Third-Party Fraud Illegal Acts Unauthorized Use Compliance Business Interruption Service Failure Environmental Health and Safety Transition STRATEGIC Environmental Scan Business Model Regulator Model Business Portfolio Organizational Structure Measurement (Strategic) Resource Allocation Planning Life Cycle PUBLIC REPORTING Financial Reporting Evaluation Internal Control Evaluation Executive Certification Pension Fund Regulatory Reporting OPERATIONAL Budgets and Planning Service Pricing Contract Commitment Measurement (Operations) Alignment Accounting Information 18
19 ERM Program Timeline ERM Activity: Review / Revise Risk Framework Responsible Party: ERMC January February March April May June July August September October November December Kick-off annual ERM effort at first F&A Committee Meeting; Summarize Prior Year Results Risk Owners to Complete Questionnaire; Follow-up Meetings (as needed) DRM; F&A Committee Management; DRM Risk Consolidation / Mapping ERMC Develop Risk Prioritization Meeting Presentation(s) DRM Risk Prioritization Voting Session(s) Management; DRM Analyze Prioritization; Identify Key Risks / Categories Identify Risk Owners; Prepare Risk Mitigation Worksheets Risk Owners to Document Existing Risk Mitigation Processes Assess Existing Mitigation Efforts; Identify Gap Remediation Identify Budgetary Requirements for New Risk Mitigation, and include in budget for next year Present ERA Results to F&A Committee Continued Monitoring of Risk Mitigation from Prior Year ERM Implementation of New Risk Mitigation (If no budget required; e.g., process improvement) Implementation of New Risk Mitigation (If incremental budget required) Routine Review of Risk Mitigation; Internal Audit Review of Key Processes Present Update on Risk Mitigation and Monitoring to F&A Committee Routine Communication between Risk Owners, ERMC, others ERMC Management; ERMC Risk Owners ERMC; Risk Owners Risk Owners DRM; F&A Committee DRM; Risk Owners DRM; Risk Owners DRM; Risk Owners ERMC; Risk Owners; IA DRM; F&A Committee DRM, Risk Owners 19
20 Newly Developed ERM Policy Core Provisions of the Enterprise Risk Management Policy: Mandates an annual effort to identify significant risks to achieving the mission, goals and objectives of the Authority, including those which are: Known to already exist Emerging risks which may be faced in the future Risks which affect LIPA s service provider s performance and fulfilment of contractual obligations Incorporates a process for documenting existing risk mitigation for the most significant risks, and identifying if additional risk mitigation activities should be developed New risk mitigation development will be tied to the Authority s existing budget development process, so that if any additional risk mitigation is required, it can be appropriately budgeted and provided for The most significant risks, and their corresponding mitigation efforts shall be continuously monitored (year-round) for effectiveness of mitigation and to identify any changes to known risks Policy requires regular reports on risk and risk mitigation to the F&A Committee 20
21 Risk Mitigation Monitoring Dashboard [ In Development ] Category # Risk Category Outsource & Partnership Relationship Concerns Personnel & Human Resources Concerns Understanding & Delivering on Customer Expectations and Needs External Influences & Interests Total # of Risk Mitigation Tasks Tasks Deemed to be Sufficiently Mitigating Risk Mitigation Task with Room for Improvement Task not Yet Assessed Cyber Security Rate Case and Success of Financial Policy Risk Mitigation Monitoring LIPA TOTALS
Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010
Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationEnterprise Risk Management
Compliance, Audit, Risk Management and Legal Affairs Committee Enterprise Risk Management Higher Education Scorecards, Performance Based Metrics, and Faculty Compensation Alan D. Phillips Vice President
More informationCompliance Monitoring and Enforcement Program Implementation Plan. Version 1.7
Compliance Monitoring and Enforcement Program Table of Contents TABLE OF CONTENTS NERC Compliance Monitoring and Enforcement Program... 1 Introduction... 2 NERC Compliance Monitoring and Enforcement Program
More informationKING III COMPLIANCE ANALYSIS
Principle element No Application method or explanation This document has been prepared in terms of the JSE Listings Requirements and sets out the application of the 75 Principles of the King III Report
More informationERM: Risk Maps and Registers. Performing an ISO Risk Assessment
ERM: Risk Maps and Registers Performing an ISO 31000 Risk Assessment Agenda Following a Standard? Framework First Performing a Risk Assessment Assigning Risk Ownership Data Management Questions? Following
More informationInternal Audit Challenges & Opportunities Speaker: Laurie Shen, Director, Grant Thornton LLP
Internal Audit Challenges & Opportunities Speaker: Laurie Shen, Director, Grant Thornton LLP March 28, 2012-1 - Speaker Introduction Laurie Shen is a Director at Grant Thornton's Northeast Internal Audit
More informationDECISION 10/2014/GB OF THE GOVERNING BOARD OF THE EUROPEAN POLICE COLLEGE ADOPTING THE EUROPEAN POLICE COLLEGE S INTERNAL CONTROL STANDARDS AND
DECISION 10/2014/GB OF THE GOVERNING BOARD OF THE EUROPEAN POLICE COLLEGE ADOPTING THE EUROPEAN POLICE COLLEGE S INTERNAL CONTROL STANDARDS AND AMENDING THE DECISION 08/2011/GB Adopted by the Governing
More informationA Vision of an ISO Compliant Company by Bruce Hawkins, MRG, Inc.
