Compliance, Internal Audit, and Risk Management: What do they look like at a Managed Care Plan?
|
|
- Edward Skinner
- 5 years ago
- Views:
Transcription
1 Compliance, Internal Audit, and Risk Management: What do they look like at a Managed Care Plan? And, other words of wisdom... Objectives: Define risk and identify where risk comes from Recognize what risk activities are being performed in health plans now Experience how two health plans address risks Categorize the similarities and differences among Enterprise Risk Management, Internal Audit, Compliance programs Define Enterprise Risk Management (ERM) 2014 Compliance Institute March 30,
2 Objectives (Cont.) Discuss the elements and components of Enterprise Risk Management (ERM) Review where your plan is in the ERM Share a sample of what an ERM might look like Identify best practices to achieve to the ultimate state of ERM for your organization 2014 Compliance Institute March 30, Objectives (Cont.) And, other words of wisdom from you. Questions and Answers on any health plan topics 2014 Compliance Institute March 30,
3 Define Risk Risk From Merriam Webster s Dictionary noun \ˈrisk\: the possibility that something bad or unpleasant (such as an injury or a loss) will happen someone or something that may cause something bad or unpleasant to happen a person or thing that someone judges to be a good or bad choice for insurance, a loan, etc Compliance Institute March 30, Define Risk Risk is a function of the likelihood of a given threatsource s exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organization. Source: NIST National Institute of Standards and Technology 2014 Compliance Institute March 30,
4 Risk Factors to Consider Could the event (risk) happen? What is the probability it is likely to happen? What is the impact (how bad would it be) if it were to happen? How can you reduce the probability it will happen (mitigation)? Can you create a contingency plan to reduce the impact? 2014 Compliance Institute March 30, Do You Know All Your Risks? Never in all history have we harnessed such formidable technology. Every scientific advancement known to man has been incorporated into its design. The operational controls are sound and foolproof! This quote was said by whom? 2014 Compliance Institute March 30,
5 Who Said It? E. J. Smith, the Captain of the Titanic Sooner or later, there will be a crisis that tests your health plan. Are you ready? What examples come to mind for you? 2014 Compliance Institute March 30, Where Does Risk Come From? Multiple sources of risks (threats) across broad categories, including: Natural Threats Floods, earthquakes, tornadoes, landslides, avalanches, electrical storms, and other such events. Human Threats Events that are either enabled by or caused by human beings, such as unintentional acts (inadvertent data entry) or deliberate actions (network based attacks, malicious software upload, unauthorized access to confidential information). Environmental Threats Long term power failure, pollution, chemicals, liquid leakage. Source: NIST (National Institute of Standards and Technology) 2014 Compliance Institute March 30,
6 What Types of Risks Might a Health Plan Have? Internal risks, e.g., operational experience and expertise, succession planning, talent management, quality, technology External risks, e.g., new lines of business, competition, Super Sandy storms, fire Compliance, Regulatory, and Legal risks, e.g., CMS, OMIG, DOH, DOI, DOJ, HHS OCR 2014 Compliance Institute March 30, What Types of Risks Financial risks, e.g., unsound rates, unexpected penalty, market share shrinks Business risks, e.g., mergers and acquisitions, marketplace expansions (QHP) Reputational risks, e.g., how we are viewed in the marketplace Health and Safety risks, e.g., for members and employees Legal, e.g., fraud, theft, sexual harassment 2014 Compliance Institute March 30,
7 Similarities and Differences Among ERM, Internal Audit, and Compliance How are they the same? How are they different? 2014 Compliance Institute March 30, Internal Audit Internal focus Reviews known issues often financially focused Risk is identified and handled by mitigating or eliminating Focus is on auditing It is owned by Internal Audit and Finance or Audit Committee 2014 Compliance Institute March 30,
8 Compliance Internal and external Regulatory, governmental audit focus within the operational areas Commitment to compliance with laws at a minimum Risk is managed narrowly, i.e., eliminate and meet compliance obligations It is owned by Compliance, Leadership, Board Committee 2014 Compliance Institute March 30, Define Enterprise Risk Management Enterprise Risk Management is a process, effected by an entity s Board of Directors, management and other personnel, applied in a strategy setting across the enterprise, designed to identify potential events that may affect the entity, and to manage risk to be within its risk appetite, providing reasonable assurance regarding the achievement of entity objectives. Source: COSO ERM Integrated Framework, Executive Summary September Compliance Institute March 30,
9 Define Enterprise Risk Management Enterprise risk management (ERM) is the process of planning, organizing, leading, and controlling the activities of an organization in order to minimize the effects of risk on an organization's capital and earnings. Enterprise risk management expands the process to include not just risks associated with accidental losses, but also financial, strategic, operational, and other risks. Source: SearchCIO riskmanagement 2014 Compliance Institute March 30, Enterprise Risk Management Internal and external focus Embraces organizational strategy Risk is managed broadly, i.e., accept, mitigate, transfer, reduce, avoid, or eliminate It is owned by everyone Takes into account the corporate strategies and current marketplace 2014 Compliance Institute March 30,
