Enterprise Risk Management. Focus on the Future June 2017

Size: px
Start display at page:

Download "Enterprise Risk Management. Focus on the Future June 2017"

Transcription

1 Enterprise Risk Management Focus on the Future June Crowe 2017 Crowe Horwath Horwath LLP LLP

2 Learning Objectives and Agenda Objectives Distinguish Risk Management from ERM Understand the Value of Sustainable Risk Management Gain Familiarity with Tools and Approaches Agenda 1. Purpose and Value of ERM 2. Implementation Challenges and Barriers 3. Risk Culture 4. Risk Tools 5. Applying ERM 2017 Crowe Horwath LLP 2

3 2017 Crowe Horwath LLP PURPOSE AND VALUE OF ERM

4 The Future is Inherently Unknowable 2017 Crowe Horwath LLP

5 2017 Crowe Horwath LLP

6 Risks Occur on a Continuum Tumble Stumble Slip Trip 2017 Crowe Horwath LLP

7 Risk Management - A Need for Balance Taking managed risk Taking on too much risk Avoiding problems Avoiding everything, resulting in total stagnation Effective risk culture Missed opportunities and productivity gaps Collaborative decision-making Analysis paralysis 2017 Crowe Horwath LLP

8 What s the Difference? Risk management involves taking actions to reduce the uncertainty, prepare for the consequences and to make sure that the organization can leverage risk to its best advantage. ERM is a process, effected by an entity s board of directors, executive management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within the risk appetite, to provide reasonable assurance regarding the achievement of entity objectives Crowe Horwath LLP

9 What s at Stake? Effective Board risk oversight Transparency Protection of the strategy and assets Performance, quality and productivity Efficient allocation of risk mitigation resources Detection and avoidance of risk Collaboration across business units 2017 Crowe Horwath LLP

10 ERM Goals Increase overall effectiveness & accountability Bridge silos between departments, committees, etc. Visibility for the discipline of Risk Management Assure greater business continuity Improve compliance with laws and regulations Enhance employee empowerment/pride Reinforcement of cultural identity for doing the right thing 2017 Crowe Horwath LLP

11 Characteristics of Effective ERM Successful implementation of ERM requires the following: Leadership participation and support An ERM Leadership Team/Chief Risk Officer (Business Manager) with vision who commands respect Infrastructure to support the ERM process, including: Policy Risk assessment methodology Common risk language (customized risk model) understood by the organization Defined roles and responsibilities Tools to facilitate monitoring, updating and reporting Framework to organize ERM activities, provide discipline and consistency Well defined linkage to other management activities, e.g. strategic planning, budgeting, etc. Appropriate Board oversight of risk strategy and ERM process 2017 Crowe Horwath LLP

12 IMPLEMENTATION CHALLENGES AND BARRIERS 2017 Crowe Horwath LLP

13 Symptoms of UN-Sustainable Risk Management Leadership lethargy Vague vision and message Insufficient follow-through Workforce complacency or resistance No demonstrated impact of performance A non-credible ERM leader Preference for risk silos 2017 Crowe Horwath LLP

14 ERM Implementation Missteps Assume that relevance of ERM is obvious Framework disconnected to the unique characteristics of the organization Little consideration of existing culture Risk assessment deficiencies Failure to embed whenever possible 2017 Crowe Horwath LLP 14

15 Pillars of Sustainable Risk Management Strategy Incorporate formal, evidencebased risk analysis Organization Roles, accountability, and structure Change Management Reinforce vision with tools and integrate existing resources and processes Culture Model risk management priorities in communications, planning and management Crowe Horwath Sustainable Risk Management Framework 2017 Crowe Horwath LLP 15

16 Sustainable Integration of Risk Management Assess Systematic prioritization of risk Respond Consistent approach to risk mitigation Monitor Timely and relevant risk indicators Report Applicable information for decisions and oversight Crowe Horwath Sustainable Risk Management Framework Leverage Learn and enhance 2017 Crowe Horwath LLP 16

17 2017 Crowe Horwath LLP RISK CULTURE

18 The Risk Culture Effect When the speed with which a risk is identified, and the time available to respond is restricted, the way in which the organization responds to risk will vary When the velocity of the event allows; process, policies and practice drive the decision When response time is not available, culture influences the response Crowe Horwath LLP

19 Indicators of a Weak Risk Culture Inconsistency between words and actions Failure to sustain efforts over time Inconsistent consideration of risks in decision-making Perception that nothing will be done about reported risks Managers do not value risk management Inadequate resources toward risk prevention or mitigation Complacency Fear that identifying risks may result in retribution Fear that taking risk may result in retribution 2017 Crowe Horwath LLP

20 Enabling Risk Culture Understand the organization s culture Adapt framework initiatives to the culture Lead by example Embed Risk Management Communicate Manage change Embrace collaboration 2017 Crowe Horwath LLP

21 Eliminating Blame Improves Performance Collaborative risk management Identification of emerging risks Empowered and proactive behaviors Reduced cost of mitigation Early detection 2017 Crowe Horwath LLP