A Vision of an ISO 55000 Compliant Company by Bruce Hawkins, MRG, Inc. ISO 55000 refers to a series of three standards outlining the purpose, requirements, and implementation guidance for an Asset Management
More informationFigure 1: COSO Enterprise Risk Management Cube
Figure 1: COSO Enterprise Risk Management Cube Source: Committee of Sponsoring Organizations (COSO), "Enterprise Risk Management- Integrated Framework: Executive Summary" 5. As shown in the COSO ERM cube,
More informationInternal Oversight Division. Internal Audit Strategy
Internal Oversight Division Internal Audit Strategy 2018-2020 Date: January 24, 2018 page 2 TABLE OF CONTENTS LIST OF ACRONYMS 3 1. BACKGROUND 4 2. PURPOSE 4 3. WIPO STRATEGIC REALIGNMENT PROGRAM 5 (A)
More informationSession 7: Corporate Governance
Session 7: Corporate Governance New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
More informationInternal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation
2015 State of the Internal Audit Profession Study Internal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation 68% of companies have gone through or
More informationGuidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Audit Committee March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note )
More informationWELLS FARGO & COMPANY CORPORATE GOVERNANCE GUIDELINES
WELLS FARGO & COMPANY CORPORATE GOVERNANCE GUIDELINES The Board of Directors (the Board ) of Wells Fargo & Company (the Company ), based on the recommendation of its Governance and Nominating Committee,
More informationFinal Audit Report. Follow-up Audit of Emergency Preparedness and Response. March Canada
Final Audit Report Follow-up Audit of Emergency Preparedness and Response March 2013 Canada Table of Contents Executive summary... i A - Introduction... 1 1. Background... 1 2. Audit objective... 1 3.
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More information1. Definition & Mission
1. Definition & Mission 1.1 Internal Auditing is an independent, objective assurance and consulting activity that is guided by a philosophy of adding value to improve the operations of. 1.2 Group Internal
More informationGUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))
GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2)) Operational Risk Management MARCH 2017 STATUS OF GUIDANCE The Isle of Man Financial Services Authority ( the Authority ) issues guidance for
More informationCSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting
Introduction CSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting www.corostrandberg.com November 2015 Companies which adopt CSR or sustainability
More informationIPO Readiness. Sarbanes-Oxley Compliance & Other Considerations. Presented by:
IPO Readiness Sarbanes-Oxley Compliance & Other Considerations Presented by: IPO Readiness Enhanced Financial / Legal compliance SEC / Stock Exchange Compliance Entity Structure / Registration Filing Requirements
More informationCHARTER OF THE AUDIT COMMITTEE NATIONWIDE MUTUAL INSURANCE COMPANY NATIONWIDE MUTUAL FIRE INSURANCE COMPANY NATIONWIDE CORPORATION
CHARTER OF THE AUDIT COMMITTEE NATIONWIDE MUTUAL INSURANCE COMPANY NATIONWIDE MUTUAL FIRE INSURANCE COMPANY NATIONWIDE CORPORATION ESTABLISHMENT The Audit Committees are committees of the Board of Directors
More informationGovernance Guideline SEPTEMBER 2013 BC CREDIT UNIONS.
Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS www.fic.gov.bc.ca INTRODUCTION The Financial Institutions Commission 1 (FICOM) holds the Board of Directors 2 (board) accountable for the stewardship
More informationRisk Management Strategy
Risk Management Strategy 2017-2019 Created by: Role Name Title Author / Editor Kevin McMahon Head of Risk Management & Resilience Lead Executive Margo McGurk Director of Finance & Performance Approved
More informationA Practical Approach to Enterprise Risk Management
A Practical Approach to Enterprise Risk Management Presented by: Amit Govil Managing Partner, P&G Associates John McIsaac President, McIsaac Risk Solutions Today s Agenda I. Defining ERM II. Implementation
More informationEthical leadership and corporate citizenship. Applied. Applied. Applied. Company s ethics are managed effectively.
CORPORATE GOVERNANCE- KING III COMPLIANCE Analysis of the application as at 24 June 2015 by Master Drilling Group Limited (the Company) of the 75 corporate governance principles as recommended by the King
More informationEnterprise Risk Management: Aligning Risk with Strategy & Performance June 26, :45 p.m. 4:45 p.m.
Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, 2017 3:45 p.m. 4:45 p.m. Presented by: Marc Winkler Director P&G Associates 646 Highway 18 East Brunswick, NJ 08816 P: 877-651-1700
More informationCORPORATE GOVERNANCE GUIDELINES
CORPORATE GOVERNANCE GUIDELINES The Board of Directors (the Board ) of Gildan Activewear Inc. ( Gildan or the Company ) considers strong and transparent corporate governance practices to be an important
More informationUsing a Compliance Program Assessment to Elevate Institutional Compliance Effectiveness
Using a Compliance Program Assessment to Elevate Institutional Compliance Effectiveness Kevin Robinson Associate Vice President, Office of Audit, Compliance & Privacy Auburn University Michael Somich Executive
More informationCERTIFICATIONS IN HUMAN RESOURCES. SPHRi TM Senior Professional in Human Resources - International TM SPHRi. Exam Content Outline
CERTIFICATIONS IN HUMAN RESOURCES SPHRi TM Senior Professional in Human Resources - International TM 2018 SPHRi Exam Content Outline SPHRi Exam Content Outline At-a-Glance: SPHRi Exam Weighting by Functional
More informationINFORMATION SERVICES FY 2018 FY 2020
INFORMATION SERVICES FY 2018 FY 2020 3-Year Strategic Plan Technology Roadmap Page 0 of 14 Table of Contents Strategic Plan Executive Summary... 2 Mission, Vision & Values... 3 Strategic Planning Process...
More informationTOYOTA FINANCIAL SERVICES (SOUTH AFRICA) LIMITED
FOR THE YEAR ENDED 31 MARCH 2016 KING III - PRINCIPLES TOYOTA FINANCIAL SERVICES (SOUTH AFRICA) LIMITED (TFSSA) To be read in conjunction with the 2016 Integrated Report Toyota Financial Services (South
More informationKPMG s Audit Committee Institute
New Zealand Analysis: 2015 Global Audit Committee Survey KPMG s Audit Committee Institute kpmg.com/nz What Our 2015 Survey Tells Us Introduction Short of a crisis, the issues on the audit committee s radar
More informationPractice Guide. Developing the Internal Audit Strategic Plan
Practice Guide Developing the Internal Audit Strategic Plan JUly 2012 Table of Contents Executive Summary... 1 Introduction... 2 Strategic Plan Definition and Development... 2 Review of Strategic Plan...
More informationRSA Archer Compliance Management 5.2 Webcast
RSA Archer Compliance Management 5.2 Webcast Marshall Toburen egrc Risk Solutions Manager RSA Archer 1 Agenda Introductory Comments 5.2 Enhancements Overview RSA Archer approach to Compliance Management
More informationQuality Assessments what you need to know
Quality Assessments what you need to know Patty Miller, Partner Deloitte & Touche LLP Cavell Alexander, VP-Internal Audit Intermountain Healthcare Overview of requirements Scope of assessment Approaches
More informationAdvisory Services Governance, Risk & Compliance
Advisory Services Governance, Risk & Compliance Caribbean Association of Audit Committee Members Inc. 2010 Conference Caretakers of Integrity and Accountability: The Role of Internal Audit in Corporate
More informationExtended Enterprise Risk Management
Extended Enterprise Risk Management Driving performance through the extended enterprise October 2015 A network within a network The Extended Enterprise is the concept that an organization does not operate
More information2014 BOARD OF DIRECTORS SELF-ASSESSMENT MIDCONTINENT INDEPENDENT SYSTEM OPERATOR, INC.