10 What Does That Mean? It is obtaining everyone s involvement at all levels, and Identifying events i.e., risks to the health plan Determining what the likelihood is it will happen and the impact should it happen Deciding how to manage those risks by assessing, transferring, mitigating or eliminating them, and Assuring that the process is done with strategic goals and opportunities in mind 2014 Compliance Institute March 30, What ERM is Enterprise Risk Management connects the links between departments and divisions with collaboration at all levels of the organization. Communication is the key to get a true Enterprise Risk Management program successfully in place Compliance Institute March 30,
11 How Do You Develop An Enterprise Risk Management Program? There are three basic steps (depending on what you read, it could be 4, 5, or up to 16) Step 1 Evaluation Assess best practices (from other health plans, colleagues, consulting firms, external resources, e.g., Google) 2014 Compliance Institute March 30, How Do You Develop An Enterprise Risk Management Program? (Cont.) Step 2 Structure Program Define specific processes, framework committees, involve key Board of Directors and Executive Leadership Team members Step 3 Execute Risk Assessment CEO driven process with accountability by functional executive leaders 2014 Compliance Institute March 30,
12 The Spectrum of ERMs Mature: Exhibit Best Practices Leadership driven ERM process, e.g., CEO or COO Formal Plan Development Actively implementing via internal committee structure and Risk Oversight Committee (BOD) Interconnectivity of all areas are addressed Advanced communication among committees 2014 Compliance Institute March 30, The Spectrum of ERMs Engaged & Involved: Some efforts made to address ERM Performed an enterprise wide risk assessment Begin to structure framework Still developing implementation approaches Infancy At the starting gate: Less Evolved No formal plan yet Address enterprise risk as part of overall audit, compliance, and operational efforts 2014 Compliance Institute March 30,
13 One Size Does NOT Fit All! EMR is an on going process, not something that you implement and then check it off your list! The program develops over time and requires consistent attention and oversight Compliance Institute March 30, ERM Where Do You Start? Research and evaluate what would work for your plan Set up the Framework of the Program, including Structure Perform a Based line Risk Assessment (and do it every 12 months) Identify and assess risks by Risk Management or Risk Oversight Committee with collaboration from other committees (Compliance, Finance, Continuous Quality Improvement ) 2014 Compliance Institute March 30,
14 ERM Where Do You Start Assign Risk to Executive Leadership Team members Each Risk has ONE Owner Include the Each Risk identified above as a Performance Objective for the responsible Executive Report key risks through a BOD committee (Audit, Risk Management, Compliance or directly to the full BOD) with a work plan to address those risks Continuous process it starts again 2014 Compliance Institute March 30, Benefits of an ERM Protect the plan from being vulnerable Provides an enterprise oversight at the highest level that includes risks identified by Internal Audit, Compliance, or operational sources Creates an integrated approach with alignment to corporate strategy; ultimately supports success of those strategies 2014 Compliance Institute March 30,
15 Benefits of an ERM Reduces risks (all types) Shows transparency and accountability throughout the organization Streamlines processes to produce better outcomes Demonstrates visibility and awareness at the highest level of the health plan Improves reputation and fosters trust 2014 Compliance Institute March 30, Benefits of an ERM Eliminates redundancy in process and effort Promotes collaboration and unifies the organization (reduces the silo approach) Prioritizes goals and objectives as well as allocation of resources at the enterprise level with ability to influence strategic vision Builds a shared sense of vision and purpose Diminishes financial volatility 2014 Compliance Institute March 30,
16 What could an ERM Look Like? 2014 Compliance Institute March 30, Contact Information Lori Oleson Director of Compliance and Quality, Government Programs, Blue Cross Blue Shield of Minnesota David Crawford Assistant Vice President, Corporate Compliance, Affinity Health Plan Tel: (718) Caron R. Cullen Sr. Vice President & Chief Compliance Officer, Affinity Health Plan Tel: (718) Compliance Institute March 30,
Strengthening Your Enterprise Risk Management Process
Strengthening Your Enterprise Risk Management Process Belinda Mumma, Senior Consultant, Enterprise Risk Management Services bmumma@sollievo.com (866) 605-5664 x3400 Discussion Topics Definition of Enterprise
More informationExecutive Teams and the Use of ISO in Decision Making. Scott Wightman, ARM-E National Director Gallagher ERM Practice
Executive Teams and the Use of ISO 31000 in Decision Making Scott Wightman, ARM-E National Director Gallagher ERM Practice Agenda Defining ERM Mission, Objectives and Uncertainty Governance and Risk Varying
More informationCOSO ERM: Integrating with Strategy and Performance. Michael Parkinson
COSO ERM: Integrating with Strategy and Performance Michael Parkinson Content The COSO Frameworks Risk (Enterprise) Risk Management The COSO risk management framework A few highlights Questions for management
More informationHCCA Audit & Compliance Committee Conference. February 29-March 1, Drivers of ERM. Enterprise Risk Management in Healthcare.
