Enterprise Risk Management. Focus on the Future June 2017
|
|
- Bartholomew Byrd
- 6 years ago
- Views:
Transcription
1 Enterprise Risk Management Focus on the Future June Crowe 2017 Crowe Horwath Horwath LLP LLP
2 Learning Objectives and Agenda Objectives Distinguish Risk Management from ERM Understand the Value of Sustainable Risk Management Gain Familiarity with Tools and Approaches Agenda 1. Purpose and Value of ERM 2. Implementation Challenges and Barriers 3. Risk Culture 4. Risk Tools 5. Applying ERM 2017 Crowe Horwath LLP 2
3 2017 Crowe Horwath LLP PURPOSE AND VALUE OF ERM
4 The Future is Inherently Unknowable 2017 Crowe Horwath LLP
5 2017 Crowe Horwath LLP
6 Risks Occur on a Continuum Tumble Stumble Slip Trip 2017 Crowe Horwath LLP
7 Risk Management - A Need for Balance Taking managed risk Taking on too much risk Avoiding problems Avoiding everything, resulting in total stagnation Effective risk culture Missed opportunities and productivity gaps Collaborative decision-making Analysis paralysis 2017 Crowe Horwath LLP
8 What s the Difference? Risk management involves taking actions to reduce the uncertainty, prepare for the consequences and to make sure that the organization can leverage risk to its best advantage. ERM is a process, effected by an entity s board of directors, executive management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within the risk appetite, to provide reasonable assurance regarding the achievement of entity objectives Crowe Horwath LLP
9 What s at Stake? Effective Board risk oversight Transparency Protection of the strategy and assets Performance, quality and productivity Efficient allocation of risk mitigation resources Detection and avoidance of risk Collaboration across business units 2017 Crowe Horwath LLP
10 ERM Goals Increase overall effectiveness & accountability Bridge silos between departments, committees, etc. Visibility for the discipline of Risk Management Assure greater business continuity Improve compliance with laws and regulations Enhance employee empowerment/pride Reinforcement of cultural identity for doing the right thing 2017 Crowe Horwath LLP
11 Characteristics of Effective ERM Successful implementation of ERM requires the following: Leadership participation and support An ERM Leadership Team/Chief Risk Officer (Business Manager) with vision who commands respect Infrastructure to support the ERM process, including: Policy Risk assessment methodology Common risk language (customized risk model) understood by the organization Defined roles and responsibilities Tools to facilitate monitoring, updating and reporting Framework to organize ERM activities, provide discipline and consistency Well defined linkage to other management activities, e.g. strategic planning, budgeting, etc. Appropriate Board oversight of risk strategy and ERM process 2017 Crowe Horwath LLP
12 IMPLEMENTATION CHALLENGES AND BARRIERS 2017 Crowe Horwath LLP
13 Symptoms of UN-Sustainable Risk Management Leadership lethargy Vague vision and message Insufficient follow-through Workforce complacency or resistance No demonstrated impact of performance A non-credible ERM leader Preference for risk silos 2017 Crowe Horwath LLP
14 ERM Implementation Missteps Assume that relevance of ERM is obvious Framework disconnected to the unique characteristics of the organization Little consideration of existing culture Risk assessment deficiencies Failure to embed whenever possible 2017 Crowe Horwath LLP 14
15 Pillars of Sustainable Risk Management Strategy Incorporate formal, evidencebased risk analysis Organization Roles, accountability, and structure Change Management Reinforce vision with tools and integrate existing resources and processes Culture Model risk management priorities in communications, planning and management Crowe Horwath Sustainable Risk Management Framework 2017 Crowe Horwath LLP 15
16 Sustainable Integration of Risk Management Assess Systematic prioritization of risk Respond Consistent approach to risk mitigation Monitor Timely and relevant risk indicators Report Applicable information for decisions and oversight Crowe Horwath Sustainable Risk Management Framework Leverage Learn and enhance 2017 Crowe Horwath LLP 16
17 2017 Crowe Horwath LLP RISK CULTURE
18 The Risk Culture Effect When the speed with which a risk is identified, and the time available to respond is restricted, the way in which the organization responds to risk will vary When the velocity of the event allows; process, policies and practice drive the decision When response time is not available, culture influences the response Crowe Horwath LLP
19 Indicators of a Weak Risk Culture Inconsistency between words and actions Failure to sustain efforts over time Inconsistent consideration of risks in decision-making Perception that nothing will be done about reported risks Managers do not value risk management Inadequate resources toward risk prevention or mitigation Complacency Fear that identifying risks may result in retribution Fear that taking risk may result in retribution 2017 Crowe Horwath LLP
20 Enabling Risk Culture Understand the organization s culture Adapt framework initiatives to the culture Lead by example Embed Risk Management Communicate Manage change Embrace collaboration 2017 Crowe Horwath LLP
