University of California Risk Services. Enterprise Risk Management Resources
|
|
- Magnus Baker
- 6 years ago
- Views:
Transcription
1 University of California Risk Enterprise Risk Management Resources
2 What is Enterprise Risk Management? Enterprise Risk Management (ERM) is defined by the Committee of Sponsoring Organizations (COSO) as "a process, effected by an entity's board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. 2
3 UC ERM HISTORY Regents adopt COSO framework (1996) Controller positions established at each campus (late 1990s) Several campuses develop ERM initiatives (2004 present) Chief Risk Officer (CRO) position established (December 2004) ERM Panel formed to develop an ERM strategy (June 2005) KPMG selected to review existing programs and data and identify what components of the ERM framework exists and what processes or programs needed in order for UC to move forward with the implementation of ERM (2006) IBM Cognos Software selected for UC ERM Data Warehouse Website developed Resources deployed Maturity model 3
4 Recognition for UC ERM Program UC was the first non-financial institution to receive credit agency acknowledgement of our Enterprise Risk Management Program: The UC has implemented a system-wide enterprise risk management information system, which, in our opinion, is a credit strength. Standard & Poor s RatingsDirect on the Global Credit Portal, September 9, 2010 APQC (the American Productivity and Quality Center), the leading non-profit organization focused on quality improvement and benchmarking, selected the University of California as one of the top 5 Best-Practice Organization in Enterprise Risk Management out of over 300 global organizations. 4
5 Recognition for UC ERM Program UC is known as a center of excellence for Enterprise Risk Management. During 2010, the Risk website was visited by more than 128,000 unique visitors, including institutions of higher education and Fortune 100 companies, from more than 200 countries. The department has become a center of excellence and has assisted numerous organizations with their ERM programs, including private and public institutions of higher education, government agencies, and corporations of varying sizes both domestically and internationally. 5
6 A Strategic View of Risk UC Office of Risk strategy is to ensure that the solutions we deploy are focused on results: creating efficiency, reducing the cost of risk, improving the cost of borrowing, and reducing IT and operational redundancy. Improve Cost of Borrowing Create Efficiency Reduce Cost of Risk Improve Cost of Borrowing Reduce IT and Operational Redundancy 6
7 The foundation of UC s Enterprise Risk Management (ERM) program is to have people actively manage their various risks Everyone is a Risk Manager. The University utilizes a multifunctional approach that attacks the University s entire portfolio of risk by utilizing a host of different tools, workgroups, and initiatives. Our solutions allow the University to take on new opportunities and, by managing risk strategically, ensure optimum outcomes. We have learned that by focusing on developing tools and processes that address a broad array of risks, both frequent and infrequent yet catastrophic ( black swans ), small and large, we create a more efficient and effective program. 7
8 UC ERM Solution Set 8
9 UC ERM Maturity Work Plan The ERM Maturity Work Plan has been enhanced since its implementation three years ago, adding consistency to the assessment and systemwide reporting on the maturity of the ERM Program. Campuses collaborated and agreed two years ago to begin assessing maturity of the ERM Initiative Goals. The Initiative Goals define what the ERM Program is to achieve in the long-term. The growth can be seen in the summary tables presented below. TABLE 1. CHANGE IN AVERAGE MATURITY RATINGS, JANUARY 2011-SEPTEMBER INITIATIVE GOALS ERM Components Initiative Goals Initiative Goals (Sept 2011) (Jan 2011) Internal Environment/Objective Setting Event Identification/Risk Assessment Risk Response/Control Activities Information & Communication Monitoring
10 UC ERM Tool Kit Dashboards Surveys Forms UC Action Risk Assessment Financial Controls UC Ready Resources Monthly Webinars 10
11 11
12 Insert OPRS Main Page 12
13 13
14 ERMIS Dashboard Ready Risk Assessments ERMIS Dashboard-Ready Risk Assessments The UCOP Office of Risk now offers four Excel based workbooks intended to support ERMIS Dashboard users in their assessment of risks related activities. These tools have been designed to provide insight from multiple perspectives, including: A budget change perspective A control perspective A key risk and mitigation perspective for new programs or initiatives A program risk review perspective Once populated, the data from each of these tools can be exported and integrated directly into the ERMIS for future reference and historical trend analysis. 14
15 Standard Risk Assessment Templates Standard Risk Assessment Templates In addition to the "Dashboard- Ready" Risk Assessment Templates, there are several other templates available. These include: Control Self Assessment (pdf) University of California Hazard Vulnerability Assessment (doc) IT Risk Assessment (pdf) Risk Survey Template (doc) Sample Project Risk Assessment (doc) Risk Ranking Tool (xls) ERM Case Study (pdf) 15
16 Risk Assessment: New Initiative Risk Review Tool This workbook will help you consider the strategic, financial, operational, compliance, reporting, and reputational risks associated with a new initiative or project. It will not make decisions for you, but it will help you organize your thinking as you consider your initiative or project's enterprise risk management implications. This tool will enable you to assess the following for each set of objectives: Risks associated with each set of objectives Probability of those risks impacting the objectives Potential impacts of those risks Strategies for mitigating, controlling, or otherwise addressing those risks Individual(s) responsible for executing the strategies identified 16
17 Risk Assessment: New Initiative Risk Review Tool 17
18 ERM Key Risks and Mitigation Plan Welcome to the ERM Key Risks and Mitigation Plan workbook. This workbook will help you consider the strategic, financial, operational, compliance, reporting, and reputational risks associated with a new initiative or project. Not all initiatives or projects will have risks in all six areas, so you should not feel compelled to put something on every worksheet. This workbook will not make decisions for you, but it will help you organize your thinking as you consider your initiative or project's enterprise risk managment implications. Identify the following for each set of objectives: Risks associated with each set of objectives Probability of those risks impacting the objectives Potential impacts of those risks Strategies for mitigating, controlling, or otherwise addressing those risks Individual(s) responsible for executing the strategies identified Before you begin, please complete the identifying information at the top of this page and save this workbook in a secure location with an appropriate, unique name. This will minimize confusion if multiple workbooks are completed. Use the button below to get started. When you have completed the worksheet, you may export the data into a new workbook and save your information in comma separated value file (.csv) for use in the University's Enterprise Risk Management Information System (ERMIS) by coming back to this page and selecting the "Export" button when you're done. Project/Initiative description: UC Location: Department/College: Person(s) completing this workbook: Date workbook completed: Project Information 18
19 Strategic Objectives Financial Objectives Operational Objectives Compliance Objectives Reputational Objectives Reporting Objectives Return to Introduction Graph Evaluating Risks Strategic Risks (Use this space to identify those risks that could impair accomplishing identified objectives) Likelihood Severity Impact Accountability (Use this space to describe what (Use this space to identify who is would happen if the identified risk responsible for monitoring this actually occurred.) activity.) Low Low Very high Very high Strategic Objectives 1. (Use this space to list your strategic objectives.)
