Enterprise risk management: A progressive approach
|
|
- Elmer Gilmore
- 5 years ago
- Views:
Transcription
1 Enterprise risk management: A progressive approach
2 Background The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has commissioned and published standards on enterprise risk management titled Enterprise Risk Management Integrating with Strategy and Performance. This framework is as an update to the earlier framework, Enterprise Risk Management Integrated Framework (2004), and is a welcome change given the evolving expectations of boards, the rapid changes in the business environment, technology advancement and complexity of risks. This article aims to explore the changes in and expectations of the new enterprise risk management (ERM) framework by looking at some of the common myths which have emerged in the past few months since the publication of the new ERM framework. As per the 2017 guidelines, ERM is defined as [t]he culture, capabilities, and practices, integrated with strategy-setting and performance, that organizations rely on to manage risk in creating, preserving, and realizing value. Before decoding this definition, let us look at the rationale behind the new ERM framework and some myths surrounding it, before coming back to the definition in order to understand the changes and its impact. Change drivers A glance at the definition reveals a few obvious drivers behind the need for changing the 2004 ERM framework. That said, it is important to understand the background as well as some of the other less obvious drivers. The new ERM framework was developed over a period of three years and took into consideration feedback from some of the largest and most complex businesses across the world. The COSO ERM team conducted surveys and research on the expectations from an ERM function and the challenges faced by an ERM function in working effectively. These efforts led to the development of a more evolved and future-oriented ERM framework. Some of the key drivers are listed below With the change in governance requirements, stakeholders across the organisational value chain are seeking greater transparency and accountability. There is a need for more insight-driven decision making to understand the risks and capabilities that provide a business edge. As businesses evolve and become complex along with corresponding risks, boards expect more from their organisation s ERM practices and capabilities. There is greater reliance on information and communication from the ERM functions. The risk function is expected to support optimisation of business opportunities quickly. Businesses expect the ERM framework to drive improvements and not just offer protection. In light of recent events, learning, adaptation and deployment of risk strategies are expected to occur quickly.
3 Myths The 2017 ERM framework is surrounded by its fair share of speculation and myths. Some of the critical ones are addressed below. The 2017 ERM framework is an enhancement of the 2013 Internal Controls Framework and is hence similar to the 2013 framework: The most common misconception around the 2017 framework is that it is similar to or an improvement of the 2013 framework. In reality, the 2017 framework is nowhere close to the 2013 one. The latter focuses on internal controls, whereas the 2017 framework focuses on risks at an enterprise level. It is much broader and addresses risk at a different level. On the other hand, the 2013 framework is more about principles and practices from a governance perspective and provides guidance around the same. The 2017 ERM framework is actually an update to the 2004 ERM framework. This change in standards will require organisations to scrap the existing ERM framework: The 2017 framework is exhaustive and future-oriented. Adopting this new framework will mean leveraging the existing ERM framework and enhancing it with the additional elements that have been highlighted in the new framework. The new framework talks about 5 components (and 20 underlying principles): Governance & Culture, Strategy & Objective-Setting, Performance, Review & Revision, Information, and Communication & Reporting. The third component (Performance) is where a large percentage of organisations would have made efforts in the past few decade(s). However, for more holistic ERM implementation, each component and its underlying principle would need to be embraced. Source: Enterprise Risk Management Integrating with Strategy and Performance An ERM function cannot be integrated with other functions, is a dedicated function and needs to be independently enforced: The new ERM framework quite clearly articulates the role of the ERM function through its 5 components and 20 principles. Of the 5 components, component 2, namely Strategy & Objective-Setting, explains through its principles how risk management and risk management practices need to be integrated within the business. In fact, it highlights the importance of involving the risk management function in the strategic decision-making process in order to unlock potential business value. ERM is a one-way practice of risk assessment and reporting, owned and managed by the ERM function, which requires significant investment: The 2017 ERM framework requires a big mind-set shift from the earlier understanding and experience. It will possibly require some to unlearn past ERM practices and require business and risk professionals to fully grasp ERM in its new avatar. Like the previous myth, this myth necessitates a broader and integrated approach towards risk management. To draw a parallel, information technology (IT) had traditionally been viewed as a function which helps drive the organisation to conduct its business that is, a support function. Over the last few years, this has completely changed and IT has become a core function. ERM frameworks and practices have also matured over the past few years and are no longer the responsibility of one function. Risk management is not only about risk assessment and is certainly not about reporting alone.