21 Eliminating Blame Improves Performance Collaborative risk management Identification of emerging risks Empowered and proactive behaviors Reduced cost of mitigation Early detection 2017 Crowe Horwath LLP
22 2017 Crowe Horwath LLP RISK TOOLS
23 2017 Crowe Horwath LLP Risk Identification
24 Risk Identification Method Pros Cons Surveys Interviews Easiest to perform Consistency in documentation Individuals may share perspectives, that they wouldn t share with the other methods Possible inconsistencies in interpretation Requires the most time Workshops Perspectives are shared with a group Potential for group think Difficult to schedule 2017 Crowe Horwath LLP 24
25 Risk Identification External Risks Regulatory Natural Disasters Litigation Community Relations Community Development Law Enforcement Education Quality and Cost of Living Discrimination/Diversity Public Safety Disaster Planning Emergency/Response Mgmt. Fire and Police Service Youth and Elderly Safety Public Health Sanitation and Waste Mgmt. Animal and Pest Control Pollution Environmental Disease Control 2017 Crowe Horwath LLP External Public Safety Development Public Health Infrastructure Operations Operations Human Resources Public Perception Business Interruption Compliance Utility Services Election Financial Economic Development Resources Marketing Communication Workforce Quality Business License Tax Incentives Public Amenities Infrastructure Planning/Communication Management Capital Asset Inventory Public Transit Information Tech. Construction Management Financial Planning and Taxation Debt and finances Collections and Fraud Budget monitoring Accounting Information Bidding Process
26 Risk Assessment 2017 Crowe Horwath LLP 26
27 Risk Identification 2017 Crowe Horwath LLP 27
28 Risk Identification Stormwater Program Customer Billing Collections IT Design 2017 Crowe Horwath LLP 28
29 Risk Response Ownership Category Risk Risk Definition (Working) Board Committee (Working) Economy A decline in the economy impacts our ability to secure revenue (state funding, grants and Executive contributions from donors.) Environment College Enrollment Declining student enrollment in the college impacts our ability to secure revenue Demographics Changes in the demographics of our stakeholders (students, donors, public) impacts our ability to secure revenue. Policy Our investment policy is not appropriate or effective for our investment objectives. Finance Investment Management Capital Markets Our investments in the Capital Markets do not perform as expected. Bond Markets Out investments in the Bond Markets do not perform as expected. Public Affairs Community/Public Our public image and reputation in the community is impaired. Executive Legislative/Political Legislative and/or political actions impact our ability to carry out our mission. Laws, Rules & Regulation The foundation does not comply with laws, rules and/or regulations. Audit and Administrative Compliance Investment Policy The investments of the foundation are not managed within compliance of the investment policy. Administrative Policy The foundation does not comply with its administrative policies. Contractual Agreements The foundation does not comply with its contractual agreements. Staff A staff member commits fraud and/or misconduct. Executive Misconduct Service Providers A service provider commits fraud and/or misconduct. External Parties An external party commits fraud and/or misconduct. Performance A service provider does not perform as required. Audit and Administrative Service Provider Resiliency A service provider does not recover from a service disruption as required. Financial Stability A service provider is not able to operate due to financial instability. Cash Management Our cash is not managed appropriately. Audit and Administrative Transaction Processing We do not process transactions accurately, efficiently, or timely. Asset Reconciliation/Valuat We do not have accurate valuation and reporting of assets. Operational Accounting & Financial RepOur accounting and financial reporting is inaccurate. Performance Measurement We do not calculate the performance of our investments correctly. Business Continuity An event occurs that interrupts our business operations and our ability to conduct business. Information Integrity The information that we need to make decisions is not accurate or available when needed. Recruitment and Retention We are not able to recruit and retain staff and board members. Strategic Initiatives Human Capital Training and Development We are not able to train and develop staff and board members. Key Person/Succession We are unable to carry out the mission of the foundation if a key person leaves the organization. Physical There is a security event at one of our locations. Audit and Administrative Security Information Systems The security of our information systems is compromised. Records Records of the foundation are inappropriately disclosed, lost or damaged. Legal Contracts Legal contracts are not written or executed to provide the needed protections. Executive Litigation A potential litigation event impacts the foundation Crowe Horwath LLP 30