22 2017 Crowe Horwath LLP RISK TOOLS

23 2017 Crowe Horwath LLP Risk Identification

24 Risk Identification Method Pros Cons Surveys Interviews Easiest to perform Consistency in documentation Individuals may share perspectives, that they wouldn t share with the other methods Possible inconsistencies in interpretation Requires the most time Workshops Perspectives are shared with a group Potential for group think Difficult to schedule 2017 Crowe Horwath LLP 24

25 Risk Identification External Risks Regulatory Natural Disasters Litigation Community Relations Community Development Law Enforcement Education Quality and Cost of Living Discrimination/Diversity Public Safety Disaster Planning Emergency/Response Mgmt. Fire and Police Service Youth and Elderly Safety Public Health Sanitation and Waste Mgmt. Animal and Pest Control Pollution Environmental Disease Control 2017 Crowe Horwath LLP External Public Safety Development Public Health Infrastructure Operations Operations Human Resources Public Perception Business Interruption Compliance Utility Services Election Financial Economic Development Resources Marketing Communication Workforce Quality Business License Tax Incentives Public Amenities Infrastructure Planning/Communication Management Capital Asset Inventory Public Transit Information Tech. Construction Management Financial Planning and Taxation Debt and finances Collections and Fraud Budget monitoring Accounting Information Bidding Process

26 Risk Assessment 2017 Crowe Horwath LLP 26

27 Risk Identification 2017 Crowe Horwath LLP 27

28 Risk Identification Stormwater Program Customer Billing Collections IT Design 2017 Crowe Horwath LLP 28

29 Risk Response Ownership Category Risk Risk Definition (Working) Board Committee (Working) Economy A decline in the economy impacts our ability to secure revenue (state funding, grants and Executive contributions from donors.) Environment College Enrollment Declining student enrollment in the college impacts our ability to secure revenue Demographics Changes in the demographics of our stakeholders (students, donors, public) impacts our ability to secure revenue. Policy Our investment policy is not appropriate or effective for our investment objectives. Finance Investment Management Capital Markets Our investments in the Capital Markets do not perform as expected. Bond Markets Out investments in the Bond Markets do not perform as expected. Public Affairs Community/Public Our public image and reputation in the community is impaired. Executive Legislative/Political Legislative and/or political actions impact our ability to carry out our mission. Laws, Rules & Regulation The foundation does not comply with laws, rules and/or regulations. Audit and Administrative Compliance Investment Policy The investments of the foundation are not managed within compliance of the investment policy. Administrative Policy The foundation does not comply with its administrative policies. Contractual Agreements The foundation does not comply with its contractual agreements. Staff A staff member commits fraud and/or misconduct. Executive Misconduct Service Providers A service provider commits fraud and/or misconduct. External Parties An external party commits fraud and/or misconduct. Performance A service provider does not perform as required. Audit and Administrative Service Provider Resiliency A service provider does not recover from a service disruption as required. Financial Stability A service provider is not able to operate due to financial instability. Cash Management Our cash is not managed appropriately. Audit and Administrative Transaction Processing We do not process transactions accurately, efficiently, or timely. Asset Reconciliation/Valuat We do not have accurate valuation and reporting of assets. Operational Accounting & Financial RepOur accounting and financial reporting is inaccurate. Performance Measurement We do not calculate the performance of our investments correctly. Business Continuity An event occurs that interrupts our business operations and our ability to conduct business. Information Integrity The information that we need to make decisions is not accurate or available when needed. Recruitment and Retention We are not able to recruit and retain staff and board members. Strategic Initiatives Human Capital Training and Development We are not able to train and develop staff and board members. Key Person/Succession We are unable to carry out the mission of the foundation if a key person leaves the organization. Physical There is a security event at one of our locations. Audit and Administrative Security Information Systems The security of our information systems is compromised. Records Records of the foundation are inappropriately disclosed, lost or damaged. Legal Contracts Legal contracts are not written or executed to provide the needed protections. Executive Litigation A potential litigation event impacts the foundation Crowe Horwath LLP 30

30 Risk Response Options Accept = monitor Avoid = eliminate (get out of situation) Pursue = exploit Reduce = institute controls Share = partner with someone (e.g., insurance) 2017 Crowe Horwath LLP 31

31 Risk Response Considerations 1. What are the factors that drive/contribute to the risk? 2. What are the most serious impacts of the risk? 3. Where within the organization are the impacts felt? 4. What is currently being done to manage the risk? 5. Does the risk management plan adequately address the events to an acceptable/tolerable level? 6. What actions are needed to reduce the impact and likelihood of the risk? 7. Who needs to be involved in the response? 8. What resources are required? 9. What measures (e.g., Key Risk Indicators) are available to monitor or anticipate the risk? 2017 Crowe Horwath LLP 32

32 Monitoring 2017 Crowe Horwath LLP 33

33 Reporting 2017 Crowe Horwath LLP 34

34 Leveraging ERM Improved understanding of risk across the organization Increased cooperation regarding risk management Allow indicators to be related to specific risks in a clear and consistent way Permits alignment of internal and external loss data, risk and-control assessment results and scenario analysis with data More meaningful risk management reporting capabilities Reduces confusion when it comes to ensuring full coverage of all risks Facilitates benchmarking 2017 Crowe Horwath LLP 35