4 Instead of focusing only on the investments required from a resource or technology perspective, organisations should look at enhancements in risk culture, which have gained tremendous interest in recent years. Risk culture should be viewed as a critical element for every organisation to achieve its strategic and business objectives. In recent years, there have been models where an efficient and effective ERM function is supported by mature ERM practices and often operates on lean investments and leverages the business functions in its ERM activities. ERM is about risks and protecting value: The traditional concept of ERM was about identifying risks in the business environment and addressing them through mitigating controls. The new framework completely changes this view and puts risk management right up the value chain and as part of board room discussions. Component 2, namely Strategy and Objective-Setting, talks about integrating risk management with strategy formulation/discussion and thus puts this myth to rest. This is a big step up as the risk management function is expected not just to protect existing value but also to participate in important discussions in order to unlock the potential of opportunities by taking into consideration the capabilities the organisation is geared to demonstrate. Risk appetite is only about monitoring tolerance breaches: Traditional approaches focus on gathering data/ information, assessing it and measure it against set thresholds to identify a breach or potential breach. The new framework urges organisations to go beyond this approach and integrate risk appetite discussions into the decisionmaking phase. This allows the business to consciously consider risks and their impact, and create a measuring mechanism to derive value from this exercise. The new framework involves deeper analysis of breaches to understand how and where the strategy or the implementation of the strategy resulted in the breach rather than just reporting on risk appetite values. A business cannot talk itself out of risks; instead, it needs to analyse and assess them and take action. Risks result from absence of control or existence of ineffective controls, are about quantification of losses and can be measured only with models, and are bad and should be reduced to zero: Interestingly, risks are good, as without risks, no organisation would be able to achieve its growth objectives. Risk management is not about eliminating all risks but understanding them better and taking decisions which will result in actions which help the organisation achieve its objectives. Many organisations define risk as the absence of control or ineffectiveness of control instead of looking at it as a challenge to achieving business objectives. Treating risks as absence of control results in building long/bulky risk repositories which are often difficult to manage and communicate to the business teams. Key takeaways and considerations from the new 2017 ERM framework The new 2017 framework, Enterprise Risk Management Integrating with Strategy and Performance, provides a tremendous opportunity for organisations of every size and complexity to unlock potential through their risk management functions. This framework allows risk professionals to take risk management practices to a new level and make them a critical part of their organisation s strategic objectives. We have highlighted some key elements which will define the risk management functions of the future: The new ERM definition introduces culture, involvement in strategy setting and creating value as part of the risk management agenda. The enhanced framework will lead to a positive outlook towards risk management by preparing businesses for the future and helping them to understand and decode how risks impacts business in a positive manner. A hurdle most organisations will need to tackle is changing the traditional mind-set of risk managers and business functions so that they begin to view risk as a strategic opportunity to achieve business objectives more effectively. A hurdle most organisations will need to tackle is changing the traditional mindset of risk managers and business functions so that they begin to view risk as a strategic opportunity to achieve business objectives more effectively. Risk management will no longer be about merely reporting information; rather, it will be about focusing on an issue and understanding where it is occurs, why and what are the challenges to overcoming the same. Increasing involvement of risk managers in the achievement of an organisation s business objectives will mean that risk managers know the business better than business personnel who look at it in silos. Risk management is not just about creating a hedging strategy against a risk but also converting that risk into an opportunity. In conclusion, the future of risk management is changing for the better by moving away from silos. The expectations of the board and senior management are increasing with the changing business environment and this presents risk professionals an opportunity to walk with the business to achieve the ultimate organisational objectives. Innovation in risk practices with use of technology and enhancing risk awareness through conscious efforts towards building an organisation s risk culture will be the focus for the coming years.