30 Risk Response Options Accept = monitor Avoid = eliminate (get out of situation) Pursue = exploit Reduce = institute controls Share = partner with someone (e.g., insurance) 2017 Crowe Horwath LLP 31
31 Risk Response Considerations 1. What are the factors that drive/contribute to the risk? 2. What are the most serious impacts of the risk? 3. Where within the organization are the impacts felt? 4. What is currently being done to manage the risk? 5. Does the risk management plan adequately address the events to an acceptable/tolerable level? 6. What actions are needed to reduce the impact and likelihood of the risk? 7. Who needs to be involved in the response? 8. What resources are required? 9. What measures (e.g., Key Risk Indicators) are available to monitor or anticipate the risk? 2017 Crowe Horwath LLP 32
32 Monitoring 2017 Crowe Horwath LLP 33
33 Reporting 2017 Crowe Horwath LLP 34
34 Leveraging ERM Improved understanding of risk across the organization Increased cooperation regarding risk management Allow indicators to be related to specific risks in a clear and consistent way Permits alignment of internal and external loss data, risk and-control assessment results and scenario analysis with data More meaningful risk management reporting capabilities Reduces confusion when it comes to ensuring full coverage of all risks Facilitates benchmarking 2017 Crowe Horwath LLP 35
35 2017 Crowe Horwath LLP APPLYING ERM
36 ERM Roadmap 2017 Crowe Horwath LLP 37
37 Organization Strategy Agree to Risk Appetite Approves Corporate Governance Framework School Board Receives report on ERM process from Audit Committee Review Risks and risk management strategies Overall Responsibility for Risk Responsible for Governance Framework Discusses Risk with the Board Superintendent ERM Leadership Team Establishes Ethics/Tone at the top Approve risk appetite/tolerance District Leaders Own risk management responsibilities Develop risk strategy Assign individual risk owners Agrees to risk management techniques Take ERM process direction from Risk ERM Leadership Team Executive ERM Leadership Provide ERM process leadership -risk language -measurement approach -risk strategy approach -monitoring requirements Reports to the Superintendent Educates BU Leaders Determines monitoring requirements Develops standard reporting protocols Provides tools to and advises risk owners Drafts risk appetite limits Reports to the Audit Committee on management s ERM process Train risk owners /champions Risk quantification to support strategy decisions Internal Audit Monitoring and feedback Training and support Audit the ERM process Reports to Audit Committee Key risk owners: Treasury -Legal Financial -Compliance Operation(s) -Supply chain HR -IT Individual Risk Owners/Risk Champions Develops individual risk strategies Assesses and monitors risk Quantifies risk level Identifies and implements controls to manage risks Reports to BU Leader on individual risks 2017 Crowe Horwath LLP 38
38 Culture and Change Readiness Risk Appetite Definition Risk Culture Assessment Views on Risk 2017 Crowe Horwath LLP 39
39 Linkage to Strategy Strategy #1 KPI Risk #1 Risk #2 KRI KRI Goal Strategy #2 Risk #3 KPI KRI Strategy #3 KPI Risk #4 Risk #5 KRI KRI 2017 Crowe Horwath LLP 40
40 Linkage to Strategy Risk #1 Strategy #1 KPI Risk #2 KRI Goal Strategy #2 Risk #3 Strategy #3 KPI Risk #4 Risk #5 KRI 2017 Crowe Horwath LLP 41
41 Leadership s Role in Enterprise Risk Management 2017 Crowe Horwath LLP 42
42 Any Ah-Hah? 2017 Crowe Horwath LLP
43 Thank you Gregg Anderson, CIA, CRMA Direct Bill Dykstra, CIA, CRMA Direct: Crowe Horwath LLP 44
Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationEnterprise Risk Management
Compliance, Audit, Risk Management and Legal Affairs Committee Enterprise Risk Management Higher Education Scorecards, Performance Based Metrics, and Faculty Compensation Alan D. Phillips Vice President
More informationA Practical Approach to Enterprise Risk Management
A Practical Approach to Enterprise Risk Management Presented by: Amit Govil Managing Partner, P&G Associates John McIsaac President, McIsaac Risk Solutions Today s Agenda I. Defining ERM II. Implementation
More informationEnterprise Risk Management Handbook. June, 2010
Enterprise Risk Management Handbook June, 2010 Table of Contents Overview... 4 What is Enterprise Risk Management?... 5 Why Undertake Enterprise Risk Management?... 6 Draft UW System ERM Vision, Mission,
More informationCatching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010
Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified
More informationThe Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector
The Sector Skills Council for the Financial Services Industry National Occupational Standards Risk Management for the Financial Sector Final version approved April 2009 IMPORTANT NOTES These National Occupational
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which
More informationPORTLAND PUBLIC SCHOOLS HUMAN RESOURCE SERVICES AND DELIVERY
PORTLAND PUBLIC SCHOOLS HUMAN RESOURCE SERVICES AND DELIVERY January 2013 Overview Portland Public School District (the District or PPS) contracted with AKT to create a new vision and values for their
More informationEnterprise Risk Management. Applying enterprise risk management to environmental, social and governance-related risks.