2014 BOARD OF DIRECTORS SELF-ASSESSMENT MIDCONTINENT INDEPENDENT SYSTEM OPERATOR, INC. In order to assess the performance of the MISO Board of Directors in carrying out its responsibilities, the Board
More informationPortfolio Management Professional (PfMP)
Portfolio Management Professional (PfMP) E X A M I N AT I O N CO N T E N T O U T L I N E Project Management Institute Portfolio Management Professional (PfMP) Examination Content Outline Published by:
More informationDIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015
DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015 DIRECTOR TRAINING AND QUALIFICATIONS SAMPLE SELF-ASSESSMENT TOOL INTRODUCTION The purpose of this tool is to help determine
More informationLeiningerCPA, Ltd. RISK MANAGEMENT POLICY STATEMENT
LeiningerCPA, Ltd. RISK MANAGEMENT POLICY STATEMENT This policy provides an overview of the bank s risk management process and defines the broad responsibilities for overseeing corporate governance and
More informationCEO Performance Planning and Review Process
DRAFT 01 Feb 2017 CEO Performance Planning and Review Process A good leader is not the person who does things right, but the person who finds the right things to do. Anthony T. Padovano, theologian and
More informationKING III CHECKLIST. We do it better
KING III CHECKLIST 2016 We do it better 1 KING III CHECKLIST African Rainbow Minerals Limited (ARM or the Company) supports the principles and practices set out in the King Report on Governance for South
More informationInternational Finance Corporation
International Finance Corporation Corporate Governance and Internal Audit Overview Bob Lamm Independent Senior Advisor Center for Corporate Governance Deloitte LLP Neil White Global IA Analytics Leader
More informationSecurity Operations Manual
2018-01-01 Security Operations Manual 1 INTRODUCTION 2 2 CONTEXT 2 3 RISK 3 4 SCOPE 3 5 REFERENCES 4 6 SECURITY OPERATIONS MANAGEMENT SYSTEM 4 7 MANAGEMENT RESPONSIBILITIES 5 7.1 Security policy 6 8 RESOURCE
More informationAudit of the Management of Projects within Employment and Social Development Canada
Unclassified Internal Audit Services Branch Audit of the Management of Projects within Employment and Social Development Canada February 2014 SP-607-03-14E Internal Audit Services Branch (IASB) You can
More informationEXECUTIVE COMPENSATION
LOS ANGELES COUNTY EMPLOYEES RETIREMENT ASSOCIATION EXECUTIVE COMPENSATION POLICY AND PROGRAM EFFECTIVE JANUARY 15, 2009 LA.CERA LOS ANGELES COUNTY EMPLOYEES RETIREMENT ASSOCIATION EXECUTIVE COMPENSATION
More informationAsset management Overview, principles and terminology
ISO 2012 All rights reserved ISO/PC 251/N183 Date: 2012-02-26 ISO/CD 55000.2 ISO/TC 251/WG 1 Secretariat: BSI Asset management Overview, principles and terminology Gestion d'actifs Vue d'ensemble, les
More informationFraming the future of corporate governance Deloitte Governance Framework. Center for Board Effectiveness
Framing the future of corporate governance Deloitte Governance Framework Center for Board Effectiveness For those interested in the topic of corporate governance, these are dynamic times. The events of
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which
More informationThe Future of Internal Auditing:
Internal Audit The Future of Internal Auditing: Changing Internal Audit s Value Proposition October 12, 2010 Istanbul, Turkey Presented by: Naman Parekh Partner, Agenda Background of the 2012 Study Key
More informationEnhancing Governance Through Internal Audit Activities
Enhancing Governance Through Internal Audit Activities Kaveh Rikhtegar, CPA, CA, CISA, CIA Director of Internal Audit Canadian Commercial Corporation Key Points Understanding your audience and the Governance
More informationENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS. Dan Julevich and Chris Dawes April 17, 2015
ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS Dan Julevich and Chris Dawes April 17, 2015 Agenda ERM What, Why, How? ERM Keys to Success Fail, Survive, or Thrive? ERM Current State Overview ERM Leading
More informationRole of Operational Risk in the Product Lifecycle Presented By: Chris Nestore, SVP Head of Operational Risk Management, TD Bank
Role of Operational Risk in the Product Lifecycle Presented By: Chris Nestore, SVP Head of Operational Risk Management, TD Bank Product Governance Overview Regulatory agencies have increased interest and
More informationMISSION STATEMENT. Board Mission Statement and Charter February DTCC Public (White)
THE BOARD OF DIRECTORS OF THE DEPOSITORY TRUST & CLEARING CORPORATION THE DEPOSITORY TRUST COMPANY FIXED INCOME CLEARING CORPORATION AND NATIONAL SECURITIES CLEARING CORPORATION MISSION STATEMENT The Boards
More informationExternal Quality Assurance Review of the Office of the Auditor General Proposed Statement of Work for the Audit Sub- Committee.