5 About PwC At PwC, our purpose is to build trust in society and solve important problems. We re a network of firms in 158 countries with more than 236,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at In India, PwC has offices in these cities: Ahmedabad, Bengaluru, Chennai, Delhi NCR, Hyderabad, Kolkata, Mumbai and Pune. For more information about PwC India s service offerings, visit PwC refers to the PwC International network and/or one or more of its member firms, each of which is a separate, independent and distinct legal entity. Please see for further details PwC. All rights reserved Contact Us Vivek Iyer Partner Financial Services- Risk Assurance Services M: vivek.iyer@pwc.com Vivek Iyer is a Financial Services Risk Assurance leader based in Mumbai. He has over 13 years of experience with specialization in governance, risk and compliance in financial services space.vivek has worked with most of the leading organizations in BFSI space and also regularly works back with the regulators on matters of industry importance in the Banking and Capital Markets domain. Dnyanesh Pandit Director Financial Services-Risk Assurance Services M: dnyanesh.pandit@pwc.com Dnyanesh Pandit has over 13 years of experience in Governance, Risk and Compliance in public and private companies across Banks, NBFC s and Insurance companies. He has also been part of multiple, large and complex risk transformation projects across public and private sectors in India, USA, Middle east and Asia. pwc.in Data Classification: DC0 This document does not constitute professional advice. The information in this document has been obtained or derived from sources believed by PricewaterhouseCoopers Private Limited (PwCPL) to be reliable but PwCPL does not represent that this information is accurate or complete. Any opinions or estimates contained in this document represent the judgment of PwCPL at this time and are subject to change without notice. Readers of this publication are advised to seek their own professional advice before taking any course of action or decision, for which they are entirely responsible, based on the contents of this publication. PwCPL neither accepts or assumes any responsibility or liability to any reader of this publication in respect of the information contained within it or for any decisions readers may take or decide not to or fail to take PricewaterhouseCoopers Private Limited. All rights reserved. In this document, PwC refers to PricewaterhouseCoopers Private Limited (a limited liability company in India having Corporate Identity Number or CIN : U74140WB1983PTC036093), which is a member firm of PricewaterhouseCoopers International Limited (PwCIL), each member firm of which is a separate legal entity. PD/Jan
Technology Consulting Logistics Analytics Solutions
Technology Consulting Logistics Analytics Solutions www.pwc.in Logistics sector: Shifting patterns Transportation and logistics are currently confronted with many challenges, which bring risks as well
More informationIntegrated reporting: Corporate perspective in India
www.pwc.in Integrated reporting: Corporate perspective in India May 2018 www.bombaychamber.com Background Globally and in India corporate reporting has evolved significantly over the last decade to be
More informationAutonomous intelligence in customer experience: The new competitive advantage
Autonomous intelligence in customer experience: The new competitive advantage www.pwc.in Introduction to autonomous intelligence Customer experience is the interaction between a customer and a company
More informationFinance for non-financial professionals. PwC s Academy in India 2-day workshop Dates: 12 and 13 November 2018 Location: Mumbai
Finance for non-financial professionals PwC s Academy in India 2-day workshop Dates: 12 and 13 November 2018 Location: Mumbai Helping non-financial professionals raise their awareness of finance and use
More informationPwC s Academy in India
PwC s Academy in India Preparation course for the ACCA Diploma in International Financial Reporting June 2019 exam PwC s Academy in India With us you will achieve more! PwC s Academy is a learning and
More informationConstruction Disputes and Claims Management Advisory Services
Construction Disputes and Claims Advisory Services About PwC Our clients draw upon PwC s in-depth sector-based knowledge and broad dispute experiences for consulting as well as strategic advice, independent
More informationFamily Business Advisory Services
www.pwc.in Family Business Advisory Services Family business enterprises are critical to the success of the Indian economy Many of India s largest and most celebrated companies today are nurtured by a
More informationPwC s video analytics solutions
www.pwc.in PwC s video analytics solutions Industry overview Mature analytics engines and a significant increase in camera and server processing power have added a cutting-edge dimension to video surveillance
More informationTechnology Consulting Analytics solutions for manufacturing and industrial products
www.pwc.in Technology Consulting Analytics solutions for manufacturing and industrial products Overview Technological and digital innovations are transforming the manufacturing and industrial products
More informationE-way bill - basic provisions
from India Tax & Regulatory Services E-way bill - basic provisions January 31, 2018 In detail The provisions pertaining to the E-way bill for inter-state movement of goods will be effective from 01 February,
More informationAre you prepared for this Challenge? The new COSO Enterprise Risk Management Framework
Are you prepared for this Challenge? The new COSO Enterprise Risk Management Framework CAGFO 2018 Conference Winnipeg, MB September 13, 2018; 10:30am Agenda 01 What is being said of ERM today? 02 What
More informationManaging the compliance conundrum
www.pwc.com/india Managing the compliance conundrum Compliance Risk Historically, boards have been perceived to focus primarily on value creation for shareholders. But with renewed attention to statutory
More informationNavigating the path to maturity
Trends, issues and challenges in India Navigating the path to maturity Executive Remuneration in India Introduction Over the last few years, the senior executive rewards landscape in India has evolved
More informationUnleashing the power of innovation
How the role of innovation within the business and the way companies innovate are being transformed. Unleashing the power of innovation www.pwc.com 2 Unleashing the power of innovation Gauging changing
More informationAchieving business objectives through successful transformation projects
August 2017 Achieving business objectives through successful transformation projects www.pwc.com.au Project portfolios, the heart and soul of maintaining market relevance Where the rubber hits the road...