Enterprise Risk Management in Healthcare Deloitte & Touche LLP Heather Hagan, Senior Manager Nancy Perilstein, Senior Manager February 29, 2016 Discussion Items Drivers of Enterprise Risk Management (ERM)
More informationRole of Board of Directors in Risk Management. CPA Erick Audi Thursday, 15 th November 2018
Role of Board of Directors in Risk Management Presentation by: CPA Erick Audi Thursday, 15 th November 2018 Uphold public interest Presentation Agenda Introduction & Definitions Legal Provisions/Guidelines
More informationTexas Tech University System
Texas Tech University System October 31, 2017 ERM Overview Evolution of Risk Management Risk Traditional Definition The possibility that something bad or unpleasant will happen. Merriam-Webster Minimizing
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationEnterprise Risk Management Defined and Explained
Enterprise Risk Management Defined and Explained Council of Engineering and Scientific Society Executives ACCESSE16 July 27, 2016 Paul Klein Managing Director Not-for-Profit Atlantic Coast Market Territory
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which
More informationThe 10 th Annual Management Accounting Conference
The 10 th Annual Management Accounting Conference Navigating Risk Management Frameworks as a Management Accountant Travellers Beach Hotel and Club, Mombasa Wednesday, 26 th July 2017 Uphold. Public. Interest
More informationGleim CIA Review Updates to Part Edition, 1st Printing June 2018
Page 1 of 15 Gleim CIA Review Updates to Part 1 2018 Edition, 1st Printing June 2018 Study Unit 3 Control Frameworks and Fraud Pages 66 through 69 and 76 through 77, Subunit 3.2: In accordance with the
More informationIntegrating Corporate Compliance Programs into Enterprise Risk Management Programs
Integrating Corporate Compliance Programs into Enterprise Risk Management Programs Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.
More informationrisk management ERM Roles & Responsibilities In Community Banks: Who is Responsible for What?
risk management ERM Roles & Responsibilities In Community Banks: Who is Responsible for What? By: John Hurlock, President JohnHurlock@smarterriskmanagement.com Kelly Lutinski, National Director KellyLutinski@smarterriskmanagement.com
More informationPMI Southern Ontario Chapter PDD Ralph Dunham May 26, 2012
PMI Southern Ontario Chapter PDD Ralph Dunham May 26, 2012 Future of Risk Resiliency Pervasive Readiness Effective Governance What s Next? High Medium Risk High Risk I M P A C T Share Low Risk Mitigate
More informationCatching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010
Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified
More informationrisk management Regulatory Compliance in Community Bank: An Exercise in Risk Management By:
risk management Regulatory Compliance in Community Bank: An Exercise in Risk Management By: Kelly Lutinski, National Director KellyLutinski@smarterriskmanagement.com www.smarterriskmanagement.com Executive
More informationEnterprise Risk Management Program Development Update. Finance & Audit Committee Meeting September 25, 2015
Enterprise Risk Management Program Development Update Finance & Audit Committee Meeting September 25, 2015 Enterprise Risk Management Presentation Topics Enterprise Risk Management ( ERM ) Overview Lead
More informationSuccessful ERM Program Standards. Definitions of Enterprise Risk Management (ERM)
1 Successful ERM Program Standards Enterprise Risk Management Vendor Management Business Continuity IT GRC Internal Audit Regulatory Compliance Manager William C. Hord V.P. of Enterprise Risk Management
More informationFrom Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance
Sharon Hale and John Argodale May 28, 2015 2 From Dictionary.com Enterprise: A project undertaken or to be undertaken, especially one that is important or difficult or that requires boldness or energy
More informationBuilding an Intelligent Risk Organization Case Studies in Strategic Risk Management
Building an Intelligent Risk Organization Case Studies in Strategic Risk Management October 24, 2016 Yannick Kwan & Tom Durkin Aon Global Risk Consulting WWW.CHICAGOLANDRISKFORUM.ORG Global Trends in Risk
More informationCharter for Enterprise Risk Management
for Enterprise Risk Management Prepared by: Shannon Sinclair Version: 1.2 Document Id: Date: Release Date TABLE OF CONTENTS TABLE OF CONTENTS... i 1. Background... 1 2. Objectives... 1 3. Scope... 2 3.1
More informationEmerging Trends in Auditing ERM COSO ERM 2017
Emerging Trends in Auditing ERM COSO ERM 2017 AGENDA Our Agenda for today will Include; Introducing COSO ERM 2017. Organizational Bias Risk - Aware Culture Risk Portfolio View. Risk Appetite & Tolerance.