External Quality Assurance Review of the Office of the Auditor General Proposed Statement of Work for the Audit Sub- Committee Proposed Statement of Work City of Ottawa May 17, 2011 Submitted by: PricewaterhouseCoopers
More informationKing lll Principle Comments on application in 2013 Reference in 2013 Integrated Report
Application of King III Principles 2013 This document has been prepared in terms of the JSE Listings Requirements and sets out the application of King III principles by the Clicks Group. The following
More informationStrengthening Your Enterprise Risk Management Process
Strengthening Your Enterprise Risk Management Process Belinda Mumma, Senior Consultant, Enterprise Risk Management Services bmumma@sollievo.com (866) 605-5664 x3400 Discussion Topics Definition of Enterprise
More informationUNIVERSITY OF COLORADO DEPARTMENT OF INTERNAL AUDIT 2018 AUDIT PLAN As of June 1, 2017
UNIVERSITY OF COLORADO DEPARTMENT OF INTERNAL AUDIT 2018 AUDIT PLAN As of June 1, 2017 Table of Contents I. Purpose 1 II. Internal Audit s Role, Objectives and Operational Strategy 1 III. Challenges and
More informationDon t make the same mistake twice! Avoiding repeat violations of Reliability Standards
Don t make the same mistake twice! Avoiding repeat violations of Reliability Standards 17 November 2010 www.morganlewis.com www.ey.com Welcome to Don t Make the Same Mistake Twice! Avoiding Repeat Violations
More informationMPAC BOARD OF DIRECTORS MANDATE
MPAC BOARD OF DIRECTORS MANDATE The Municipal Property Assessment Corporation Act is the foundation of the governance model that establishes Municipal Property Assessment Corporation (MPAC) and sets out
More informationand Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment
IFACIAAS Board IAASB Main Agenda (April 2013) Agenda Iten 5-D Final Pronouncement March 2012 International Standard on Auditing ISA 315 (Revised), Identifying and Assessing the Risks of Material Misstatement
More informationGUYANA POWER AND LIGHT INC.
GUYANA POWER AND LIGHT INC. VACANCY CHIEF EXECUTIVE OFFICER Guyana Power and Light Inc. (GPL) invites suitably qualified and experienced persons to fill the position of Chief Executive Officer. GPL is
More informationThis document contains a summary of the Group s application of all of the principles contained in King III.