More informationUK Corporate Governance Code: Raising the bar on risk management Why this is not business as usual and what you need to do to comply
www.pwc.co.uk/riskassurance UK Corporate Governance Code: Raising the bar on risk management Why this is not business as usual and what you need to do to comply February 2014 The FRC intends the proposed
More informationEnterprise Risk Management: Developing a Model for Organizational Success. White Paper
Enterprise Risk Management: Developing a Model for Organizational Success White Paper January 2009 Overview Less than a decade ago, Enterprise Risk Management (ERM) was an unfamiliar concept. Today, the
More informationTelecom analytics. Advisory, India Analytics
Telecom analytics Advisory, India Analytics 2 Telecom analytics Contents Why analytics? 4 Analytics across an enterprise 5 Challenges faced in telecom 6 Where can organisations start? 7 Our services 9
More informationAligning organisational culture with Enterprise Risk Management
Aligning organisational culture with Enterprise Risk Management Krishna Nagar & Mark George Hayes University of the Witwatersrand School of Statistics and Actuarial Science DST-NRF Centre of Excellence
More informationPwC view Five trends to watch in telecom during
PwC view Five trends to watch in telecom during 2013 www.pwc.in Before we move to 2013, it s worth revisiting our predictions for 2012. We find that we scored a tad higher than 3/5. Here s what we predicted
More informationMulti-capital reporting in India
Integrated Reporting Multi-capital reporting in India www.pwc.in Background Accounting practices have evolved through centuries 1 can 2 3 Integrated Reporting approach that can help investors understand
More informationSummary Report Ethics Summit 2017 Doing Business the Right Way
https://www.indiaoppi.com/publications Summary Report Ethics Summit 2017 Doing Business the Right Way www.pwc.in Setting the context About OPPI and Ethics Summit 2017 Trust is an emotional glue which holds
More informationPwC s 2015 Global Digital IQ Survey. Digital IQ perspectives: Unlocking data possibilities
PwC s 2015 Global Digital IQ Survey Digital IQ perspectives: Unlocking data possibilities Do you trust your data? As they say, information is power. If you can unlock data s disruptive force, you have
More informationCompanies Act 2013: Gearing up to be incontrol. Financial Controls
Companies Act 2013: Gearing up to be incontrol of Internal Financial Controls Gearing up for implementing Section 134 Preamble Indian regulations have been modified to reflect the developments in the Western
More informationCompleting the ERM Circle
Completing the ERM Circle A Role for Continuous Controls Monitoring Andrew Simpson MBA, CISA Chief Operating Officer CaseWare RCM Inc. Agenda Definitions COSO Integrated ERM Framework Self Assessments
More informationEnterprise Risk Management Discussion American Gas Association Risk Management Committee Meeting
Enterprise Risk Management Discussion American Gas Association Risk Management Committee Meeting July 17, 2017 Objectives Provide perspective on the evolution of Enterprise Risk Management (ERM) New 2017
More informationCompanies Act 2013: Embedding risk management in the business rhythm
Companies Act 2013: Embedding risk management in the business rhythm Gearing up for implementing Sections 134 & 177 Call to action Assess the adequacy and robustness of your risk management policy and
More informationERM Retooled: Driving Performance by Revising and Enhancing Risk Management Governance Wipfli LLP
ERM Retooled: Driving Performance by Revising and Enhancing Risk Management Governance 2018 Wipfli LLP In September 2017, the Committee of Sponsoring Organizations (COSO) a committee that provides guidance
More informationTransparency in the digital age: companies should talk about their cyber security
Transparency in the digital age: companies should talk about their The cyber security of companies is an increasingly important issue for society. Nations depend on the of both public and private institutions
More informationCOSO ERM: Integrating with Strategy and Performance. Michael Parkinson
COSO ERM: Integrating with Strategy and Performance Michael Parkinson Content The COSO Frameworks Risk (Enterprise) Risk Management The COSO risk management framework A few highlights Questions for management
More informationMiles CPA Review: BEC Q Updates for 2017 Edition
Miles CPA Review Miles CPA Review: BEC Q2 2018 Updates for 2017 Edition Summary of updates: - New version CPA exam structure (w.e.f. April 2017) Time management on the exam - BEC-1.3 Enterprise Risk Management
More informationAre you prepared to make the decisions that matter most? Decision making in consumer goods