35 2017 Crowe Horwath LLP APPLYING ERM

36 ERM Roadmap 2017 Crowe Horwath LLP 37

37 Organization Strategy Agree to Risk Appetite Approves Corporate Governance Framework School Board Receives report on ERM process from Audit Committee Review Risks and risk management strategies Overall Responsibility for Risk Responsible for Governance Framework Discusses Risk with the Board Superintendent ERM Leadership Team Establishes Ethics/Tone at the top Approve risk appetite/tolerance District Leaders Own risk management responsibilities Develop risk strategy Assign individual risk owners Agrees to risk management techniques Take ERM process direction from Risk ERM Leadership Team Executive ERM Leadership Provide ERM process leadership -risk language -measurement approach -risk strategy approach -monitoring requirements Reports to the Superintendent Educates BU Leaders Determines monitoring requirements Develops standard reporting protocols Provides tools to and advises risk owners Drafts risk appetite limits Reports to the Audit Committee on management s ERM process Train risk owners /champions Risk quantification to support strategy decisions Internal Audit Monitoring and feedback Training and support Audit the ERM process Reports to Audit Committee Key risk owners: Treasury -Legal Financial -Compliance Operation(s) -Supply chain HR -IT Individual Risk Owners/Risk Champions Develops individual risk strategies Assesses and monitors risk Quantifies risk level Identifies and implements controls to manage risks Reports to BU Leader on individual risks 2017 Crowe Horwath LLP 38

38 Culture and Change Readiness Risk Appetite Definition Risk Culture Assessment Views on Risk 2017 Crowe Horwath LLP 39

39 Linkage to Strategy Strategy #1 KPI Risk #1 Risk #2 KRI KRI Goal Strategy #2 Risk #3 KPI KRI Strategy #3 KPI Risk #4 Risk #5 KRI KRI 2017 Crowe Horwath LLP 40

40 Linkage to Strategy Risk #1 Strategy #1 KPI Risk #2 KRI Goal Strategy #2 Risk #3 Strategy #3 KPI Risk #4 Risk #5 KRI 2017 Crowe Horwath LLP 41

41 Leadership s Role in Enterprise Risk Management 2017 Crowe Horwath LLP 42

42 Any Ah-Hah? 2017 Crowe Horwath LLP

43 Thank you Gregg Anderson, CIA, CRMA Direct Bill Dykstra, CIA, CRMA Direct: Crowe Horwath LLP 44

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM) The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview

More information

Enterprise Risk Management

Enterprise Risk Management Compliance, Audit, Risk Management and Legal Affairs Committee Enterprise Risk Management Higher Education Scorecards, Performance Based Metrics, and Faculty Compensation Alan D. Phillips Vice President

More information

A Practical Approach to Enterprise Risk Management

A Practical Approach to Enterprise Risk Management A Practical Approach to Enterprise Risk Management Presented by: Amit Govil Managing Partner, P&G Associates John McIsaac President, McIsaac Risk Solutions Today s Agenda I. Defining ERM II. Implementation

More information

Enterprise Risk Management Handbook. June, 2010

Enterprise Risk Management Handbook. June, 2010 Enterprise Risk Management Handbook June, 2010 Table of Contents Overview... 4 What is Enterprise Risk Management?... 5 Why Undertake Enterprise Risk Management?... 6 Draft UW System ERM Vision, Mission,

More information

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010 Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified

More information

The Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector

The Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector The Sector Skills Council for the Financial Services Industry National Occupational Standards Risk Management for the Financial Sector Final version approved April 2009 IMPORTANT NOTES These National Occupational

More information

Fraud Risk Management

Fraud Risk Management Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which

More information

PORTLAND PUBLIC SCHOOLS HUMAN RESOURCE SERVICES AND DELIVERY

PORTLAND PUBLIC SCHOOLS HUMAN RESOURCE SERVICES AND DELIVERY PORTLAND PUBLIC SCHOOLS HUMAN RESOURCE SERVICES AND DELIVERY January 2013 Overview Portland Public School District (the District or PPS) contracted with AKT to create a new vision and values for their

More information

Enterprise Risk Management. Applying enterprise risk management to environmental, social and governance-related risks.

Enterprise Risk Management. Applying enterprise risk management to environmental, social and governance-related risks. Enterprise Risk Management Applying enterprise risk management to environmental, social and governance-related Executive Summary PRELIMINARY DRAFT January 2018 This document was developed by the Committee

More information

7 Key Trends in Enterprise Risk Management

7 Key Trends in Enterprise Risk Management 7 Key Trends in Enterprise Risk Management John Verver, CPA CA, CISA, CMC Kevin Legere, ACDA Presenters John Verver Consultant and Advisor to ACL Kevin Legere Director of Product Design Agenda Excellence

More information

A Risk Management Framework for the CGIAR System

A Risk Management Framework for the CGIAR System Agenda Item 10 For Decision Issued: 25 October 2017 A Risk Management Framework for the CGIAR System Purpose Building on core principles presented at SC4 for early input, this paper summarizes the main