20 Severity Strategic Objectives Financial Objectives Operational Objectives Compliance Objectives Reputational Objectives Reporting Objectives Strategic Strategic Return to Introduction Evaluating Risks Financial Compliance Reputationa Reporting This chart is a graphical representation of the different types of risks identified during your assessment. The larger the bubble, the higher the number of risks identified. The closer the bubble moves to the upper-right hand corner of the graph, the higher the estimated impact and likelihood. Operational Frequency Likelihoo Likelihood d Likelihood Severity
21 Get Started! All done? Click here to export your data to an ERMIScompatible.csv format. Also, you can click here to view your data in a printerfriendly summary format. Printerfriendly Summary
22 Program Risk Review Similar to the Key Risk and Mitigation workbook above, this workbook will help you consider the strategic, financial, operational, compliance, reporting, and reputational risks associated with an existing initiative or project. Unlike the New Initiative Risk Review Workbook, this workbook is focused on existing initiatives or projects, rather than new ones, and will also take into consideration the effectiveness of existing controls and help the user estimate their residual risk. This workbook will not make decisions for you, but it will help you organize your thinking as you consider your initiative or project's enterprise risk management implications. This workbook enables you to assess the following for each set of objectives: Risks associated with each set of objectives Controls used to monitor risks such as reports and dashboards Frequency of the monitoring of controls Strategies for mitigating or otherwise addressing those risks Individual/department(s) responsible for executing the strategies identified 22
23 Program Risk Review using ERM Welcome to the Program Risk Review using ERM workbook. This workbook will help you consider the strategic, financial, compliance, operational, reputational, and reporting risks associated with ongoing programs. This workbook will not make decisions for you, but it will help you organize your thinking as you consider your initiative or project's enterprise risk managment implications. Not all programs will have objectives in all of these areas, (e.g. - not all programs will have compliance objectives) but each category should be considered. Identify the following for each set of objectives: Risks associated with each set of objectives Controls used to monitor risks such as reports and dashboards Frequency of the monitoring of controls Strategies for mitigating or otherwise addressing those risks Individual/department(s) responsible for executing the strategies identified Before you begin, please complete the identifying information at the top of this page and save this workbook in a secure location with an appropriate, unique name. This will minimize confusion if multiple workbooks are completed. Use the button below to get started. Also, be sure to document the scale parameters used completing this workbook on the tab provided. When you have completed the worksheet, you may export the data into a new workbook and save your information in comma separated value file (.csv) for use in the University's Enterprise Risk Management Information System (ERMIS) by coming back to this page and selecting the "Export" button when you're done. Project/Initiative description: Project Information UC Location: Department/College: Person(s) completing this workbook: Date workbook completed: Get Started! All done? Click here to export your data to an ERMIS-compatible.csv format. Also, you can click here to view your data in a printer-friendly summary format. Printer-friendly Summary 23
24 Unit Risk Assessment Workbook This workbook will help you consider the factors affecting the risks faced by your Campus or Medical Center location. It will help you compare the benefits and risks of each option so you can make informed decisions. This tool shall support data collection and analysis activities for the following subject areas: Event Likelihood Financial Severity Reputational Impact Severity Time to Impact Injury Severity 24
25 Financial Controls SAS 112/115* establishes standards and provides guidance to external financial auditors on communicating matters related to an entity's internal control over financial reporting identified in an audit of financial statements. In particular, SAS 112/115: Defines the terms "significant deficiency" and "material weakness" incorporating the definitions already in use for public companies Provides guidance on evaluating the severity of control deficiencies identified in an audit of financial statements Requires the auditor to communicate in writing, to management and those charged with governance such as the University Board of Regents, significant deficiencies and material weaknesses identified in an audit 25