www.pwc.com/bigdecisions Are you prepared to make the decisions that matter most Decision making in consumer goods Results from PwC s Global Data & Analytics Survey 2014 consumer goods Changing demographics
More informationAdvisory Services Governance, Risk & Compliance
Advisory Services Governance, Risk & Compliance Caribbean Association of Audit Committee Members Inc. 2010 Conference Caretakers of Integrity and Accountability: The Role of Internal Audit in Corporate
More informationTransforming Internal Audit through data analytics
www.pwchk.com Transforming through data analytics What is driving demand for analytics services? Increased focus on risk, compliance, and transparency has required groups to develop a deeper understanding
More informationLeveraging customer persona for insurance in a digital era
Leveraging customer persona for insurance in a digital era CII North Insurance Summit 2018 www.pwc.in 2 PwC Leveraging customer persona for insurance in a digital era Table of contents 01 Foreword 02 Context
More informationThe finance function of the future: Use IFRS 17 to build your competitive advantage
July 2018 Introduction p2 / The importance of improved analytics p3 /Creating a bionic finance function p5 / Next steps p7 The finance function of the future: Use IFRS 17 to build your competitive advantage
More informationThe finance function of the future: Use IFRS 17 to build your competitive advantage
July 2018 Introduction p2 / The importance of improved analytics p3 /Creating a bionic finance function p5 / Next steps p7 The finance function of the future: Use IFRS 17 to build your competitive advantage
More informationPRIMS stands for proactive risk intelligence and monitoring solution. Continuous monitoring through PRIMS
PRIMS stands for proactive risk intelligence and monitoring solution. Continuous monitoring through PRIMS PRIMS provides insights into fraud and compliance risks by analysing structured and unstructured
More informationThe Current State of Risk Management Maturity for Belgian Organizations kpmg.com/be
Enterprise Risk Management The Current State of Risk Management Maturity for Belgian Organizations kpmg.com/be 2 Enterprise Risk Management Table of content 1. Introduction...05 2. Takeaways...07 3. Key
More informationMeasuring and communicating success
Government and the 19th Annual Global CEO Survey / 2016 Redefining success in a changing world Measuring and communicating success www.pwc.com/ceosurvey Contents Measuring and communicating success 04
More informationThe importance of telling an authentic story Q&A with Andrew Price, Group FC, Legal & General
www.pwc.co.uk The importance of telling an authentic story Q&A with Andrew Price, Group FC, Legal & General Building Public Trust 2015 Excellence in reporting awards 2015 marked the 13th successive year
More informationInd AS Master Class Practical insights on transition to Ind-AS Fifth Edition Delhi I Mumbai
Ind AS Master Class Practical insights on transition to Ind-AS Fifth Edition Delhi I Mumbai On 20 February 2015, the Ministry of Corporate Affairs issued a notification announcing the Ind-AS conversion
More informationEmerging Trends in Auditing ERM COSO ERM 2017
Emerging Trends in Auditing ERM COSO ERM 2017 AGENDA Our Agenda for today will Include; Introducing COSO ERM 2017. Organizational Bias Risk - Aware Culture Risk Portfolio View. Risk Appetite & Tolerance.
More informationStrengthening Your Enterprise Risk Management Process
Strengthening Your Enterprise Risk Management Process Belinda Mumma, Senior Consultant, Enterprise Risk Management Services bmumma@sollievo.com (866) 605-5664 x3400 Discussion Topics Definition of Enterprise
More informationpwc.co.uk Enterprise Risk Management
pwc.co.uk Enterprise Risk Management Contents What s on your mind? 01 Our point of view 02 What good looks like 04 How we can help 06 What you gain 07 When to act 08 Intelligent Digital 09 What s on your
More informationBy the Financial Forensic Investigation Team of the Attorneys Fidelity Fund
Find the problem before it finds you By the Financial Forensic Investigation Team of the Attorneys Fidelity Fund Allowing events to destroy the vision you have of your firm can be managed and limited,
More informationThe Role of Procurement in an enterprise wide transformation programme Fit for Growth
,, The Role of Procurement in an enterprise wide transformation programme Fit for Growth CIPS Procurement Conference March 2018 Peter Chambers PwC Director, Procurement and Supply Chain The need for transformation
More informationManaging your risk, creating value: The role of Internal Audit and emerging technologies
www.pwc.com/vn Internal Audit. Expected More. Managing your risk, creating value: The role of Internal Audit and emerging technologies Xavier Potier Director, Risk Assurance Services 13 th April 2018 With
More informationThe PwC Internal Audit. Expect More.