More informationEnterprise Risk Management. Assessing and Managing Risks at Texas A&M University
Enterprise Risk Management Assessing and Managing Risks at Texas A&M University IIA Brazos Valley Chapter July 17, 2014 Objectives/Outline Overview of ERM Key elements and benefits ERM at Texas A&M University
More informationEnterprise Risk Management 2016
Senior Management Conference November 3, 2016 Enterprise Risk Management 2016 Presented by: Jack R. Salvetti, Principal S.R. Snodgrass, P.C. 2016 S.R. Snodgrass, P.C. All Rights Reserved Risk: Exposure
More informationEnterprise Risk Management Demystified
Enterprise Risk Management Demystified Charles W. Soucy, CPCU, CLU, ARM Joe C. Underwood, CPCU, ARM, AIC October 27, 2010 Agenda 1. What is it? A formal definition of ERM How it s different 2. Why do it?
More informationRISK AND COMPENSATION COMMITTEE TERMS OF REFERENCE
RISK AND COMPENSATION COMMITTEE TERMS OF REFERENCE Mandate The Risk and Compensation Committee oversees the Company s 1 Enterprise Risk Management (ERM) Program, including the Company s identification
More informationSample Corporate Risk Management Policy
Sample Corporate Risk Management Policy This document provides a sample Risk Management policy which includes an overview of the key roles and responsibilities of the various stakeholders. Risk Oversight
More informationAdvisory Services Governance, Risk & Compliance
Advisory Services Governance, Risk & Compliance Caribbean Association of Audit Committee Members Inc. 2010 Conference Caretakers of Integrity and Accountability: The Role of Internal Audit in Corporate
More informationInternational Finance Corporation
International Finance Corporation Corporate Governance and Internal Audit Overview Bob Lamm Independent Senior Advisor Center for Corporate Governance Deloitte LLP Neil White Global IA Analytics Leader
More informationEnterprise Risk Management One University s Approach. Assessing and Managing Risks at Texas A&M University
Enterprise Risk Management One University s Approach Assessing and Managing Risks at Texas A&M University March 4, 2014 Objectives/Outline Overview of ERM Key elements and benefits ERM at Texas A&M University
More informationEnterprise Risk Management: Developing a Model for Organizational Success. White Paper
Enterprise Risk Management: Developing a Model for Organizational Success White Paper January 2009 Overview Less than a decade ago, Enterprise Risk Management (ERM) was an unfamiliar concept. Today, the
More informationEnhanced Risk Management Policy
Enhanced Risk Management Policy Approved By: City Council Category: General Administration Approval Date: September 12, 2001 Effective Date: September 12, 2001 Revision Approved By: Revision Date: August,
More informationSession 7: Corporate Governance
Session 7: Corporate Governance New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
More informationIntroduction to ERM (Enterprise Risk Management)
Introduction to ERM (Enterprise Risk Management) Jonathan Burns Director of Finance for Paramount Health Care since November 2014 Relocated to NW OH from Lexington, KY Prior roles in higher education and
More informationIT Due Diligence in an Era of Mergers and Acquisitions
IT Due Diligence in an Era of Mergers and Acquisitions Session 49, March 6, 2018 Charlie Jones, Director of Project Management, University of Vermont Health Network 1 Conflict of Interest Charlie Jones;
More informationA Practical Approach to Enterprise Risk Management
A Practical Approach to Enterprise Risk Management Presented by: Amit Govil Managing Partner, P&G Associates John McIsaac President, McIsaac Risk Solutions Today s Agenda I. Defining ERM II. Implementation
More informationIRM s Professional Standards in Risk Management PART 1 Consultation: Functional Standards
IRM s Professional Standards in Risk PART 1 Consultation: Functional Standards Setting standards Building capability Championing learning and development Raising the risk profession s profile Supporting
More informationAligning and Integrating ERM and Business Process. Federal ERM Summit September 9, :00-12:00