26 UC Tracker Financial Controls A work group, consisting of representatives from UC San Diego and IBM, has developed a web based tool, called UC Tracker, to facilitate the review and documentation of key department controls as required by SAS 112/115*. Key internal controls, such as ledger review and equipment inventory, require hundreds of employees at each campus to perform controls and certify effectiveness. Evidences of performance and certification currently reside in various campus departments requiring the maintenance of many files and the transfers of significant amounts of paper to central offices. UC Tracker eliminates the need for maintaining certification files and sending certifications to central offices. It can also reduce the need for files documenting the performance of several key controls. UC Tracker includes a notification system to remind performers and certifiers that it is time to perform or certify a control and to alert higher level management when a control is not performed or certified timely. A webbased dashboard in UC Tracker provides campus management with a complete and current status of the performance and certification of key controls. 26
27 UC Action 27
28 DEPARTMENT SCHOOL CAMPUS SYSTEMWIDE Risk How UC Action works within COSO framework Event Identification Users identify that an event has occurred Risk Assessment Users evaluate the risk for impact and likelihood should the event recur Control Activities Based on the results of the risk assessment, identify and implement appropriate control activity Information and Communication Ensure all appropriate individuals are informed of the controls and provided information to ensure continued compliance Monitoring Revisit established controls on an ongoing basis to ensure they are effective, functioning as designed and that they continue to provide relevant protection to the organization. STRATEGIC OPERATIONS REPORTING Internal Environment Objective Setting Event Identification Risk Assessment Risk Response Control Activities Information & Communication Monitoring COMPLIANCE 28
29 Budget Changes Work Book 29
30 Impact of Occurrence Risk Risk Assessment Traditional Heat Map High G C A Unacceptable A B C D E F G Med Low E Acceptable Caution B D Low Med High Likelihood of Occurrence F 30
31 Impact Very Low Low Medium High very High Risk Workbook Heat Map Impact & Likelihood Very Low Low Medium High Very High Likelihood 31
32 Control Structure Assessment Tool Rating Values Risk Assessment Impact Likelihood Existing Control Effectiveness Very High Complete 0.95 High 12 8 Significant 0.90 Medium 9 6 Substantial 0.75 Low 6 4 Moderate 0.60 Very Low 3 2 Minor 0.30 Minimal
33 Control Structure Assessment Tool Rating Values Additional Controls Control Effectiveness Maximum Effectiveness 0.95 Control Removed Significant Improvement 0.90 Significant Decrease Substantial Improvement 0.75 Substantial Decrease Moderate Improvement 0.60 Moderate Decrease Minor Improvement 0.30 Minor Decrease Minimal Improvement 0.10 Minimal Decrease No Change
34 Calculation of Risk Ratings Risk Rating with Current Controls RCURRENT = (I + L) * (1 CCURRENT) Risk Rating After Changes to Controls RCHANGE = RCURRENT * (1 CCHANGE) Where: I - Impact L - Likelihood CCURRENT - Existing Control Effectiveness CCHANGE - Change to Control Effectiveness 34
35 Impact Very Low Low Medium High very Hign Adequate Control Significant, Substantial Significant, Substantial Significant Significant Complete, Significant Significant, Substantial Significant, Substantial Significant, Substantial Significant Significant Substantial, Moderate Significant, Substantial Significant, Substantial Significant, Substantial Significant, Substantial Substantial, Moderate Substantial, Moderate Substantial, Moderate Significant, Substantial Significant, Substantial Substantial, Moderate, Minor Substantial, Moderate, Minor Substantial, Moderate Substantial, Moderate Significant, Substantial Very Low Low Medium High Very High Likelihood
36 Impact Very Low Low Medium High very Hign Possible Over-Controlled Complete Complete Complete Complete N/A Complete Complete Complete Complete Complete Complete, Significant Complete Complete Complete Complete Complete, Significant Complete, Significant Complete, Significant Complete Complete Complete, Significant Complete, Significant Complete, Significant Complete, Significant Complete Very Low Low Medium High Very High Likelihood
37 Impact Very Low Low Medium High very Hign Possible Under-Controlled Moderate Moderate Substantial, Moderate Substantial, Moderate Substantial Moderate Moderate Moderate Substantial, Moderate Substantial, Moderate Minor, Minimal Moderate, Minor Moderate Moderate Moderate Minor, Minimal, Minor, Minimal Minor Moderate, Minor Moderate Minimal, Minor, Minimal, Minor, Minimal Moderate, Minor Very Low Low Medium High Very High Likelihood
38 Impact Very Low Low Medium High very Hign Under Controlled Minor, Minimal, Minor, Minimal, Minor, Minimal, Minor, Minimal, Moderate, Minor, Minimal, Minor, Minimal, Minor, Minimal, Minor, Minimal, Minor, Minimal, Minor, Minimal, Minimal, Minor, Minimal, Minor, Minimal, Minor, Minimal, N/A Minimal, Minimal, Minor, Minimal, N/A N/A N/A Minimal, Very Low Low Medium High Very High Likelihood
39 Resources Overview Tackling an ERM program can be a daunting task, and though there is a multitude of information available on the Web, it is difficult to know where to start. To help facilitate this process, we have compiled some helpful resources and organized them as follows: Contact the ERM Help Desk What is ERM? How do I get started? Tools and Templates ERM at UC ERM in the News Other Miscellaneous Resources 39