The PwC Internal Audit. Expect More. Enhancing the Internal Audit function to build trust within your organisation As a business that s going places, we believe you can and should expect more from Internal
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationBoards and internal audit: Working together to strengthen risk management
Boards and internal audit: Working together to strengthen risk management Growing demands on boards The role of the board has always been an important and demanding one, but today s board members face
More informationCanadian Insurance Accountants Association
www.pwc.com/ca Canadian Insurance Accountants Association Corporate Governance Rising Expectations Presented By: Sandeep Dhiman May 20, 2015 Agenda 1. Current Corporate Governance Environment 2. Hot Topics
More informationBusiness inspections
www.pwc.es Business inspections We can help you with risk prevention and compliance We add the value you need Are you prepared for an inspection at your company? Regulatory changes to corporate governance
More informationGood Corporate Governance (GCG) Being a good corporate citizen is good risk management
Good Corporate Governance (GCG) Being a good corporate citizen is good risk management Margaret Jackson Chairman Qantas Airlines, March 2004 Being a good corporate citizen is good risk management Margaret
More informationOurperspective. The CMO s role in privacy Are your marketing programs affecting your brand?
October 2014 Ourperspective The CMO s role in privacy Are your marketing programs affecting your brand? Customer data is one of your organization s most valuable assets. It yields insights into consumer
More informationEY Center for Board Matters Boards and internal audit
EY Center for Board Matters Boards and internal audit Working together to strengthen risk management Growing demands on boards The role of the board has always been an important and demanding one, but
More information292 CEOs interviewed in 56 countries 41% 93% Industrial manufacturing. 20 th CEO Survey.
20 th CEO Survey Industrial manufacturing 292 CEOs interviewed in 56 countries 41% of industrial manufacturing CEOs said they were very confident about growth See page 1 93% of industrial manufacturing
More informationRisk appetite: bitten off more than you can chew?
pwc.com.au Risk appetite: bitten off more than you can chew? What do you value? 2 PwC Introduction One of the lasting impacts of the global financial crisis has been an increased focus on risk, from both
More informationProgressive Organization PERSPECTIVE
Progressive Organization PERSPECTIVE Progressive organization Owing to rapid changes in today s digital world, the data landscape is constantly shifting and creating new complexities. Today, organizations
More informationSupply Chain Analytics as an Accelerator Towards Operational Excellence March 2018
www.pwc.gr Supply Chain Analytics as an Accelerator Towards Operational Excellence Agenda 1. PwC survey highlights: facts and figures 2. Analytics in the Supply Chain 3. How can Analytics a-x-elerate Operational
More informationEnterprise Resilience A business imperative for an era of change
www.pwc.co.uk Enterprise Resilience A business imperative for an era of change A London First/PwC research report on organisational resilience, as BS 65000 reaches its first anniversary. 2 Enterprise Resilience:
More informationAre you prepared to make the decisions that matter most? Decision making in power & utilities
www.pwc.com/bigdecisions Are you prepared to make the decisions that matter most Decision making in power & utilities Results from PwC s Global Data & Analytics Survey 2014 power & utilities Renewables.
More informationGoing beyond PwC s Certification and Compliance services
pwc.com.au/goingbeyond PwC s Certification and Compliance services i Contents 02 pg pg Introduction A better way to certification and compliance 03 PwC s Certification services Certified by PwC 06 pg pg
More informationLeveraging IT risk management to boost competitive advantage
Pharmaceuticals and Life Sciences Leveraging IT risk management to boost competitive advantage Achieving integrated information technology, governance, risk, and compliance Table of contents The heart
More informationRisk Management 23RD SESSION OF THE STANDING COMMITTEE ON PROGRAMMES AND FINANCE AGENDA ITEM 7
23RD SESSION OF THE STANDING COMMITTEE ON PROGRAMMES AND FINANCE AGENDA ITEM 7 Risk Management Joseph S. Appiah Director Department of Resources Management RISK MANAGEMENT AT IOM BACKGROUND In 2014, IOM
More informationNext-generation enterprise risk management
Next-generation enterprise risk management Advancing strategy and performance in light of the COSO 2017 refresh Heading into the beginning of the year, the EY Center for Board Matters published the Top
More informationGearing up for GDPR Compliance - Practical steps to ensure compliance with the revised data protection regulation. Chris Bernau.