Enterprise Risk Management Applying enterprise risk management to environmental, social and governance-related Executive Summary PRELIMINARY DRAFT January 2018 This document was developed by the Committee
More information7 Key Trends in Enterprise Risk Management
7 Key Trends in Enterprise Risk Management John Verver, CPA CA, CISA, CMC Kevin Legere, ACDA Presenters John Verver Consultant and Advisor to ACL Kevin Legere Director of Product Design Agenda Excellence
More informationA Risk Management Framework for the CGIAR System
Agenda Item 10 For Decision Issued: 25 October 2017 A Risk Management Framework for the CGIAR System Purpose Building on core principles presented at SC4 for early input, this paper summarizes the main
More informationTactical Implementation of Enterprise Risk Management
Tactical Implementation of Enterprise Risk Management Presented by: Glen Cooper Copyright Tactical Implementation of ERM CONGRATULATIONS YOU HAVE SUCCESSFULLY MADE YOUR BUSINESS CASE AND ACHIEVED MANAGEMENT
More informationIMPLEMENT A PIPELINE SMS
GROUP HOW TO IMPLEMENT A PIPELINE SMS AN INTRODUCTORY GUIDE WITH IMPLEMENTATION SUGGESTIONS AND STRATEGIES 3 2 YOUR GUIDE TO IMPLEMENTATION. An Introductory Guide on How to Implement Pipeline SMS Implementing
More informationExtended Enterprise Risk Management
Extended Enterprise Risk Management Driving performance through the extended enterprise October 2015 A network within a network The Extended Enterprise is the concept that an organization does not operate
More informationRisk Advisory Services Developing your organisation s governance for competitive advantage
Advisory Services Developing your organisation s governance for competitive advantage The Deloitte Advisory Platform of Services can help you to govern your strategic plan to guide your operations measure
More informationA Strategic Approach to Bank Fraud
Fraud Case Study A Strategic Approach to Bank Fraud How Banks Can Move From Reactive to Proactive Fraud Prevention and Detection Fraud prevention and detection remains one of the biggest and most pressing
More informationEnterprise Risk Management: Developing a Model for Organizational Success. White Paper
Enterprise Risk Management: Developing a Model for Organizational Success White Paper January 2009 Overview Less than a decade ago, Enterprise Risk Management (ERM) was an unfamiliar concept. Today, the
More informationThe winning tax transformation trinity. Data, technology and operations
The winning tax transformation trinity Data, technology and operations Panel Moderators Daryl Blakeway Director South Africa Tax Performance Advisory Anthony Davis Executive Director EMEIA Tax Performance
More informationProgram Learning Outcomes
Program Learning Outcomes Learning outcomes are statements that describe the knowledge, skills, and abilities that program participants will have after successfully completing the Academy. By reviewing
More informationCSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting
Introduction CSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting www.corostrandberg.com November 2015 Companies which adopt CSR or sustainability
More informationERM: Risk Maps and Registers. Performing an ISO Risk Assessment
ERM: Risk Maps and Registers Performing an ISO 31000 Risk Assessment Agenda Following a Standard? Framework First Performing a Risk Assessment Assigning Risk Ownership Data Management Questions? Following
More informationDeveloping an Integrated Anti-Fraud, Compliance, and Ethics Program
Developing an Integrated Anti-Fraud, Compliance, and Ethics Program Establishing an Effective Anti-Fraud, Compliance, and Ethics Function 2018 Association of Certified Fraud Examiners, Inc. Discussion
More informationCGMA Competency Framework
CGMA Competency Framework Technical skills CGMA Competency Framework 1 Technical skills : This requires a basic understanding of the business structures, operations and financial performance, and includes
More informationThird Party Risk Management ( TPRM ) Transformation
Third Party Risk Management ( TPRM ) Transformation September 20, 2017 Internal use only An introduction to TPRM What is a Third Party relationship? A Third Party relationship is any business arrangement
More informationENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS. Dan Julevich and Chris Dawes April 17, 2015
ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS Dan Julevich and Chris Dawes April 17, 2015 Agenda ERM What, Why, How? ERM Keys to Success Fail, Survive, or Thrive? ERM Current State Overview ERM Leading
More informationPractice Guide. Developing the Internal Audit Strategic Plan
Practice Guide Developing the Internal Audit Strategic Plan JUly 2012 Table of Contents Executive Summary... 1 Introduction... 2 Strategic Plan Definition and Development... 2 Review of Strategic Plan...