Aligning and Integrating ERM and Business Process Federal ERM Summit September 9, 2013 11:00-12:00 1 Agenda Defining Risk and ERM The ERM Value Proposition An Integrated ERM Framework Aligning ERM with
More informationMETROPOLITAN TRANSPORTATION AUTHORITY
ENTERPRISE RISK MANAGEMENT AND INTERNAL CONTROL GUIDELINES Pursuant to Public Authorities Law Section 2931 Adopted by the Board on November 16, 2016 These guidelines apply to the Metropolitan Transportation
More informationFinancial Management in the Federal Government:
Financial Management in the Federal Government: Considerations regarding the integration of OMB Circular No. A-123 and enterprise risk management for the Centers for Disease Control and Prevention (CDC)
More informationCompliance Plan. Introduction to the Complince Plan of the Archdiocese of Indianapolis. John S. (Jay) Mercer
Compliance Plan Introduction to the Complince Plan of the Archdiocese of Indianapolis John S. (Jay) Mercer Overview I. Compliance Background II. Elements of an Effective Compliance Program What is Compliance?
More informationISACA. The recognized global leader in IT governance, control, security and assurance
ISACA The recognized global leader in IT governance, control, security and assurance High-level session overview 1. CRISC background information 2. Part I The Big Picture CRISC Background information About
More informationERM: Risk Maps and Registers. Performing an ISO Risk Assessment
ERM: Risk Maps and Registers Performing an ISO 31000 Risk Assessment Agenda Following a Standard? Framework First Performing a Risk Assessment Assigning Risk Ownership Data Management Questions? Following
More informationEnterprise Risk Management Discussion American Gas Association Risk Management Committee Meeting
Enterprise Risk Management Discussion American Gas Association Risk Management Committee Meeting July 17, 2017 Objectives Provide perspective on the evolution of Enterprise Risk Management (ERM) New 2017
More informationEnterprise risk management Protecting and enhancing value Advisory
Enterprise risk management Protecting and enhancing value Advisory October 2016 kpmg.co.za 2016 KPMG Services (Pty) Ltd, a South African company and a member firm of the KPMG network of independent member
More informationThe Role of the Chief Risk Office and the Board s Role in Risk Oversight
The Canadian Society of Corporate Secretaries 16th Annual Corporate Governance Conference Banff Springs Hotel Banff, AB August 24 27, 2014 The Role of the Chief Risk Office and the Board s Role in Risk
More informationDurham College Policy and Procedure
Durham College Policy and Procedure TYPE: Administrative TITLE: Risk Management NO.: ADMIN-223 RESPONSIBILITY: Chief Administrative Officer and Chief Financial Officer APPROVED BY: Durham College Leadership
More informationRisk Management Strategy
Risk Management Strategy 2017-2019 Created by: Role Name Title Author / Editor Kevin McMahon Head of Risk Management & Resilience Lead Executive Margo McGurk Director of Finance & Performance Approved
More informationSimplifying the Risk & Compliance THE PREMISE
Monitoring the evolution of risks and compliance activities Simplifying the Risk & Compliance THE PREMISE Organizations face a number of challenges in implementing a risk and compliance management process
More informationEnterprise Risk Management Aligning Risk With Strategy and Performance
Enterprise Risk Management Aligning Risk With Strategy and Performance Jeff Thomson, CMA, CAE President and CEO Institute of Management Accountants 1 Learning Objectives Understand how integrating the
More informationControl Environment Toolkit: Internal Audit Function
III. MODEL DOCUMENT: INTERNAL AUDIT DEPARTMENT CHARTER ADOPTED BY THE AUDIT COMMITTEE OF THE COMPANY MEETING MINUTES NO OF 20 SIGNATURE OF THE CHAIRPERSON OF AUDIT COMMITTEE DATED THIS DAY OF, 20 Approved
More informationEnterprise Risk Management Handbook. June, 2010
Enterprise Risk Management Handbook June, 2010 Table of Contents Overview... 4 What is Enterprise Risk Management?... 5 Why Undertake Enterprise Risk Management?... 6 Draft UW System ERM Vision, Mission,
More informationEnterprise Risk Management: Aligning Risk with Strategy & Performance June 26, :45 p.m. 4:45 p.m.
Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, 2017 3:45 p.m. 4:45 p.m. Presented by: Marc Winkler Director P&G Associates 646 Highway 18 East Brunswick, NJ 08816 P: 877-651-1700
More informationEnterprise Risk Management Framework
Enterprise Risk Management Framework 2018 Johnson & Johnson 1 2 Introduction In order to deliver value to our consumers, patients, caregivers, employees, communities and shareholders, we at Johnson & Johnson
More informationEnterprise Risk Management
Enterprise Risk Management Integrating with Strategy and Performance Paul Sobel, Vice President / CAE Georgia-Pacific, LLC COSO Chairman Jordan Reed, Managing Director, Protiviti 1 2 ERM status quo: A
More informationLya Villasuso OECD Corporate Affairs Division Response ed to: RE: Corporate Governance and the Financial Crises
Richard F. Chambers Certified Internal Auditor Certification in Control Self-Assessment Certified Government Auditing Professional President April 16, 2009 Lya Villasuso OECD Corporate Affairs Division
More information716 West Ave Austin, TX USA
FRAUD-RELATED INTERNAL CONTROLS GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA Figure 2.1 COSO defines an internal control as a process, effected by an entity s board of
More informationTreasury and Risk- Vision 2009 March 25 th, 2009 Michele L. Turner- Sr. Manager Operations Enterprise Risk Management (OERM)
Treasury and Risk- Vision 2009 March 25 th, 2009 Michele L. Turner- Sr. Manager Operations Enterprise Risk Management (OERM) Microsoft Mission: At Microsoft, our mission and values are to help people and
More informationStatement on Risk Management and Internal Control
INTRODUCTION The Board affirms its overall responsibility for the Group s system of internal control and risk management and for reviewing the adequacy and effectiveness of the system. The Board is pleased
More informationWhat Every Internal Auditor Should Know Perspectives of a Chief Compliance Officer
What Every Internal Auditor Should Know Perspectives of a Chief Compliance Officer IIA: November 11, 2011 Jon Rydberg Agenda 1. Opening Comments 2. Weak Infrastructure May Drive Value Destruction 3. Case
More informationGleim CPA Review Updates to Business Environment and Concepts 2018 Edition, 1st Printing March 2018
Page 1 of 16 Gleim CPA Review Updates to Business Environment and Concepts 2018 Edition, 1st Printing March 2018 The content of BEC Study Unit 2, Subunit 2, has undergone extensive edits due to the 2017
More informationEnterprise Risk Management
1 Enterprise Risk Management Building an Effective Enterprise Risk Management Program in a Community Bank Jay Gallo Chief Risk Officer Topics for Discussion 2 Defining Enterprise Risk Management Do Community
More informationERM 101. Casualty Loss Reserve Seminar, Fall /5/ Practical Enterprise Risk Management (ERM) Agenda ERM 101 2
Practical Enterprise Risk Management (ERM) Casualty Loss Reserve Seminar, Fall 2013 Agenda ERM 101 2 Building an effective ERM program 8 Case study 28 Lessons learned 34 Q&A 38 1 Practical Enterprise Risk
More informationRisk Management at Statistics Canada
Risk Management at Statistics Canada Presentation to Workshop on Risk Management Practices in Statistical Organizations J. Mayda April 25 th, 2016 Introduction Statistics Canada has had a formal Integrated
More informationInternal Auditing 2011: It s Time to Fill the Glass
Internal Auditing 2011: It s Time to Fill the Glass Presented to IIA Lithuania 25 March, 2011 Phil Tarling, CMIIA, CIA President The European Confederation of Institutes of Internal Auditing Presentation
More informationRisk Management in Istat: from the project to the process
WORKSHOP ON RISK MANAGEMENT SYSTEMS AND PRACTICES Risk Management in Istat: from the project to the process Genève, 25-26 April 2016 Page 1 Management System Network Values and ethics Organizational culture
More informationRisk Advisory Services Developing your organisation s governance for competitive advantage
Advisory Services Developing your organisation s governance for competitive advantage The Deloitte Advisory Platform of Services can help you to govern your strategic plan to guide your operations measure
More informationRisk Management Developing an Effective Audit Plan
2013 CliftonLarsonAllen LLP Risk Management Developing an Effective Audit Plan Association of Credit Union Internal Auditors P L n L e A l n o s a r n L o t f i l C 3 1 0 2 cliftonlarsonallen.com Discussion