Gearing up for GDPR Compliance - Practical steps to ensure compliance with the revised data protection regulation. Chris Bernau October 2016 Agenda 1. What do we know about GDPR? 2. How should we approach
More informationCHARACTER ELSEVIER COMPETENCY FRAMEWORK
CHARACTER ELSEVIER COMPETENCY FRAMEWORK CHARACTER: DISPLAYS INTEGRITY AND HONESTY DEFINITION: Leads by example; walks the talk ; models core values; follows through on promises; trusted by others; honest
More informationCOSO Enterprise Risk Management Framework- Integrating Strategy and Performance
www.pwc.com COSO Enterprise Risk Management Framework- Integrating Strategy and Performance October, 2017 Agenda 1 Introducing COSO 2 Why update the Framework now? 3 What has changed? 4 What does it mean
More information2013 New COSO 2013 Framework and Current Trends in Risk Management
2013 New COSO 2013 Framework and Current Trends in Risk Management Session 105 IASA 86 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW Agenda COSO 2013 framework Overview Why the update? What has been
More informationERM vs. Internal Audit
ERM vs. Internal Audit Differences and Overlaps Kuwait ERM Conference March 2015 Evolving expectations Risk Management Programs Organisations today are struggling with effectively managing risks across
More informationA leader for all seasons?
www.psrc.pwc.com A leader for all seasons? Talking Points Why clinical commissioning groups need different leadership for different times Contents Summary 1 Introduction: coping with a major change agenda
More informationInternal Control Integrated Framework. An IAASB Overview September 2016
Internal Control Integrated Framework An IAASB Overview September 2016 0 Table of Contents COSO & Project Overview Internal Control-Integrated Framework Illustrative Documents Illustrative Tools for Assessing
More informationInternal Control Integrated Framework. An IAASB Overview September 2016
Internal Control Integrated Framework An IAASB Overview September 2016 0 Table of Contents COSO & Project Overview Internal Control-Integrated Framework Illustrative Documents Illustrative Tools for Assessing
More informationWhitepaper September Middle East Perspective State of the Internal Audit Profession 2016
Whitepaper September 2016 Middle East Perspective State of the Internal Audit Profession 2016 Foreword 4 Introduction 5 Value Staying effective in a changing world 6 Leadership 5 attributes of the most
More informationEnterprise Risk Management Aligning Risk with Strategy and Performance COSO ERM Framework Update
Enterprise Risk Management Aligning Risk with Strategy and Performance COSO ERM Framework Update April 4, 2017 Agenda 1. Setting the Stage for Enterprise Risk Management 2. Project Overview 3. Key Changes
More informationAudit by Design: Moving Beyond Continuous Auditing - a Vision for Future Models
Audit by Design: Moving Beyond Continuous Auditing - a Vision for Future Models Kendall Tieck, VP Internal Audit, Workday, Inc. Professional Strategies S31 If you look in the rear view mirror too long
More informationCharter for Enterprise Risk Management
for Enterprise Risk Management Prepared by: Shannon Sinclair Version: 1.2 Document Id: Date: Release Date TABLE OF CONTENTS TABLE OF CONTENTS... i 1. Background... 1 2. Objectives... 1 3. Scope... 2 3.1
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationWhat could lead A-EV deployment to cruise or accelerate? A range of factors driving deployment levels underpin the potential decarbonisation impact of A-EVs. A-EV projections differ, both in terms of the
More information10 Risk Management Imperatives for Internal Auditing
10 Risk Management Imperatives for Internal Auditing Disclaimer Copyright 2009 by The Institute of Internal Auditors and its Audit Executive Center located at 247 Maitland Avenue, Altamonte Springs, Fla.