More informationRisk Management Strategy
Risk Management Strategy 2017-2019 Created by: Role Name Title Author / Editor Kevin McMahon Head of Risk Management & Resilience Lead Executive Margo McGurk Director of Finance & Performance Approved
More informationGuidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Audit Committee March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note )
More informationEnterprise Risk Management Demystified
Enterprise Risk Management Demystified Charles W. Soucy, CPCU, CLU, ARM Joe C. Underwood, CPCU, ARM, AIC October 27, 2010 Agenda 1. What is it? A formal definition of ERM How it s different 2. Why do it?
More informationMore than 2000 organizations use our ERM solution
5 STEPS TOWARDS AN ACTIONABLE RISK APPETITE Contents New Defining Pressures Risk Appetite and Risk Tolerance Benefits The 5 Best of Practices Risk Assessments Benefits of an Actionable Risk Appetite More
More informationDIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015
DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015 DIRECTOR TRAINING AND QUALIFICATIONS SAMPLE SELF-ASSESSMENT TOOL INTRODUCTION The purpose of this tool is to help determine
More information3 months (with possible extension of up to 12 months)
Job Description Position: Location: Responsible to: Responsible for: Duration: Starting date: Salary: Benefits: Country Finance Director Syria (Damascus) Country Director Finance Officer 3 months (with
More informationISACA. The recognized global leader in IT governance, control, security and assurance
ISACA The recognized global leader in IT governance, control, security and assurance High-level session overview 1. CRISC background information 2. Part I The Big Picture CRISC Background information About
More informationStandards for Excellence Program Organizational Self-Assessment Checklist
Standards for Excellence Program Organizational Self-Assessment Checklist Instructions for using the checklist: if the organization has met the standard, X if the organization has not met the standard,
More informationPrince William County Public Schools Annual Audit Plan
Prince William County Public Schools 2011 Annual Audit Plan Office of Internal Audit Vivian Calkins-McGettigan, MBA, CPA, CPFO Chief Internal Auditor Table of Contents Foreword 3 Introduction to the Office
More informationBeginning a Business Sustainability Plan
Beginning a Business Sustainability Plan NYS Pollution Prevention Institute Anahita Williamson Director Michelle Butler Senior Engineer Trish Donohue Senior Engineer Sustainable Supply Chain & Technology,
More informationTaking ERM to a. 6 GRC Today / October 2015
GLOBAL SCALE 6 GRC Today / October 2015 Global Scale lobal events highlighted by G business scandals, failures, information theft, and natural disasters have shone the spotlight yet again on risk management
More informationINTEGRATING RISK INTO CORPORATE PLANNING
INTEGRATING RISK INTO CORPORATE PLANNING Risk Management and Corporate Planning are a bit like the chicken and the egg you can t really have one without the other but which comes first. First Plan then
More informationAchieve. Performance objectives
Achieve Performance objectives Performance objectives are benchmarks of effective performance that describe the types of work activities students and affiliates will be involved in as trainee accountants.
More informationA New Framework for Risk Management
A New Framework for Risk Management JOHN MCLAUGHLIN, MANAGING DIRECTOR, ARTHUR J. GALLAGHER & CO. Traditional Risk Management Without guidance an organization s risk strategy will be made and repeatedly
More informationRisk culture. Building great organisations and growing your foundation for success CAPABILITY STATEMENT 2016
Risk culture Building great organisations and growing your foundation for success CAPABILITY STATEMENT 2016 What the regulators are saying about risk culture 2 3 An effective risk culture guides and facilitates
More informationAdvisory Services Governance, Risk & Compliance
Advisory Services Governance, Risk & Compliance Caribbean Association of Audit Committee Members Inc. 2010 Conference Caretakers of Integrity and Accountability: The Role of Internal Audit in Corporate
More informationCultivating a Risk Intelligent Culture A fresh perspective
Cultivating a Risk Intelligent Culture A fresh perspective October 2012 Why culture? In managing risk effectively it is important to understand what drives behaviours towards risk As the Global Financial
More informationEnterprise Risk Management: Aligning Risk with Strategy & Performance June 26, :45 p.m. 4:45 p.m.
Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, 2017 3:45 p.m. 4:45 p.m. Presented by: Marc Winkler Director P&G Associates 646 Highway 18 East Brunswick, NJ 08816 P: 877-651-1700
More informationDeVry Approach to ERM
IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago DeVry Approach to ERM Elizabeth Truelove McDermott, CPA Vice President, Audit, Ethics & Compliance
More informationThe Future of Internal Auditing:
Internal Audit The Future of Internal Auditing: Changing Internal Audit s Value Proposition October 12, 2010 Istanbul, Turkey Presented by: Naman Parekh Partner, Agenda Background of the 2012 Study Key
More informationRecommended Practices for Subcontractor Management
Recommended Practices for Subcontractor Management Athens PM Conference June 18, 2012 Christos Vassilicos Agenda Introduction & Context A Subcontractor Management Case Study Recommended practices across
More informationLeading the Global. Next Decade Doing More with Less The Lean Internal Audit Model. Larry Rieger
Leading the Global Profession into the Next Decade Doing More with Less The Lean Internal Audit Model Larry Rieger 1 Agenda How chief audit executives and internal audit functions remain relevant Market
More informationIndependent Auditor s report
Independent auditor s report to the members of Opinion on the financial statements of In our opinion the consolidated and Parent Company financial statements of : give a true and fair view of the state
More informationSOLUTION BRIEF RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT
RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT INTRODUCTION Your organization s regulatory compliance landscape changes every day. In today s complex regulatory environment, governmental and industry
More informationThe Role of the Chief Risk Office and the Board s Role in Risk Oversight
The Canadian Society of Corporate Secretaries 16th Annual Corporate Governance Conference Banff Springs Hotel Banff, AB August 24 27, 2014 The Role of the Chief Risk Office and the Board s Role in Risk
More informationEnterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach. SCCE s Higher Education Compliance Conference
Enterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach SCCE s Higher Education Compliance Conference June 13, 2011 Objectives Implementing Enterprise Risk Management
More informationSocial Investment. Child Rights and Mining Toolkit. Tool
10 Child Rights and Mining kit Investing in children s safety, education and health leads to more resilient and peaceful societies in the long term, and is therefore the best foundation for a sustainable
More informationRisk Intelligent Enterprise Risk Management (ERM) Dolores Atallo-Hazelgreen, Firm Director
Risk Intelligent Enterprise Risk Management (ERM) Dolores Atallo-Hazelgreen, Firm Director March, 2010 Today s Agenda In the Spotlight More Than 15 Minutes of Fame Marketplace Perspective Deloitte Global
More informationGovernance Guideline SEPTEMBER 2013 BC CREDIT UNIONS.
Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS www.fic.gov.bc.ca INTRODUCTION The Financial Institutions Commission 1 (FICOM) holds the Board of Directors 2 (board) accountable for the stewardship
More informationAUDIT UNDP ENTERPRISE RISK MANAGEMENT SYSTEM. Report No Issue Date: 4 April 2014
UNITED NATIONS DEVELOPMENT PROGRAMME AUDIT OF UNDP ENTERPRISE RISK MANAGEMENT SYSTEM Report No. 1181 Issue Date: 4 April 2014 Table of Contents Executive Summary i I. The ERM system in UNDP 1 II. Detailed
More informationAn Overview of the AWS Cloud Adoption Framework
An Overview of the AWS Cloud Adoption Framework Version 2 February 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes
More informationDAVID ADLER & ASSOCIATES
DAVID ADLER & ASSOCIATES WHO WE ARE WHAT WE DO HOW WE DIFFER DAVID ADLER & ASSOCIATES WHO WE ARE David Adler & Associates is a boutique law firm that counsels executives on strategic, tactical and operational
More informationInside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali
MANAGING OPERATIONAL RISK IN THE 21 ST CENTURY White Paper Series Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali 2 In today s competitive and
More informationSession 7: Corporate Governance
Session 7: Corporate Governance New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
More informationUKU Risk Management Assessment 2011.doc. Introduction
Introduction UKU Management Assessment 2011.doc Assessing The s Once the risks have been identified, they need to be assessed. The key factors are: Likelihood Refers to the probability that a threat will
More informationHow can you improve your ability to identify, respond and adapt to significant operational interruptions?