40 Additional Resources 40
41 41
42 Contact Information Terri Kielhorn, JD, LLM Director, Professional Medical & Hospital Liability University of California Office of the President 1111 Franklin Street Oakland, CA (office) 42
Strengthening Business Practices:
Strengthening Business Practices: The Language of Our Control Environment Debbie Rico Internal Controls We are Like a Business Good control is good business Good control is everyone s business You play
More informationMETROPOLITAN TRANSPORTATION AUTHORITY
ENTERPRISE RISK MANAGEMENT AND INTERNAL CONTROL GUIDELINES Pursuant to Public Authorities Law Section 2931 Adopted by the Board on November 16, 2016 These guidelines apply to the Metropolitan Transportation
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationEnterprise Risk Management: Developing a Model for Organizational Success. White Paper
Enterprise Risk Management: Developing a Model for Organizational Success White Paper January 2009 Overview Less than a decade ago, Enterprise Risk Management (ERM) was an unfamiliar concept. Today, the
More informationFrom Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance
Sharon Hale and John Argodale May 28, 2015 2 From Dictionary.com Enterprise: A project undertaken or to be undertaken, especially one that is important or difficult or that requires boldness or energy
More informationEnterprise Risk Management Handbook. June, 2010
Enterprise Risk Management Handbook June, 2010 Table of Contents Overview... 4 What is Enterprise Risk Management?... 5 Why Undertake Enterprise Risk Management?... 6 Draft UW System ERM Vision, Mission,
More informationSuccessful ERM Program Standards. Definitions of Enterprise Risk Management (ERM)
1 Successful ERM Program Standards Enterprise Risk Management Vendor Management Business Continuity IT GRC Internal Audit Regulatory Compliance Manager William C. Hord V.P. of Enterprise Risk Management
More informationStrengthening Your Enterprise Risk Management Process
Strengthening Your Enterprise Risk Management Process Belinda Mumma, Senior Consultant, Enterprise Risk Management Services bmumma@sollievo.com (866) 605-5664 x3400 Discussion Topics Definition of Enterprise
More informationEnterprise Risk Management (ERM) How Internal Audit Can Add Great Value
ASSOCIATION OF HEALTHCARE INTERNAL AUDITORS 2009 ANNUAL CONFERENCE Charting a Course for Excellence Enterprise Risk Management (ERM) How Internal Audit Can Add Great Value to Your Organization s ERM Process
More informationCatching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010
Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified
More information1 About Deskera ERP 9. 2 Getting Started with Deskera ERP 10
Table of Contents 1 About Deskera ERP 9 2 Getting Started with Deskera ERP 10 2.1 Basic Settings 11 2.1.1 Create Users 12 2.1.2 Manage Application Access 13 2.1.3 Configure Company Settings 14 2.1.4 Import
More informationrisk management Regulatory Compliance in Community Bank: An Exercise in Risk Management By:
risk management Regulatory Compliance in Community Bank: An Exercise in Risk Management By: Kelly Lutinski, National Director KellyLutinski@smarterriskmanagement.com www.smarterriskmanagement.com Executive
More informationFY 2013 Internal Audit Annual Report
FY 2013 Internal Audit Annual Report Purpose of the Internal Audit Annual Report: To provide information on the assurance services, consulting services, and other activities of the internal audit function.
More informationInternal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation
Internal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation April 2014 Disclaimer This presentation is made by KPMG Kenya, a member firm of the KPMG network of independent firms affiliated
More informationPractices in Enterprise Risk Management
Practices in Enterprise Risk Management John Foulley Risk Management Practices Head SAS Institute Asia Pacific What is ERM? Enterprise risk management is a process, effected by an entity s board of directors,
More informationGRM OVERSEAS LIMITED RISK MANAGEMENT POLICY
GRM OVERSEAS LIMITED RISK MANAGEMENT POLICY As approved by the Board of Directors at their meeting held on 11.11.2014. 1 P a g e Contents 1. Risk Management...3 2. Policy...3 3. Risk Management Philosophy...3
More informationThe COSO Approach to Enterprise Risk Management
Bank Enterprise Management May 4 5, 2016 New York City The COSO Approach to Enterprise Management Presented by: Jack R. Salvetti, Principal S.R. Snodgrass, P.C. About COSO The Committee of Sponsoring Organizations
More informationTO MEMBERS OF THE GOVERNANCE AND COMPENSATION COMMITTEE: DISCUSSION ITEM
Office of the President G4 TO MEMBERS OF THE GOVERNANCE AND : For Meeting of DISCUSSION ITEM UPDATE ON UNIVERSITY OF CALIFORNIA OFFICE OF THE PRESIDENT AUDIT OF ADMINISTRATIVE EXPENDITURES SALARY-RELATED
More informationBusiness Management System Evaluation Checklist
acceo erp Business Management System Evaluation Checklist Selecting an ERP system to run your business is a decision that will affect your business for many years. Many products offer the same or similar
More informationMessage from the Director 3 Campus Audit Reporting Structure and Staffing 4 Accomplishments - FY16 at a Glance 5 Internal Audit Projects Completed in
