AASHTO Guide for Enterprise Risk Management: An Overview. Tim Henkel, Assistant Commissioner, Mn DOT NCHRP Project 08-93

Transcription

1 AASHTO Guide for Enterprise Risk Management: An Overview Tim Henkel, Assistant Commissioner, Mn DOT NCHRP Project 08-93

2 Overview of the Guide Enterprise Risk Management Provides documented benefits Builds credibility, transparency Supports decision making Complements performance Provides consistency and continuity in services Minimizes threats, capitalizes on opportunities NCHRP

3 The Path to the Guide We reviewed the risk management guides in Australia, New Zealand, Canada, and England We reviewed the ISO Standard Interviews risk practitioners Reviewed private sector examples NCHRP

4 Risk as Defined in the Guide Risk is the positive or negative effects of uncertainty or variability upon agency objectives. It includes Uncertainty Variability Threats Opportunities NCHRP

5 Guide Presents Risk Management as the Third Pillar Asset and performance management drive performance Risk management is an enabler It identifies, mitigates uncertainty to objectives Asset Management Strategic Objectives Risk Management Performance Management NCHRP

6 Guide Addresses Why Manage Risk Risks are inevitable If something is inevitable, it is irresponsible to ignore it We either practice risk management or crisis management NCHRP

7 Expansion of Risk Management Risk management used to be a specialty area for controlling insurance costs Now it is a much broader architecture for enhancing corporate competencies MAP-21 triggers transportation application NCHRP

8 The Guide: Formalizing Risk We all generally manage risks now Generally, however, application of risk is episodic or limited to specific projects or tasks The guide will support agencies in developing a systematic, comprehensive enterprise risk management program NCHRP

9 Guide Based on ISO ISO risk process ISO is International Organization of Standards Based on earlier Australian framework Adopted across Europe and U.S. Guide adopts ISO framework Communicate and Consult Establish the Context Identify Risks Analyze Risks Evaluate Risks Manage Risks Monitor and Review NCHRP

10 Elements of the Guide For agencies starting with ERM the guide provides a how to manual Provides draft policies Gives staff the tools Illustrates incorporating risk management into decision making processes. Tools Policies Process NCHRP

11 Managing Risk at All Levels Guide explains how to cascade risk management to all levels of organization Enterprise Program Project Activity NCHRP

12 Tools for Risk Identification Provides strategies to identify risks Risks come in many forms Guide helps to identify, categorize risks This feeds understanding of risks NCHRP

13 Risk Analysis Tools Provides scales for scoring the likelihood and consequence of risks Creates common scoring system so disparate risks can be compared NCHRP

14 State of the Practice Two chapters illustrate application Critical review of state of practice Examples of risk applied to typical business areas NCHRP

15 Advanced Tools Risk registers Delphi Variability Simulator Monte Carlo Decision Trees NCHRP

16 Conclusion Guide provides a comprehensive framework Quick Guide provides a brief summary Chapters provide a get started roadmap Advanced tools support more mature practitioners The NCHRP Risk Implementation project provides an opportunity for states to get engaged in implement risk management in their agency. NCHRP