How can you improve your ability to identify, respond and adapt to significant operational interruptions? Agenda I Introductions and objectives II Why is resilience important III Typical issues be aware
More informationSee your auditor clearly. Transparency report: How we perform quality audit engagements
See your auditor clearly. Transparency report: How we perform quality audit engagements February 2014 Table of contents 1) A message from the CEO and Managing Partner Assurance 2 2) Quality control policies
More informationSENIOR INTERNAL AUDITOR
SENIOR INTERNAL AUDITOR BRANCH/UNIT TEAM LOCATION Governance, Legal and Risk Audit Optional CLASSIFICATION/GRADE/BAND TAFE Worker Level 7 POSITION NO. TBA ANZSCO CODE 221214 PCAT CODE TBA TAFE Website
More informationAuditing Standards and Practices Council
Auditing Standards and Practices Council PHILIPPINE STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT PHILIPPINE STANDARD ON AUDITING
More informationCitizens Property Insurance Corporation Business Continuity Framework
Citizens Property Insurance Corporation Framework Dated September 2015 Approvals: Risk Committee: September 17, 2015 (via email) Adopted by the Audit Committee: Page 1 of 12 Table of Contents 1 INTRODUCTION...
More informationINTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS
INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT (Effective for audits of financial statements for periods beginning
More informationEffective Risk Management With AML Risk Assessment. January 25, 2017
Effective Risk Management With AML Risk Assessment January 25, 2017 2017 2017 Crowe Crowe Horwath Horwath LLP LLP Agenda Regulatory Trends in Risk Assessment Crowe Approach to Anti-Money Laundering (AML)
More informationSOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER
EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR), which takes effect in 2018, will bring changes
More informationMental Health & Wellbeing Strategy
Mental Health & Wellbeing Strategy October 2017 If this report has raised any concerns for you or someone you know, please contact Lifeline on 13 11 14 Energy Networks Australia publications can be downloaded
More informationINFORMATION SERVICES FY 2018 FY 2020
INFORMATION SERVICES FY 2018 FY 2020 3-Year Strategic Plan Technology Roadmap Page 0 of 14 Table of Contents Strategic Plan Executive Summary... 2 Mission, Vision & Values... 3 Strategic Planning Process...
More informationHR Strategic Plan
UNIVERSITY OF CALIFORNIA Human Resources HR Strategic Plan 2015-2019 Vision Strategy The headline Something happens we have to fix External influence drives action Crisis management Timing: NOW Reaction
More informationTranslate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.
Principles Principle 1 - Meeting stakeholder needs The governing body is ultimately responsible for setting the direction of the organisation and needs to account to stakeholders specifically owners or
More informationSimple Strategies, Big Results: Driving Internal Audit Value. October 28 th, 2016
Simple Strategies, Big Results: Driving Internal Audit Value October 28 th, 2016 Agenda Introduction Demonstrate Alignment with Organization s Strategy Playing a Key Role in Company Initiatives Goal-Based
More informationGUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))
GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2)) Operational Risk Management MARCH 2017 STATUS OF GUIDANCE The Isle of Man Financial Services Authority ( the Authority ) issues guidance for
More informationThe Value- Driven CFO. kpmg.com
The Value- Driven CFO kpmg.com 2 Leading the Way in a Data-Driven Enterprise Several years of global uncertainty have made even the toughest executives flinch, and that s certainly true for chief financial
More informationIndigenous Employment Evaluation Framework
Indigenous Employment Evaluation Framework December 2016 Centre for Social Responsibility in Mining Sustainable Minerals Institute The University of Queensland, Australia www.csrm.uq.edu.au The Centre
More informationTask Force Innovation Working Groups
Task Force Innovation Working Groups Emerging Operational Capabilities Adaptive Workforce Information VISION Manage the Innovation Talent of the DON Workforce. ADAPTIVE WORKFORCE WORKING GROUP The Department
More informationReport. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report
Report Quality Assessment of Internal Audit at Draft Report / Final Report Quality Self-Assessment by Independent Validation by Table of Contents 1.
More informationFigure 1: COSO Enterprise Risk Management Cube
Figure 1: COSO Enterprise Risk Management Cube Source: Committee of Sponsoring Organizations (COSO), "Enterprise Risk Management- Integrated Framework: Executive Summary" 5. As shown in the COSO ERM cube,
More informationAligning Business Continuity and Risk Management Workshop. What are the Opportunities for Functional Alignment And How Can We Make it Happen?