More information

Tactical Implementation of Enterprise Risk Management

Tactical Implementation of Enterprise Risk Management Tactical Implementation of Enterprise Risk Management Presented by: Glen Cooper Copyright Tactical Implementation of ERM CONGRATULATIONS YOU HAVE SUCCESSFULLY MADE YOUR BUSINESS CASE AND ACHIEVED MANAGEMENT

More information

IMPLEMENT A PIPELINE SMS

IMPLEMENT A PIPELINE SMS GROUP HOW TO IMPLEMENT A PIPELINE SMS AN INTRODUCTORY GUIDE WITH IMPLEMENTATION SUGGESTIONS AND STRATEGIES 3 2 YOUR GUIDE TO IMPLEMENTATION. An Introductory Guide on How to Implement Pipeline SMS Implementing

More information

Extended Enterprise Risk Management

Extended Enterprise Risk Management Extended Enterprise Risk Management Driving performance through the extended enterprise October 2015 A network within a network The Extended Enterprise is the concept that an organization does not operate

More information

Risk Advisory Services Developing your organisation s governance for competitive advantage

Risk Advisory Services Developing your organisation s governance for competitive advantage Advisory Services Developing your organisation s governance for competitive advantage The Deloitte Advisory Platform of Services can help you to govern your strategic plan to guide your operations measure

More information

A Strategic Approach to Bank Fraud

A Strategic Approach to Bank Fraud Fraud Case Study A Strategic Approach to Bank Fraud How Banks Can Move From Reactive to Proactive Fraud Prevention and Detection Fraud prevention and detection remains one of the biggest and most pressing

More information

Enterprise Risk Management: Developing a Model for Organizational Success. White Paper

Enterprise Risk Management: Developing a Model for Organizational Success. White Paper Enterprise Risk Management: Developing a Model for Organizational Success White Paper January 2009 Overview Less than a decade ago, Enterprise Risk Management (ERM) was an unfamiliar concept. Today, the

More information

The winning tax transformation trinity. Data, technology and operations

The winning tax transformation trinity. Data, technology and operations The winning tax transformation trinity Data, technology and operations Panel Moderators Daryl Blakeway Director South Africa Tax Performance Advisory Anthony Davis Executive Director EMEIA Tax Performance

More information

Program Learning Outcomes

Program Learning Outcomes Program Learning Outcomes Learning outcomes are statements that describe the knowledge, skills, and abilities that program participants will have after successfully completing the Academy. By reviewing

More information

CSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting

CSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting Introduction CSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting www.corostrandberg.com November 2015 Companies which adopt CSR or sustainability

More information

ERM: Risk Maps and Registers. Performing an ISO Risk Assessment

ERM: Risk Maps and Registers. Performing an ISO Risk Assessment ERM: Risk Maps and Registers Performing an ISO 31000 Risk Assessment Agenda Following a Standard? Framework First Performing a Risk Assessment Assigning Risk Ownership Data Management Questions? Following

More information

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program Developing an Integrated Anti-Fraud, Compliance, and Ethics Program Establishing an Effective Anti-Fraud, Compliance, and Ethics Function 2018 Association of Certified Fraud Examiners, Inc. Discussion

More information

CGMA Competency Framework

CGMA Competency Framework CGMA Competency Framework Technical skills CGMA Competency Framework 1 Technical skills : This requires a basic understanding of the business structures, operations and financial performance, and includes

More information

Third Party Risk Management ( TPRM ) Transformation

Third Party Risk Management ( TPRM ) Transformation Third Party Risk Management ( TPRM ) Transformation September 20, 2017 Internal use only An introduction to TPRM What is a Third Party relationship? A Third Party relationship is any business arrangement

More information

ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS. Dan Julevich and Chris Dawes April 17, 2015

ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS. Dan Julevich and Chris Dawes April 17, 2015 ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS Dan Julevich and Chris Dawes April 17, 2015 Agenda ERM What, Why, How? ERM Keys to Success Fail, Survive, or Thrive? ERM Current State Overview ERM Leading

More information

Practice Guide. Developing the Internal Audit Strategic Plan

Practice Guide. Developing the Internal Audit Strategic Plan Practice Guide Developing the Internal Audit Strategic Plan JUly 2012 Table of Contents Executive Summary... 1 Introduction... 2 Strategic Plan Definition and Development... 2 Review of Strategic Plan...

More information

Risk Management Strategy

Risk Management Strategy Risk Management Strategy 2017-2019 Created by: Role Name Title Author / Editor Kevin McMahon Head of Risk Management & Resilience Lead Executive Margo McGurk Director of Finance & Performance Approved

More information

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français. Guidance Note: Corporate Governance - Audit Committee March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note )

More information

Enterprise Risk Management Demystified

Enterprise Risk Management Demystified Enterprise Risk Management Demystified Charles W. Soucy, CPCU, CLU, ARM Joe C. Underwood, CPCU, ARM, AIC October 27, 2010 Agenda 1. What is it? A formal definition of ERM How it s different 2. Why do it?