King III Compliance The Board supports the Code of Corporate Practices and Conduct as recommended by the King III Report on Corporate Governance for South Africa 2009 ( King III ). This document contains
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 30, 2017 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationAUDITING. Auditing PAGE 1
AUDITING Auditing 1. Professionalism The International Professional Practices Framework (IPPF) is the conceptual framework that organizes authoritative guidance promulgated by The Institute of Internal
More informationLEADERSHIP OPPORTUNITY EXECUTIVE DIRECTOR
LEADERSHIP OPPORTUNITY EXECUTIVE DIRECTOR ABOUT US Wildlands Restoration Volunteers (WRV) is a Colorado nonprofit 501(c)(3) dedicated to healing the land, strengthening our communities, and building great
More informationPlans for a Balanced Scorecard Approach to Information Security Metrics
MetriCon 3.0 Workshop Presentation Plans for a Balanced Scorecard Approach to Information Security Metrics Kevin Peuhkurinen The Great-West Life Assurance Company Background The Information Security Office
More informationGOLD FIELDS LIMITED. ( GFI or the Company ) BOARD CHARTER. (Approved by the Board of Directors on 16 August 2016)
1 GOLD FIELDS LIMITED ( GFI or the Company ) BOARD CHARTER (Approved by the Board of Directors on 16 August 2016) 2 1. INTRODUCTION The Board Charter is subject to the provisions of the South African Companies
More informationCompliance Program Effectiveness Guide
Compliance Program Effectiveness Guide June 2017 This Guide is a comparison of: Compliance Program Elements New York State, Social Services Law 363-D Office of Inspector General (OIG) Compliance Program
More informationDeveloping an Integrated Anti-Fraud, Compliance, and Ethics Program
Developing an Integrated Anti-Fraud, Compliance, and Ethics Program Establishing an Effective Anti-Fraud, Compliance, and Ethics Function 2018 Association of Certified Fraud Examiners, Inc. Discussion
More informationReview of Duke Energy Florida, LLC Internal Audit Function
Review of Duke Energy Florida, LLC Internal Audit Function MAY 2017 B Y A U T H O R I T Y O F The Florida Public Service Commission Office of Auditing and Performance Analysis Review of Duke Energy Florida,
More informationCHARTER FEDERAL RESERVE BANK OF RICHMOND BOARD OF DIRECTORS AUDIT AND RISK COMMITTEE
CHARTER FEDERAL RESERVE BANK OF RICHMOND BOARD OF DIRECTORS AUDIT AND RISK COMMITTEE Purpose The Audit and Risk Committee (the Committee) is a committee of the Board of Directors (the Board). The Committee
More informationAssociate Vice President of Facilities Management
Associate Vice President of Facilities Management Review: Open Until Filled (Job #17-107) Administrator IV, Associate Vice President of Facilities Management. Salary is commensurate with qualifications
More informationPublic Company Accounting Oversight Board
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2008 (Headquartered in New York, New York) Issued by the Public Company Accounting
More informationInternal Controls and Risk Management Report
42 Internal Controls and Risk Management Report Responsibility Our Board of Directors has the overall responsibility to ensure that sound and effective internal controls are maintained, while management
More informationEnhancing Audit Committee Excellences through Internal Audit. 21 November 2017
Enhancing Audit Committee Excellences through Internal Audit 21 November 2017 Sharpen and Strengthen Excellences of Audit Committee Recent Trends and Emerging Challenges Global and Emerging Trends Roles
More informationSOLUTION BRIEF RSA ARCHER AUDIT MANAGEMENT
RSA ARCHER AUDIT MANAGEMENT INTRODUCTION Internal audit departments are struggling to deliver strategic leadership, coordinated assurance and other services their stakeholders need, but this task isn t
More informationStrategic Direction #7 Business Operations. Final Report
Strategic Direction #7 Final Report Strategic Direction 7 Centralize the System s business administrative functions, where appropriate, in order to leverage resources and increase effectiveness of service
More information2013 COSO Internal Control Framework Update. September 5, 2013
2013 COSO Internal Control Framework Update September 5, 2013 Agenda 2013 COSO IC Framework Topic Minutes The update process 5 What is not changing / What is changing 5 The 17 principles and changes to
More informationContent Specification Outline
Content Specification Outline Copyright 2017 Institute of Certified Management Accountants Updated 8/25/17 Institute of Certified Management Accountants Content Specification Outline Certified in Strategy
More informationJoint Operations (JO) Contactor Health Environment and Safety Management (CHESM) Standardized Operational Excellence (OE) Process