Aligning Business Continuity and Risk Management Workshop What are the Opportunities for Functional Alignment And How Can We Make it Happen? Chris Mandel, CRMP, RF, CPCU, ARMe SVP, Strategic Solutions,
More information2016 Business Continuity / Disaster Recovery Internal Audit Report
Internal Audit 2016 Business Continuity / Disaster Recovery Internal Audit Report Approved: Isaac S. Clarke May 13, 2016 Report Reference: R-16-2 Executive Summary Background and Procedures Performed Disaster
More informationDraft Internal Audit Plan for Institute of Technology Blanchardstown 2017
Draft Internal Audit Plan for Institute of Technology Blanchardstown 2017 Contents 1. Introduction and Approach 4 2. Principal Risks 5 3. Proposed areas of focus for Internal Audit 6 4. Draft Internal
More informationICMA PRACTICES FOR EFFECTIVE LOCAL GOVERNMENT LEADERSHIP Approved by the ICMA Executive Board June 2017; effective November 2017
Reorganization The Credentialing Advisory Board proposed, and the Leadership Advisory and Executive Boards agreed, that the ICMA Practices should be organized as a narrative rather than a list. The following
More informationENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA
ENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA Chapter 1 Fundamentals of Enterprise Risk Management Risk management has become a vital ingredient in the entrepreneurial culture
More informationFour Strategies for Enabling Innovation in the Face of Risk and Compliance. By John A. Epperson and Clayton J. Mitchell
Four Strategies for Enabling Innovation in the Face of Risk and Compliance By John A. Epperson and Clayton J. Mitchell Audit / Tax / Advisory / Risk / Performance Smart decisions. Lasting value. Four Strategies
More informationInternal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)
Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017) Assessor 1: Assessor 2: Date: Date: Legend: Generally
More informationLEAN ENTERPRISE TRANSFORMATION
LEAN ENTERPRISE TRANSFORMATION SONJA KRESOJEVIC @SONJAK18 @MYSPINNAKERCO SPINNAKER SONJA KRESOJEVIC Co-founder of Spinnaker, NY based consultancy focused on enterprise transformation. Senior executive
More informationA Discussion About Internal Controls February 2016
A Discussion About Internal Controls February 2016 What we will cover today 001 Introductions 002 Defining Internal Controls 003 COSO Internal Controls Integrated Framework 004 Approach to Designing Internal
More informationImplementing an Employee Engagement Programme
Implementing an Employee Engagement Programme A People & Culture White Paper Introduction Over the last decade, employers focus has moved away from employees who are satisfied with their working conditions,
More informationDUBAL s ISO based ERM Program
DUBAL s ISO 31000-based ERM Program Building a Harmonized, Proactive and Sustainable Approach to Risk Management October, 2013 Toby Shore Corporate Treasurer & Chief Risk Officer DUBAL Key Things To Discuss
More informationHuman Capital Business led. People driven.
Human Capital Business led. People driven. Advisory Services February 0 Contents Going to market Human Capital Advisory Services Organizational Development People Development HR Department Development
More informationPRACTICE GUIDE. Formulating and Expressing Internal Audit Opinions
PRACTICE GUIDE Formulating and Expressing Internal Audit Opinions 2 of 23 Table of Contents 1. Executive Summary... 1 2. Introduction... 2 3. Planning the Expression of an Opinion... 3 3.1 Expressing an
More informationHammersmith & Fulham borough of opportunity
Hammersmith & Fulham borough of opportunity PRINCIPAL MANAGER (BUSINESS INTELLIGENCE) HOUSING AND REGENERATION Job Pack Information for applicants Job Description Person Specification JOB DESCRIPTION Job
More informationBenchmarking 101: Shaping your E&C Program for Maximum Value
Benchmarking 101: Shaping your E&C Program for Maximum Value Presented on November 15, 2016 Copyright 2016NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented by Mary Bennett Vice President, Advisory Services,
More informationMETROPOLITAN TRANSPORTATION AUTHORITY
ENTERPRISE RISK MANAGEMENT AND INTERNAL CONTROL GUIDELINES Pursuant to Public Authorities Law Section 2931 Adopted by the Board on November 16, 2016 These guidelines apply to the Metropolitan Transportation
More informationRisk Management Update ISO Overview and Implications for Managers
Contents - ISO 31000 highlights 1 - Changes to key terms and definitions 2 - Aligning key components of the risk management framework 3 - The risk management process 4 - The principles of risk management
More informationInternational Finance Corporation
International Finance Corporation Corporate Governance and Internal Audit Overview Bob Lamm Independent Senior Advisor Center for Corporate Governance Deloitte LLP Neil White Global IA Analytics Leader
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationISO INTERNATIONAL STANDARD. Risk management Principles and guidelines. Management du risque Principes et lignes directrices
INTERNATIONAL STANDARD ISO 31000 First edition 2009-11-15 Risk management Principles and guidelines Management du risque Principes et lignes directrices http://mahdi.hashemitabar.com Reference number ISO
More information