More information

More than 2000 organizations use our ERM solution

More than 2000 organizations use our ERM solution 5 STEPS TOWARDS AN ACTIONABLE RISK APPETITE Contents New Defining Pressures Risk Appetite and Risk Tolerance Benefits The 5 Best of Practices Risk Assessments Benefits of an Actionable Risk Appetite More

More information

DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015

DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015 DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015 DIRECTOR TRAINING AND QUALIFICATIONS SAMPLE SELF-ASSESSMENT TOOL INTRODUCTION The purpose of this tool is to help determine

More information

3 months (with possible extension of up to 12 months)

3 months (with possible extension of up to 12 months) Job Description Position: Location: Responsible to: Responsible for: Duration: Starting date: Salary: Benefits: Country Finance Director Syria (Damascus) Country Director Finance Officer 3 months (with

More information

ISACA. The recognized global leader in IT governance, control, security and assurance

ISACA. The recognized global leader in IT governance, control, security and assurance ISACA The recognized global leader in IT governance, control, security and assurance High-level session overview 1. CRISC background information 2. Part I The Big Picture CRISC Background information About

More information

Standards for Excellence Program Organizational Self-Assessment Checklist

Standards for Excellence Program Organizational Self-Assessment Checklist Standards for Excellence Program Organizational Self-Assessment Checklist Instructions for using the checklist: if the organization has met the standard, X if the organization has not met the standard,

More information

Prince William County Public Schools Annual Audit Plan

Prince William County Public Schools Annual Audit Plan Prince William County Public Schools 2011 Annual Audit Plan Office of Internal Audit Vivian Calkins-McGettigan, MBA, CPA, CPFO Chief Internal Auditor Table of Contents Foreword 3 Introduction to the Office

More information

Beginning a Business Sustainability Plan

Beginning a Business Sustainability Plan Beginning a Business Sustainability Plan NYS Pollution Prevention Institute Anahita Williamson Director Michelle Butler Senior Engineer Trish Donohue Senior Engineer Sustainable Supply Chain & Technology,

More information

Taking ERM to a. 6 GRC Today / October 2015

Taking ERM to a. 6 GRC Today / October 2015 GLOBAL SCALE 6 GRC Today / October 2015 Global Scale lobal events highlighted by G business scandals, failures, information theft, and natural disasters have shone the spotlight yet again on risk management

More information

INTEGRATING RISK INTO CORPORATE PLANNING

INTEGRATING RISK INTO CORPORATE PLANNING INTEGRATING RISK INTO CORPORATE PLANNING Risk Management and Corporate Planning are a bit like the chicken and the egg you can t really have one without the other but which comes first. First Plan then

More information

Achieve. Performance objectives

Achieve. Performance objectives Achieve Performance objectives Performance objectives are benchmarks of effective performance that describe the types of work activities students and affiliates will be involved in as trainee accountants.

More information

A New Framework for Risk Management

A New Framework for Risk Management A New Framework for Risk Management JOHN MCLAUGHLIN, MANAGING DIRECTOR, ARTHUR J. GALLAGHER & CO. Traditional Risk Management Without guidance an organization s risk strategy will be made and repeatedly

More information

Risk culture. Building great organisations and growing your foundation for success CAPABILITY STATEMENT 2016

Risk culture. Building great organisations and growing your foundation for success CAPABILITY STATEMENT 2016 Risk culture Building great organisations and growing your foundation for success CAPABILITY STATEMENT 2016 What the regulators are saying about risk culture 2 3 An effective risk culture guides and facilitates

More information

Advisory Services Governance, Risk & Compliance

Advisory Services Governance, Risk & Compliance Advisory Services Governance, Risk & Compliance Caribbean Association of Audit Committee Members Inc. 2010 Conference Caretakers of Integrity and Accountability: The Role of Internal Audit in Corporate

More information

Cultivating a Risk Intelligent Culture A fresh perspective

Cultivating a Risk Intelligent Culture A fresh perspective Cultivating a Risk Intelligent Culture A fresh perspective October 2012 Why culture? In managing risk effectively it is important to understand what drives behaviours towards risk As the Global Financial

More information

Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, :45 p.m. 4:45 p.m.

Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, :45 p.m. 4:45 p.m. Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, 2017 3:45 p.m. 4:45 p.m. Presented by: Marc Winkler Director P&G Associates 646 Highway 18 East Brunswick, NJ 08816 P: 877-651-1700

More information

DeVry Approach to ERM

DeVry Approach to ERM IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago DeVry Approach to ERM Elizabeth Truelove McDermott, CPA Vice President, Audit, Ethics & Compliance

More information

The Future of Internal Auditing:

The Future of Internal Auditing: Internal Audit The Future of Internal Auditing: Changing Internal Audit s Value Proposition October 12, 2010 Istanbul, Turkey Presented by: Naman Parekh Partner, Agenda Background of the 2012 Study Key

More information

Recommended Practices for Subcontractor Management

Recommended Practices for Subcontractor Management Recommended Practices for Subcontractor Management Athens PM Conference June 18, 2012 Christos Vassilicos Agenda Introduction & Context A Subcontractor Management Case Study Recommended practices across

More information

Leading the Global. Next Decade Doing More with Less The Lean Internal Audit Model. Larry Rieger