More informationENTERPRISE RISK MANAGEMENT LESSONS LEARNED FROM ERM IN A PUBLIC SECTOR ORGANIZATION
ENTERPRISE RISK MANAGEMENT LESSONS LEARNED FROM ERM IN A PUBLIC SECTOR ORGANIZATION March 14, 2013 Webinar on ERM What it is! What it is not! 2 Do You Know.. The underlying premises of ERM History of ERM
More informationMANAGEMENT of INFORMATION SECURITY Third Edition
LANNING FOR MANAGEMENT of INFORMATION SECURITY Third Edition CHAPTER ECURITY You got to be careful if you don t know where you re going, because you might not get there. Yogi Berra Upon completion of this
More informationEnterprise Risk Management. Applying enterprise risk management to environmental, social and governance-related risks.
Enterprise Risk Management Applying enterprise risk management to environmental, social and governance-related Executive Summary PRELIMINARY DRAFT January 2018 This document was developed by the Committee
More informationGovernance Guideline SEPTEMBER 2013 BC CREDIT UNIONS.
Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS www.fic.gov.bc.ca INTRODUCTION The Financial Institutions Commission 1 (FICOM) holds the Board of Directors 2 (board) accountable for the stewardship
More informationDevelop and support our staff to enhance productivity: Leadership can be demonstrated at any level. Value: Competency: Fundamental Competencies
2 Develop and support our staff to enhance productivity: Our success depends on our greatest asset, our staff, and ensuring they work in a nurturing and productive environment where they can acquire and
More informationFigure 1: COSO Enterprise Risk Management Cube
Figure 1: COSO Enterprise Risk Management Cube Source: Committee of Sponsoring Organizations (COSO), "Enterprise Risk Management- Integrated Framework: Executive Summary" 5. As shown in the COSO ERM cube,
More informationEstablishing Enterprise Risk Management in
Establishing Enterprise Risk Management in Management Practices Introductions/Opening Remarks Speakers: Cynthia Vitters, Chief Risk Officer, Federal Student Aid Mike Wetklow, Branch Chief, Office of Management
More informationIn Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015
In Control: Getting Familiar with the New COSO Guidelines CSMFO Monterey, California February 18, 2015 1 Background on COSO Part 1 2 Development of a comprehensive framework of internal control Internal
More informationEnsuring Organizational & Enterprise Resiliency with Third Parties
Ensuring Organizational & Enterprise Resiliency with Third Parties Geno Pandolfi Tuesday, May 17, 2016 Room 7&8 (1:30-2:15 PM) Session Review Objectives Approaches to Third Party Risk Management Core Concepts
More informationEnterprise Risk Management Montana State Fund
Enterprise Risk Management Montana State Fund Report to the Board January 28, 2011 Presented by: Mary Peter, Director of Enterprise Risk Management Enterprise Risk Management (ERM) Defined An integrated
More informationExecutive Summary. Exhibit 1- Streamlined communication to the Board of Directors
Executive Summary Enterprise Risk Management (ERM) remains one of the most important tasks of corporate leadership teams. The increased pace and magnitude of technology innovation, regulatory changes,
More informationEnterprise Risk Management in Health Care
Enterprise Risk Management in Health Care Deloitte & Touche LLP Ian Waxman, Senior Manager February 23, 2015 Enterprise Risk Management Formal definition of risk: Risk is any event that can adversely affect
More informationClarifying the Role of. Enterprise Risk Management
Clarifying the Role of Enterprise Risk Management Introductions/Opening Remarks Speakers: Doug Webster, Director, Risk Officer, US Agency for International Development Mike Wetklow, Deputy CFO, National
More informationENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS. Dan Julevich and Chris Dawes April 17, 2015
ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS Dan Julevich and Chris Dawes April 17, 2015 Agenda ERM What, Why, How? ERM Keys to Success Fail, Survive, or Thrive? ERM Current State Overview ERM Leading
More informationMANAGING RISK AT SUNCORP
SUNCORP GROUP LIMITED CORPORATE GOVERNANCE MANAGING RISK AT SUNCORP 1 MANAGING RISK AT SUNCORP Managing risk is a key contributor to Suncorp Group's success. The Board and management recognise that an
More informationThis policy establishes the approach to risk management at Sunshine Coast Council (Council) and outlines the guiding principles and framework.