Message from the Director 3 Campus Audit Reporting Structure and Staffing 4 Accomplishments - FY16 at a Glance 5 Internal Audit Projects Completed in FY16 6 Effort by Service Type (in hours) 7 Impacts
More informationFatality Prevention/Risk Management
The persistence of high severity events suggests a new approach rooted in safety management systems is needed in order to have different mine safety outcomes. The backbone of this effort is the risk management
More informationThe Role of the Chief Risk Office and the Board s Role in Risk Oversight
The Canadian Society of Corporate Secretaries 16th Annual Corporate Governance Conference Banff Springs Hotel Banff, AB August 24 27, 2014 The Role of the Chief Risk Office and the Board s Role in Risk
More informationCompliance Risk Management
Compliance Risk Management Seventh Annual University Compliance Conference Society for Corporate Compliance and Ethics May 30, 2009 Robert F. Roach, NYU University Ethics and Compliance Officer Robert.Roach@nyu.edu
More informationStatement on Risk Management and Internal Control
INTRODUCTION The Board affirms its overall responsibility for the Group s system of internal control and risk management and for reviewing the adequacy and effectiveness of the system. The Board is pleased
More informationAnnual Financial Sub-certification
Annual Financial Sub-certification University officials are required to sign a document at the end of the annual financial audit. This document is called a Management Representation Letter and it is signed
More informationAn ACUA Whitepaper Presentation: A Practical Guide to Internal Audit Risk Assessments in Higher Education. Presenters
An ACUA Whitepaper Presentation: A Practical Guide to Internal Audit Risk Assessments in Higher Education Presenters Donald Temple, Audit Manager, State University of New York Chris Garrity, Chief Audit
More informationAgriBank District Accounting Conference 2014
www.pwc.com AgriBank District Accounting Conference 2014 Lessons from 2013 Audit and 2014 Audit Focus Agenda Introductions Lessons from 2013 Audit 2014 Audit Timeline 2014 Audit Focus New for 2014 Audit
More informationTRANSPORTATION ASSET MANAGEMENT GAP ANALYSIS TOOL
Project No. 08-90 COPY NO. 1 TRANSPORTATION ASSET MANAGEMENT GAP ANALYSIS TOOL USER S GUIDE Prepared For: National Cooperative Highway Research Program Transportation Research Board of The National Academies
More informationWhy use multiple software systems when you can use just one?q
REFLEX With the Reflex ERP, you can manage all aspects of your business with one single, fully integrated software solution. With real-time updates and embedded features such as analytics, reporting, and
More informationA Practical Approach to Enterprise Risk Management
A Practical Approach to Enterprise Risk Management Presented by: Amit Govil Managing Partner, P&G Associates John McIsaac President, McIsaac Risk Solutions Today s Agenda I. Defining ERM II. Implementation
More informationBusiness Management System Evaluation Checklist
Business Management System Evaluation Checklist Selecting an ERP system to run your business is a decision that will affect your business for many years. Many products offer the same or similar features,
More informationEnterprise Risk Management One University s Approach. Assessing and Managing Risks at Texas A&M University
Enterprise Risk Management One University s Approach Assessing and Managing Risks at Texas A&M University March 4, 2014 Objectives/Outline Overview of ERM Key elements and benefits ERM at Texas A&M University
More informationWORKFORCE SOLUTIONS TEXOMA POLICIES & PROCEDURES CHAPTER 7 - RISK ASSESSMENT
WORKFORCE SOLUTIONS TEXOMA POLICIES & PROCEDURES CHAPTER 7 - RISK ASSESSMENT TABLE OF CONTENTS 7.1 GUIDELINES 7.1.1 General Provisions 7.1.2 Definitions 7.2 RISK ASSESSMENT PROCEDURES 7.2.1 Create a Risk
More informationImplementing Authentic Enterprise Risk Management
PICPA Financial Institutions Conference September 29, 2015 Implementing Authentic Enterprise Management Jack R. Salvetti President, S.R. Snodgrass, P.C. jrsalvetti@srsnodgrass.com 2 Enterprise Management
More informationThe Ins and Outs: Audits Under FDICIA. Jennifer Gureckis and Kaylyn Landry BerryDunn February 27, 2018
The Ins and Outs: Audits Under FDICIA Jennifer Gureckis and Kaylyn Landry BerryDunn February 27, 2018 Presenters Jennifer Gureckis, CPA Kaylyn Landry, CPA Objectives Overview of Internal Controls over
More informationdata sheet ORACLE ENTERPRISE PLANNING AND BUDGETING 11i
data sheet ORACLE ENTERPRISE PLANNING AND BUDGETING 11i Oracle Enterprise Planning and Budgeting provides finance and business managers with the right information and self-service tools to help them understand
More informationEnterprise Risk Management Defined and Explained
Enterprise Risk Management Defined and Explained Council of Engineering and Scientific Society Executives ACCESSE16 July 27, 2016 Paul Klein Managing Director Not-for-Profit Atlantic Coast Market Territory
More informationAligning organisational culture with Enterprise Risk Management
Aligning organisational culture with Enterprise Risk Management Krishna Nagar & Mark George Hayes University of the Witwatersrand School of Statistics and Actuarial Science DST-NRF Centre of Excellence
More informationFinancial Management in the Federal Government:
Financial Management in the Federal Government: Considerations regarding the integration of OMB Circular No. A-123 and enterprise risk management for the Centers for Disease Control and Prevention (CDC)
More informationFinancial, Accounting, and Budget System General Overview. Fall 2009
Financial, Accounting, and Budget System General Overview Fall 2009 1 Agenda Obtaining Access Chart of Accounts Bursted vs. Repository Reports Chartstring Related Reports Training Information Glossary
More informationInternal Audit Report. Toll Operations: FHWA Reporting TxDOT Office of Internal Audit
Internal Audit Report Toll Operations: FHWA Reporting TxDOT Office of Internal Audit Objective To determine whether Toll Operations Division (TOD) is providing federally required reporting to the Federal
More information2014 Integrated Internal Control Plan. FRCC Spring Compliance Workshop April 8-10, 2014
2014 Integrated Internal Control Plan Contents Definitions Integrated Components of COSO Internal Control Framework The COSO Internal Control Framework and Seminole Control Environment Risk Assessment
More informationWhy SAM-iQ? 2 SAM-iQ Specification 3 SAM-iQ Online Tools 4 The Four Distinct Phases 6 SAM-iQ Portal 7 SAM-iQ Assessments 8 The SAM Maturity
Why SAM-iQ? 2 SAM-iQ Specification 3 SAM-iQ Online Tools 4 The Four Distinct Phases 6 SAM-iQ Portal 7 SAM-iQ Assessments 8 The SAM Maturity Assessment 8 The Gap Analysis 10 The Program Tracker 11 Resource
More informationEnterprise Risk Management 2016
Senior Management Conference November 3, 2016 Enterprise Risk Management 2016 Presented by: Jack R. Salvetti, Principal S.R. Snodgrass, P.C. 2016 S.R. Snodgrass, P.C. All Rights Reserved Risk: Exposure
More informationPartnerNet User Guide
PartnerNet User Guide January 2014 PartnerNet User Guide Updated 01/07/14 Page 1 TABLE OF CONTENTS INTRODUCTION TO PARTNERNET... 3 STARTING THE PARTNERNET APPLICATION... 3 PARTNERNET USER TYPES... 4 PARTNERNET
More informationINTEGRATING ENTERPRISE RISK MANAGEMENT IN THE FEDERAL GOVERNMENT. Partnership for Public Service September 10, 2015
INTEGRATING ENTERPRISE RISK MANAGEMENT IN THE FEDERAL GOVERNMENT Partnership for Public Service September 10, 2015 Welcome, Introductions, and Purpose 3 Federal Enterprise Risk Management Framework Mission/Vision
More informationHEALTH & SAFETY MANAGEMENT MODEL (HSG-65)
HEALTH & SAFETY MANAGEMENT MODEL (HSG-65) PLAN ACT DO CHECK OBJECTIVE: Explain the H&S management model called HSG-65 Successful Health & Safety Management WHAT IS HSGE-65? HSG-65 Successful Health & Safety
More informationInternal Oversight Division. Audit Report. Audit of Enterprise Risk Management
Internal Oversight Division Reference: IA 2016-08 Audit Report Audit of Enterprise Risk Management December 16, 2016 IA 2016-08 2. TABLE OF CONTENTS LIST OF ACRONYMS... 3 EXECUTIVE SUMMARY... 4 1. INTRODUCTION...
More informationWelcome to the BDO Board Matters Quarterly Update Q3 2013
Welcome to the BDO Board Matters Quarterly Update Q3 2013 The presentation will begin shortly. For technical difficulties, please contact Learn Live Customer Support at: (888) 228-4188 or BDOonline_support@learnlive.com
More informationCurt Burmeister Director, Risk Solutions Algorithmics ERM Symposium Chicago March 30, 2007
Algo Risk Application Reporting Dashboard Curt Burmeister Director, Risk Solutions Algorithmics ERM Symposium Chicago March 30, 2007 Objective flexible reporting tool 1. Integrate market risk, credit risk,
More informationecommerce Back-Office System Evaluation Checklist
ecommerce Back-Office System Evaluation Checklist The back-office system you select today will affect the way your ecommerce business runs for the next 5 to 10 years. You ll need to select a system that
More informationEnterprise Risk Management. Assessing and Managing Risks at Texas A&M University
Enterprise Risk Management Assessing and Managing Risks at Texas A&M University IIA Brazos Valley Chapter July 17, 2014 Objectives/Outline Overview of ERM Key elements and benefits ERM at Texas A&M University
More informationEnterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach. SCCE s Higher Education Compliance Conference
Enterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach SCCE s Higher Education Compliance Conference June 13, 2011 Objectives Implementing Enterprise Risk Management
More information2014 Integrated Internal Control Plan. FRCC Compliance Workshop May 13-15, 2014
2014 Integrated Internal Control Plan FRCC Compliance Workshop Contents Definitions Integrated Components of COSO Internal Control Framework The COSO Internal Control Framework and Seminole Control Environment
More informationOffice of the President TO MEMBERS OF THE COMPLIANCE AND AUDIT COMMITTEE: INFORMATION ITEM. For Meeting of November 15, 2017
C1 Office of the President TO MEMBERS OF THE COMPLIANCE AND AUDIT COMMITTEE: For Meeting of November 15, 2017 INFORMATION ITEM ANNUAL REPORT ON INTERNAL AUDIT ACTIVITIES, 2016-17 This annual report highlights
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which
More informationUNIVERSITY OF CALIFORNIA Building a foundation to enable operational and financial collaboration.
UNIVERSITY OF CALIFORNIA Building a foundation to enable operational and financial collaboration. Current State 2 Each campus has a different chart of accounts and must map to the OP chart of accounts.