Leading the Global. Next Decade Doing More with Less The Lean Internal Audit Model. Larry Rieger Leading the Global Profession into the Next Decade Doing More with Less The Lean Internal Audit Model Larry Rieger 1 Agenda How chief audit executives and internal audit functions remain relevant Market

More information

Independent Auditor s report

Independent Auditor s report Independent auditor s report to the members of Opinion on the financial statements of In our opinion the consolidated and Parent Company financial statements of : give a true and fair view of the state

More information

SOLUTION BRIEF RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT

SOLUTION BRIEF RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT INTRODUCTION Your organization s regulatory compliance landscape changes every day. In today s complex regulatory environment, governmental and industry

More information

The Role of the Chief Risk Office and the Board s Role in Risk Oversight

The Role of the Chief Risk Office and the Board s Role in Risk Oversight The Canadian Society of Corporate Secretaries 16th Annual Corporate Governance Conference Banff Springs Hotel Banff, AB August 24 27, 2014 The Role of the Chief Risk Office and the Board s Role in Risk

More information

Enterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach. SCCE s Higher Education Compliance Conference

Enterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach. SCCE s Higher Education Compliance Conference Enterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach SCCE s Higher Education Compliance Conference June 13, 2011 Objectives Implementing Enterprise Risk Management

More information

Social Investment. Child Rights and Mining Toolkit. Tool

Social Investment. Child Rights and Mining Toolkit. Tool 10 Child Rights and Mining kit Investing in children s safety, education and health leads to more resilient and peaceful societies in the long term, and is therefore the best foundation for a sustainable

More information

Risk Intelligent Enterprise Risk Management (ERM) Dolores Atallo-Hazelgreen, Firm Director

Risk Intelligent Enterprise Risk Management (ERM) Dolores Atallo-Hazelgreen, Firm Director Risk Intelligent Enterprise Risk Management (ERM) Dolores Atallo-Hazelgreen, Firm Director March, 2010 Today s Agenda In the Spotlight More Than 15 Minutes of Fame Marketplace Perspective Deloitte Global

More information

Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS.

Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS. Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS www.fic.gov.bc.ca INTRODUCTION The Financial Institutions Commission 1 (FICOM) holds the Board of Directors 2 (board) accountable for the stewardship

More information

AUDIT UNDP ENTERPRISE RISK MANAGEMENT SYSTEM. Report No Issue Date: 4 April 2014

AUDIT UNDP ENTERPRISE RISK MANAGEMENT SYSTEM. Report No Issue Date: 4 April 2014 UNITED NATIONS DEVELOPMENT PROGRAMME AUDIT OF UNDP ENTERPRISE RISK MANAGEMENT SYSTEM Report No. 1181 Issue Date: 4 April 2014 Table of Contents Executive Summary i I. The ERM system in UNDP 1 II. Detailed

More information

An Overview of the AWS Cloud Adoption Framework

An Overview of the AWS Cloud Adoption Framework An Overview of the AWS Cloud Adoption Framework Version 2 February 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes

More information

DAVID ADLER & ASSOCIATES

DAVID ADLER & ASSOCIATES DAVID ADLER & ASSOCIATES WHO WE ARE WHAT WE DO HOW WE DIFFER DAVID ADLER & ASSOCIATES WHO WE ARE David Adler & Associates is a boutique law firm that counsels executives on strategic, tactical and operational

More information

Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali

Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali MANAGING OPERATIONAL RISK IN THE 21 ST CENTURY White Paper Series Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali 2 In today s competitive and

More information

Session 7: Corporate Governance

Session 7: Corporate Governance Session 7: Corporate Governance New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS

More information

UKU Risk Management Assessment 2011.doc. Introduction

UKU Risk Management Assessment 2011.doc. Introduction Introduction UKU Management Assessment 2011.doc Assessing The s Once the risks have been identified, they need to be assessed. The key factors are: Likelihood Refers to the probability that a threat will

More information

How can you improve your ability to identify, respond and adapt to significant operational interruptions?

How can you improve your ability to identify, respond and adapt to significant operational interruptions? How can you improve your ability to identify, respond and adapt to significant operational interruptions? Agenda I Introductions and objectives II Why is resilience important III Typical issues be aware

More information

See your auditor clearly. Transparency report: How we perform quality audit engagements

See your auditor clearly. Transparency report: How we perform quality audit engagements See your auditor clearly. Transparency report: How we perform quality audit engagements February 2014 Table of contents 1) A message from the CEO and Managing Partner Assurance 2 2) Quality control policies

More information

SENIOR INTERNAL AUDITOR

SENIOR INTERNAL AUDITOR SENIOR INTERNAL AUDITOR BRANCH/UNIT TEAM LOCATION Governance, Legal and Risk Audit Optional CLASSIFICATION/GRADE/BAND TAFE Worker Level 7 POSITION NO. TBA ANZSCO CODE 221214 PCAT CODE TBA TAFE Website

More information

Auditing Standards and Practices Council

Auditing Standards and Practices Council Auditing Standards and Practices Council PHILIPPINE STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT PHILIPPINE STANDARD ON AUDITING

More information

Citizens Property Insurance Corporation Business Continuity Framework

Citizens Property Insurance Corporation Business Continuity Framework Citizens Property Insurance Corporation Framework Dated September 2015 Approvals: Risk Committee: September 17, 2015 (via email) Adopted by the Audit Committee: Page 1 of 12 Table of Contents 1 INTRODUCTION...