More informationCan your customers trust your services? Third Party Assurance
www.pwc.ro Can your customers trust your services? Third Party Assurance ISAE 3402 and SSAE 16 Audit Services Your customers need confidence... The concentration on the core business and the increasing
More information5th CAE Annual Conference
5th CAE Annual Conference 6 7 December 2015 Lead to Innovate, Innovate to Lead Data-Enabled Auditing Thomas Pulling www.pwc.com/me Data-Enabled Auditing Welcome and introduction 3 Introductions Thomas
More informationStand out for the right reasons Getting your approach to CASS right
www.pwc.co.uk/fsrr Stand out for the right reasons Getting your approach to CASS right Our dedicated CASS Advisory team can help you with all your client asset needs. The CASS challenges The Financial
More informationNovember Culture: what does it look like and how does it impact risk management?
November 2012 Culture: what does it look like and how does it impact risk management? Discussion agenda Providing the context culture modelling Observing behaviours through case studies Opportunities for
More informationEnterprise Risk Management (ERM) - Impact of 2017 COSO ERM Model
Enterprise Risk Management (ERM) - Impact of 2017 COSO ERM Model Institute of Internal Auditors, Detroit Chapter Meeting February 2019 With you today Sarah Ann Moore Director Internal Audit and Enterprise
More informationInternal Audit Outsourcing. Managing change and creating opportunity. The PwC Internal Audit.
Internal Audit Outsourcing Managing change and creating opportunity The PwC Internal Audit. 1 As a business that s going places, we believe you can and should expect more from Internal Audit and an outsourced
More informationMany Hats: Audit and Risk Committee Series
Many Hats: Audit and Risk Committee Series Behavioural risk: How can Audit and Risk Committee members ensure the culture within your organisation isn t resulting in unnecessary risk? September 2018 Many
More informationRising to the challenge
www.pwc.co.nz Rising to the challenge Keeping pace with stakeholder expectations Internal Audit. Expect More. Raising the bar A route map for delivering Internal Audit excellence As the risk landscape
More informationMaximizing value from your lines of defense
Insights on governance, risk and compliance December 2013 Maximizing value from your lines of defense A pragmatic approach to establishing and optimizing your LOD model Contents Introduction Are you getting
More information9/17/2017. An Overview of COSO s New Framework and Implementation Guidance SPEAKER. Laura Harden, CPA History
An Overview of COSO s New Framework and Implementation Guidance SPEAKER Laura Harden, CPA lharden@cbh.com History 2 1 About COSO Committee of Sponsoring Organizations Formed in 1985 to sponsor the National
More informationEnterprise Risk Management Integrated with Strategy & Performance
Implementing the updated COSO ERM framework Enterprise Risk Management Integrated with Strategy & Performance Frank Balabyeki February 2, 2018 What is the Updated COSO ERM Framework? Key Changes to the
More informationEnterprise Risk Management
Enterprise Risk Management A Roadmap For Implementation June 12, 2018 Presented by: Speaker Name Marianne Turnbull CohnReznick LLP 4 Becker Farm Road Roseland, NJ 07068 P: 973-228-3500 E:marianne.turnbull@cohnreznick.com
More informationPublic Internal Control Systems in the European Union
Public Internal Control Systems in the European Union The three lines of defense in a Public Sector environment Discussion Paper No. 9 Ref. 2017-2 The information and views set out in this paper are those
More informationMichael Lammie Director, PricewaterhouseCoopers
www.pwc.com BSA/AML Risk Assessment and Data Analytics ACAMS Chicago Chapter Michael Lammie Director, PricewaterhouseCoopers Welcome 2 Current State Risk Assessment Challenges Current State Point in time
More informationIntegrated Reporting: Continuing the journey
Integrated Reporting: Continuing the journey www.pwc.com/my Responding to the need for better insight Most businesses today see the importance of communicating value, recognising stakeholders need for
More informationBusiness Benefits by Aligning IT best practices
Business Benefits by Aligning IT best practices Executive Summary Since the Sarbanes-Oxley Act (Sarbanes-Oxley or SOX) was signed into law in 2002, many companies have adopted some IT practices to comply
More information31 CEOs interviewed in 23 countries 32% 94% Forest, paper and packaging. 20th CEO Survey.
20th CEO Survey Forest, paper and packaging 31 CEOs interviewed in 23 countries 32% of FPP CEOs said they were very confident about growth See page 1 94% of FPP CEOs expect the bulk of growth to develop
More informationBeyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404
Beyond Compliance Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404 Note to Readers Regarding This First Edition April 2003: This document was published
More informationGovernance and reporting. How can boards navigate their way through a changing regulatory landscape?
Governance and reporting How can boards navigate their way through a changing regulatory landscape? Governance and reporting How can boards navigate their way through a changing regulatory landscape? Boards
More information