More informationBI360 for Professional Services Companies
BI360 for Professional Services Companies BI360 Examples from the Professional Services Demo Model A Solver Vertical Industry White Paper Jan 2016 solverusa.com Copyright 2016 Table of Contents Introduction...
More informationAsset Acceptance Capital Corp.
Asset Acceptance Capital Corp. A Practical Approach to Enterprise Risk Management Detroit Chapter IIA September 14, 2010 1 Presenters Jeffrey S. Bankowski, CIA, CPA, CFF Jeff is currently the Vice President
More informationDon t make the same mistake twice! Avoiding repeat violations of Reliability Standards
Don t make the same mistake twice! Avoiding repeat violations of Reliability Standards 17 November 2010 www.morganlewis.com www.ey.com Welcome to Don t Make the Same Mistake Twice! Avoiding Repeat Violations
More informationBusiness Requirements Specification
Business s Specification Date Created: 3/19/2013 Doc ID: GNFDMDEHU6BB-46-53 Page 1 of 18 Disclaimer Business s Specification Date Created: 3/19/2013 All information contained in this draft Business s Specification
More informationA Guide to IT Risk Assessment for Financial Institutions. March 2, 2011
A Guide to IT Risk Assessment for Financial Institutions March 2, 2011 Welcome! Housekeeping Control panel on the right side of your screen. Audio Telephone VoIP Submit Questions in the pane on the control
More informationTo: Identify your chief goals and objectives Identify risks Prioritize the risks to achieving objectives Determine which controls/processes to review
1 Objective To: Identify your chief goals and objectives Identify risks Prioritize the risks to achieving objectives Determine which controls/processes to review In order to: Develop an effective Internal
More informationENTERPRISE RISK MANAGEMENT AND COMPLIANCE PROGRAM PROGRAM DESCRIPTION
ENTERPRISE RISK MANAGEMENT AND COMPLIANCE PROGRAM Business and Administrative Services January 2010 (Revised January 2012) PURPOSE The Enterprise Risk Management and Compliance Program (ERMCP) is intended
More informationCharter for Enterprise Risk Management
for Enterprise Risk Management Prepared by: Shannon Sinclair Version: 1.2 Document Id: Date: Release Date TABLE OF CONTENTS TABLE OF CONTENTS... i 1. Background... 1 2. Objectives... 1 3. Scope... 2 3.1
More informationUCPath Program. Academic Business Officers Group April 14, ucpath.universityofcalifornia.edu/
UCPath Program Academic Business Officers Group April 14, 2015 UCPath Program Update April 2015 Brief program overview Current program status Replanning UCOP go-live and beyond Key status updates 2 What
More informationThe COSO Risk Framework: A reference for internal control? Transition from COSO I to COSO II
The COSO Risk Framework: A reference for internal control? Transition from COSO I to COSO II S P E A K E R : D O T T. FA B I O A C C A R D I C O U R S E O F B U S I N E S S A U D I T I N G U N I V E R
More information2014 NWPMA Conference
2014 NWPMA Conference Asset Management The Big Picture Factors contributing to asset management Status of asset management in state DOTs Current TAM initiatives Future trends Presented By: Katie Zimmerman,
More informationGuidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Board of Directors January 2018 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance
More informationECMS Reservations and Payment
ECMS Reservations and Payment User Guide Last Revised: 08-21-18 ECMS Reservations and Payment - User Guide Table of Contents 1. Creating a Reservation for an Event... 3 2. Checking a Reservation using
More informationTAKEAWAYS FROM THE LEASE ACCOUNTING SUMMIT
TAKEAWAYS FROM THE LEASE ACCOUNTING SUMMIT Contents Introduction... 3 Audit criteria remains a big unknown... 4 Day 1 is a moving target... 6 Hindsight is anything but 20/20... 8 Accountants experience
More informationCompliance, Internal Audit, and Risk Management: What do they look like at a Managed Care Plan?
Compliance, Internal Audit, and Risk Management: What do they look like at a Managed Care Plan? And, other words of wisdom... Objectives: Define risk and identify where risk comes from Recognize what risk
More informationCOSO ERM: Integrating with Strategy and Performance. Michael Parkinson
COSO ERM: Integrating with Strategy and Performance Michael Parkinson Content The COSO Frameworks Risk (Enterprise) Risk Management The COSO risk management framework A few highlights Questions for management
More informationUniversity of California Report to The Regents For the Year Ended June 30, 2004
PricewaterhouseCoopers LLP Suite 1600 Ten Almaden Blvd. San Jose CA 95113 Telephone (408) 817 3700 Facsimile (408) 817 5050 September 30, 2004 To The Regents of the University of California We have recently
More informationOracle. Talent Management Cloud Using Talent Review and Succession Management. Release 13 (update 17D)
Oracle Talent Management Cloud Using Talent Review and Succession Management Release 13 (update 17D) Release 13 (update 17D) Part Number E89394-01 Copyright 2011-2017, Oracle and/or its affiliates. All
More informationOracle Talent Management Cloud Using Career Development 19A
19A 19A Part Number F11450-01 Copyright 2011-2018, Oracle and/or its affiliates. All rights reserved. Authors: Sweta Bhagat, Jeevani Tummala This software and related documentation are provided under a
More informationSan Francisco Chapter. Presented by Scott Perry - Slalom Consulting
Presented by Scott Perry - Slalom Consulting Introductions Session Objectives Overview of Enterprise Risk Management The Role Of IT IT Governance Model IT Risk Assessment How IT Auditors Add Value Key
More informationEffective Project Control using an Automated Gated Process Workflow and Project Scalability
Effective Project Control using an Automated Gated Process Workflow and Project Scalability Dan Cohen Manager, Project Management Foundational Capability April 22, 2016 1 DTE Energy, a Diversified Energy
More informationThe University of Iowa
The University of Iowa FY 2018 Financial Sub-certification Financial Sub-certification is a control to clarify business units accountability for financial reporting and underlying internal controls. Deans,
More informationWhite Paper. Effective and Practical Deployment of COSO: Entity Level Control and Lessons Learned. July 10, 2008 THE ROBERTS COMPANY, LLC
THE ROBERTS COMPANY, LLC Compliance Services: IT and Business Processes 3394 Holly Oak Lane, Escondido, CA 92027 TEL: 760.550.2160 * FAX 760.839.2160 E-mail: robertputrus@therobertsglobal.com http://www.therobertsglobal.com/
More informationAerie Help Desk App. User Guide. Aerie Consulting, LLC 110 West Canal Street Winooski, VT September 14, 2015 Version 1.0.1
Aerie Help Desk App User Guide Aerie Consulting, LLC 110 West Canal Street Winooski, VT 05404 September 14, 2015 Version 1.0.1 Table of Contents Introduction... 3 Scope & Purpose... 3 Process Overview...