Joint Operations (JO) Contactor Health Environment and Safety Management (CHESM) Standardized Operational Excellence (OE) Process Approved 23 May 2007 Reviewed 1 May 2010 Version 1.1 Version 11. Revised
More informationMeasuring the value of internal audit in the banking industry
Audit financiar, XIV, Nr. 9(141)/2016, 1009-1024 Trends ISSN: 1583-5812; and priorities ISSN on-line: in internal 1844-8801 audit. Measuring the value of internal audit in the banking industry Clara-Iulia
More informationRISK AND AUDIT COMMITTEE TERMS OF REFERENCE
RISK AND AUDIT COMMITTEE TERMS OF REFERENCE Brief description Defines the Terms of Reference for the Risk and Audit Committee. BHP Billiton Limited & BHP Billiton Plc BHP Billiton Limited & BHP Billiton
More informationPOSSE System Review. January 30, Office of the City Auditor 1200, Scotia Place, Tower Jasper Avenue Edmonton, Alberta T5J 3R8
1200, Scotia Place, Tower 1 10060 Jasper Avenue Edmonton, Alberta T5J 3R8 edmonton.ca/auditor POSSE System Review January 30, 2017 The conducted this project in accordance with the International Standards
More informationPRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES
PRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES A. THE ROLE OF THE BOARD OF DIRECTORS 1. Direct the Affairs of the Corporation for the Benefit of Shareholders The Prudential board
More informationWELLS FARGO & COMPANY AUDIT AND EXAMINATION COMMITTEE CHARTER
WELLS FARGO & COMPANY AUDIT AND EXAMINATION COMMITTEE CHARTER PURPOSE: The purpose of the Audit and Examination Committee is to assist the Board of Directors in fulfilling its responsibilities to oversee:
More informationMETROPOLITAN TRANSPORTATION AUTHORITY
ENTERPRISE RISK MANAGEMENT AND INTERNAL CONTROL GUIDELINES Pursuant to Public Authorities Law Section 2931 Adopted by the Board on November 16, 2016 These guidelines apply to the Metropolitan Transportation
More informationBenchmarking Report Share, Compare, Validate SAMPLE. Year: 2017 Your Organization Date
Benchmarking Report Share, Compare, Validate Year: 2017 Your Organization Date Benchmarking Tier 1: Your Organization Benchmarking Tier 2: Services Benchmarking Tier 3: Services $1B to $5B Benchmarking
More informationOverall Winner Highlights: FIS
Overall Winner Highlights: FIS February 2017 Independent research by About Chartis Chartis is the leading provider of research and analysis on the global market for risk technology and is part of Incisive
More informationProgram Management Professional (PgMP)
Program Management Professional (PgMP) E X A M I N AT I O N CO N T E N T O U T L I N E Project Management Institute Program Management Professional (PgMP ) Examination Content Outline April 2011 Published
More informationSPTF Universal Standards for. Social Performance. Management. Version 2.0, Published August 2016
SPTF Universal Standards for Social Performance Version 2.0, Published August 2016 Management Pathway to Improved Practice REPORT 5 1 LEARN Responsible Inclusive Finance 2 ASSESS IMPLEMENT 4 PLAN 3 The
More informationUnderstanding Changes to the Certified Internal Auditor Program for 2013
Understanding Changes to the Certified Internal Auditor Program for 2013 Certified Internal Auditor (CIA ) 2013 Content Change Overview: This document is provided by IIA Global Headquarters to explain
More informationBOC HONG KONG (HOLDINGS) LIMITED. Mandate of the Remuneration Committee
BOC HONG KONG (HOLDINGS) LIMITED Mandate of the Remuneration Committee 1. Purpose 1.1 The Remuneration Committee (the Committee ) is a standing committee of the Board of Directors (the Board ). The purpose
More informationrisk and compliance department business plan
risk and compliance department business plan 2012-2014 TABLE OF CONTENTS 1. Our Services 1.1 Our Mandate 1.2 Lines of Business 2. Accomplishments 3. Implementing Sustainability 3.1 Strategy 1 3.2 Strategy
More informationConsiderations when Choosing a Managed IT Services Provider. ebook
Considerations when Choosing a Managed IT Services Provider ebook Contents Considering Managed Services?...3 Consideration 1: Depth...4 Consideration 2: Proactive...5 Consideration 3: Knowledge & Processes...6
More informationSafety Perception / Cultural Surveys
Safety Perception / Cultural Surveys believes in incorporating safety, health, environmental and system management principles that address total integration, thus ensuring continuous improvement, equal
More information2014 Integrated Internal Control Plan. FRCC Spring Compliance Workshop April 8-10, 2014
2014 Integrated Internal Control Plan Contents Definitions Integrated Components of COSO Internal Control Framework The COSO Internal Control Framework and Seminole Control Environment Risk Assessment
More information