More information

INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS

INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT (Effective for audits of financial statements for periods beginning

More information

Effective Risk Management With AML Risk Assessment. January 25, 2017

Effective Risk Management With AML Risk Assessment. January 25, 2017 Effective Risk Management With AML Risk Assessment January 25, 2017 2017 2017 Crowe Crowe Horwath Horwath LLP LLP Agenda Regulatory Trends in Risk Assessment Crowe Approach to Anti-Money Laundering (AML)

More information

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR), which takes effect in 2018, will bring changes

More information

Mental Health & Wellbeing Strategy

Mental Health & Wellbeing Strategy Mental Health & Wellbeing Strategy October 2017 If this report has raised any concerns for you or someone you know, please contact Lifeline on 13 11 14 Energy Networks Australia publications can be downloaded

More information

INFORMATION SERVICES FY 2018 FY 2020

INFORMATION SERVICES FY 2018 FY 2020 INFORMATION SERVICES FY 2018 FY 2020 3-Year Strategic Plan Technology Roadmap Page 0 of 14 Table of Contents Strategic Plan Executive Summary... 2 Mission, Vision & Values... 3 Strategic Planning Process...

More information

HR Strategic Plan

HR Strategic Plan UNIVERSITY OF CALIFORNIA Human Resources HR Strategic Plan 2015-2019 Vision Strategy The headline Something happens we have to fix External influence drives action Crisis management Timing: NOW Reaction

More information

Translate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.

Translate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests. Principles Principle 1 - Meeting stakeholder needs The governing body is ultimately responsible for setting the direction of the organisation and needs to account to stakeholders specifically owners or

More information

Simple Strategies, Big Results: Driving Internal Audit Value. October 28 th, 2016

Simple Strategies, Big Results: Driving Internal Audit Value. October 28 th, 2016 Simple Strategies, Big Results: Driving Internal Audit Value October 28 th, 2016 Agenda Introduction Demonstrate Alignment with Organization s Strategy Playing a Key Role in Company Initiatives Goal-Based

More information

GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))

GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2)) GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2)) Operational Risk Management MARCH 2017 STATUS OF GUIDANCE The Isle of Man Financial Services Authority ( the Authority ) issues guidance for

More information

The Value- Driven CFO. kpmg.com

The Value- Driven CFO. kpmg.com The Value- Driven CFO kpmg.com 2 Leading the Way in a Data-Driven Enterprise Several years of global uncertainty have made even the toughest executives flinch, and that s certainly true for chief financial

More information

Indigenous Employment Evaluation Framework

Indigenous Employment Evaluation Framework Indigenous Employment Evaluation Framework December 2016 Centre for Social Responsibility in Mining Sustainable Minerals Institute The University of Queensland, Australia www.csrm.uq.edu.au The Centre

More information

Task Force Innovation Working Groups

Task Force Innovation Working Groups Task Force Innovation Working Groups Emerging Operational Capabilities Adaptive Workforce Information VISION Manage the Innovation Talent of the DON Workforce. ADAPTIVE WORKFORCE WORKING GROUP The Department

More information

Report. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report

Report. Quality Assessment of Internal Audit at <Organisation> Draft Report / Final Report Report Quality Assessment of Internal Audit at Draft Report / Final Report Quality Self-Assessment by Independent Validation by Table of Contents 1.

More information

Figure 1: COSO Enterprise Risk Management Cube

Figure 1: COSO Enterprise Risk Management Cube Figure 1: COSO Enterprise Risk Management Cube Source: Committee of Sponsoring Organizations (COSO), "Enterprise Risk Management- Integrated Framework: Executive Summary" 5. As shown in the COSO ERM cube,

More information

Aligning Business Continuity and Risk Management Workshop. What are the Opportunities for Functional Alignment And How Can We Make it Happen?

Aligning Business Continuity and Risk Management Workshop. What are the Opportunities for Functional Alignment And How Can We Make it Happen? Aligning Business Continuity and Risk Management Workshop What are the Opportunities for Functional Alignment And How Can We Make it Happen? Chris Mandel, CRMP, RF, CPCU, ARMe SVP, Strategic Solutions,

More information

2016 Business Continuity / Disaster Recovery Internal Audit Report

2016 Business Continuity / Disaster Recovery Internal Audit Report Internal Audit 2016 Business Continuity / Disaster Recovery Internal Audit Report Approved: Isaac S. Clarke May 13, 2016 Report Reference: R-16-2 Executive Summary Background and Procedures Performed Disaster

More information

Draft Internal Audit Plan for Institute of Technology Blanchardstown 2017

Draft Internal Audit Plan for Institute of Technology Blanchardstown 2017 Draft Internal Audit Plan for Institute of Technology Blanchardstown 2017 Contents 1. Introduction and Approach 4 2. Principal Risks 5 3. Proposed areas of focus for Internal Audit 6 4. Draft Internal