Organisational policy Risk Management Policy Corporate Plan reference: Endorsed by Chief Executive Officer: Manager responsible for policy: A strong community In all our communitites, people are included,
More informationNote by the Executive Director on the annual report of the Inspector General
Executive Board Annual session Rome, 18 22 June 2018 Distribution: General Date: 18 May 2018 Original: English Agenda item 6 WFP/EB.A/2018/6-F/1/Add.1 Resource, financial and budgetary matters For consideration
More informationGuidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Board of Directors January 2018 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance
More informationRISK MANAGEMENT REPORT
RISK MANAGEMENT REPORT A RCL FOODS RISK MANAGEMENT REPORT 2016 RISK MANAGEMENT REPORT FRAMEWORK Risk management is considered by the Board to be a key business discipline, designed to balance risk and
More informationJourney to Excellence
Journey to Excellence 42 Deloitte A Middle East Point of View Fall 2015 Operational excellence The excellence agenda in the Gulf countries is increasingly changing the context in which governments operate
More informationWhat You Don t Know Will Eventually Hurt You The Evolving Role of Enterprise Risk Management (ERM) in Successful Organizations
What You Don t Know Will Eventually Hurt You The Evolving Role of Enterprise Risk (ERM) in Successful Organizations Jeff Owen Senior Consultant The Rochdale Group 1 Jeff Owen, Senior Consultant 16 years
More informationRisk Management Policy and Framework
Risk Management Policy and Framework Introductory Note to User: CompanyLongName There is no requirement in Australia for a non-publicly listed entity (other than a company regulated by APRA) to comply
More informationEnterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach. SCCE s Higher Education Compliance Conference
Enterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach SCCE s Higher Education Compliance Conference June 13, 2011 Objectives Implementing Enterprise Risk Management
More informationPOLARIS INDUSTRIES INC.
POLARIS INDUSTRIES INC. Board of Directors Corporate Governance Guidelines Table of Contents BOARD ROLES AND RESPONSIBILITIES... 1 Role of the Board... 1 Board Responsibilities... 1 Expectations of Individual
More informationGUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))
GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2)) Operational Risk Management MARCH 2017 STATUS OF GUIDANCE The Isle of Man Financial Services Authority ( the Authority ) issues guidance for
More informationThe COSO Risk Framework: A reference for internal control? Transition from COSO I to COSO II
The COSO Risk Framework: A reference for internal control? Transition from COSO I to COSO II S P E A K E R : D O T T. FA B I O A C C A R D I C O U R S E O F B U S I N E S S A U D I T I N G U N I V E R
More informationDigitaliseren van risico management
Digitaliseren van risico management Drs. G.M.E. Vervest RC 1 Topics Why does it matter Managing (cyber) risk Digitization of risk management - examples Impact and role of finance professional Questions
More informationAudit by Design: Moving Beyond Continuous Auditing - a Vision for Future Models
Audit by Design: Moving Beyond Continuous Auditing - a Vision for Future Models Kendall Tieck, VP Internal Audit, Workday, Inc. Professional Strategies S31 If you look in the rear view mirror too long
More informationLeveraging ERM to meet. and create business value. Management Flora Do, Senior Manager, Enterprise Risk Management
Leveraging ERM to meet regulatory requirements and create business value Susan Hwang, National Leader, Enterprise Risk Management Flora Do, Senior Manager, Enterprise Risk Management March 27, 2012 With
More informationHeightened standards for compliance risk management. Lines of defense compliance s role
Heightened standards for risk management Lines of defense s role Post-financial crisis, the Office of the Comptroller of the Currency (OCC) developed a set of heightened expectations to enhance the risk
More informationSTRATEGIC PLAN. FISCAL YEARS 2018 to 2022 SAFETY WORKS
STRATEGIC PLAN FISCAL YEARS 2018 to 2022 SAFETY WORKS TSSA has developed an ambitious plan to ensure we effectively reduce safety risks and provide value to our customers and stakeholders. STRATEGIC PLAN
More information