More information

ICMA PRACTICES FOR EFFECTIVE LOCAL GOVERNMENT LEADERSHIP Approved by the ICMA Executive Board June 2017; effective November 2017

ICMA PRACTICES FOR EFFECTIVE LOCAL GOVERNMENT LEADERSHIP Approved by the ICMA Executive Board June 2017; effective November 2017 Reorganization The Credentialing Advisory Board proposed, and the Leadership Advisory and Executive Boards agreed, that the ICMA Practices should be organized as a narrative rather than a list. The following

More information

ENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA

ENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA ENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA Chapter 1 Fundamentals of Enterprise Risk Management Risk management has become a vital ingredient in the entrepreneurial culture

More information

Four Strategies for Enabling Innovation in the Face of Risk and Compliance. By John A. Epperson and Clayton J. Mitchell

Four Strategies for Enabling Innovation in the Face of Risk and Compliance. By John A. Epperson and Clayton J. Mitchell Four Strategies for Enabling Innovation in the Face of Risk and Compliance By John A. Epperson and Clayton J. Mitchell Audit / Tax / Advisory / Risk / Performance Smart decisions. Lasting value. Four Strategies

More information

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017) Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017) Assessor 1: Assessor 2: Date: Date: Legend: Generally

More information

LEAN ENTERPRISE TRANSFORMATION

LEAN ENTERPRISE TRANSFORMATION LEAN ENTERPRISE TRANSFORMATION SONJA KRESOJEVIC @SONJAK18 @MYSPINNAKERCO SPINNAKER SONJA KRESOJEVIC Co-founder of Spinnaker, NY based consultancy focused on enterprise transformation. Senior executive

More information

A Discussion About Internal Controls February 2016

A Discussion About Internal Controls February 2016 A Discussion About Internal Controls February 2016 What we will cover today 001 Introductions 002 Defining Internal Controls 003 COSO Internal Controls Integrated Framework 004 Approach to Designing Internal

More information

Implementing an Employee Engagement Programme

Implementing an Employee Engagement Programme Implementing an Employee Engagement Programme A People & Culture White Paper Introduction Over the last decade, employers focus has moved away from employees who are satisfied with their working conditions,

More information

DUBAL s ISO based ERM Program

DUBAL s ISO based ERM Program DUBAL s ISO 31000-based ERM Program Building a Harmonized, Proactive and Sustainable Approach to Risk Management October, 2013 Toby Shore Corporate Treasurer & Chief Risk Officer DUBAL Key Things To Discuss

More information

Human Capital Business led. People driven.

Human Capital Business led. People driven. Human Capital Business led. People driven. Advisory Services February 0 Contents Going to market Human Capital Advisory Services Organizational Development People Development HR Department Development

More information

PRACTICE GUIDE. Formulating and Expressing Internal Audit Opinions

PRACTICE GUIDE. Formulating and Expressing Internal Audit Opinions PRACTICE GUIDE Formulating and Expressing Internal Audit Opinions 2 of 23 Table of Contents 1. Executive Summary... 1 2. Introduction... 2 3. Planning the Expression of an Opinion... 3 3.1 Expressing an

More information

Hammersmith & Fulham borough of opportunity

Hammersmith & Fulham borough of opportunity Hammersmith & Fulham borough of opportunity PRINCIPAL MANAGER (BUSINESS INTELLIGENCE) HOUSING AND REGENERATION Job Pack Information for applicants Job Description Person Specification JOB DESCRIPTION Job

More information

Benchmarking 101: Shaping your E&C Program for Maximum Value

Benchmarking 101: Shaping your E&C Program for Maximum Value Benchmarking 101: Shaping your E&C Program for Maximum Value Presented on November 15, 2016 Copyright 2016NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented by Mary Bennett Vice President, Advisory Services,

More information

METROPOLITAN TRANSPORTATION AUTHORITY

METROPOLITAN TRANSPORTATION AUTHORITY ENTERPRISE RISK MANAGEMENT AND INTERNAL CONTROL GUIDELINES Pursuant to Public Authorities Law Section 2931 Adopted by the Board on November 16, 2016 These guidelines apply to the Metropolitan Transportation

More information

Risk Management Update ISO Overview and Implications for Managers

Risk Management Update ISO Overview and Implications for Managers Contents - ISO 31000 highlights 1 - Changes to key terms and definitions 2 - Aligning key components of the risk management framework 3 - The risk management process 4 - The principles of risk management

More information

International Finance Corporation

International Finance Corporation International Finance Corporation Corporate Governance and Internal Audit Overview Bob Lamm Independent Senior Advisor Center for Corporate Governance Deloitte LLP Neil White Global IA Analytics Leader

More information

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance

More information

ISO INTERNATIONAL STANDARD. Risk management Principles and guidelines. Management du risque Principes et lignes directrices

ISO INTERNATIONAL STANDARD. Risk management Principles and guidelines. Management du risque Principes et lignes directrices INTERNATIONAL STANDARD ISO 31000 First edition 2009-11-15 Risk management Principles and guidelines Management du risque Principes et lignes directrices http://mahdi.hashemitabar.com Reference number ISO

More information