More informationKentucky State University Office of Internal Audit
Draft for Discussion Only P&P Manual Section - Policy# I. Function and Responsibilities MISSION Mission Statement Definition of Internal Auditing PURPOSE, AUTHORITY, RESPONSIBILITY Audit Charter STANDARDS
More informationCompensation Policies and Practices: Actions in Response to Task Force Recommendations
Compensation Policies and Practices: Actions in Response to Task Force Recommendations Action RE-74a All recommendations relating to policies and procedures GENERAL The recommended actions pertain to all
More informationDYNAMICS ESTATE - FUNCTIONALITY DESCRIPTION
DYNAMICS ESTATE - FUNCTIONALITY DESCRIPTION Dynamics Estate is highly technological real estate management software, created to automate a large spectrum of time-consuming business processes and functions
More informationEarly Intervention Data Reporting 101
Early Intervention Data Reporting 101 Remember: This webinar is being recorded. Send questions to the following email address: HBG.VCM@pattan.net 1 Early Intervention Data Reporting 101 March 20, 2017
More informationNYS Olympic Regional Development Authority INTERNAL CONTROL SUMMARY & CERTIFICATION FORM
NYS Olympic Regional Development Authority 2011-2012 INTERNAL CONTROL SUMMARY & CERTIFICATION FORM The Internal Control Summary and Certification Form provides supporting justification for an agency s
More informationPolicy & Procedure 18 Quality Management
RTO code: 41319 Policy & Procedure 18 Quality Management Relates to standards: Applicable to: 1.9 1.11, 2.1 2.4, 7.5 Standards for Registered Training Organisations (RTOs) 2015 1.4, 2.7 ACT Standards for
More informationOracle. Talent Management Cloud Using Career Development. Release 13 (update 17D)
Oracle Talent Management Cloud Release 13 (update 17D) Release 13 (update 17D) Part Number E89398-01 Copyright 2011-2017, Oracle and/or its affiliates. All rights reserved. Authors: Sweta Bhagat, Jeevani
More informationCore Function 5: Reporting
Core Function: Reporting 1 Core Function 5: Reporting Title Slide (music playing) Webcast Tips This webcast includes spoken narration. At the bottom of the viewing pane are the play and pause buttons as
More informationINTERNATIONAL STANDARD ON AUDITING (NEW ZEALAND) 210
l ISA (NZ) 210 Issued 07/11 Compiled 07311//13 INTERNATIONAL STANDARD ON AUDITING (NEW ZEALAND) 210 Agreeing the Terms of Audit Engagements (ISA (NZ) 210) This compilation was prepared in March JulyNovember
More informationSTEPS FOR CREATING A Partner Central Profile
STEPS FOR CREATING A Partner Central Profile At A Place for Mom, our goal is to help you be more successful by introducing you to new families, and helping increase your overall move-ins and conversion
More informationQuickBooks is a complete business accounting
Quick Insights and Program Overview QuickBooks is a complete business accounting system designed to accommodate nearly two dozen types of industries, ranging from small servicebased firms to large retail
More informationBI360 for Hospitality Companies. Enabling World-class Decisions for Hospitality Companies A Solver Vertical Industry White Paper
BI360 for Hospitality Companies Enabling World-class Decisions for Hospitality Companies A Solver Vertical Industry White Paper Updated: Nov 2017, Document Version 4 Solver, Inc. www.solverglobal.com Copyright
More informationUAccess FINANCIALS & ANALYTICS The Reconciliation Process
UAccess FINANCIALS & ANALYTICS Arizona Board of Regents, 2014 THE UNIVERSITY OF ARIZONA updated 11.13.2014 v.3.02 For information and permission to use our PDF manuals, please contact uitsworkshopteam@listserv.com
More informationResults Software FAQ. July Mass Ingenuity LLC Pearl West 1455 NW Irving Street Suite 200 Portland, OR massingenuity.
July 2018 Q1: What is Results Software? A: Results Software 1 easily manages and connects all employees to your performance management measures. As a single source of all performance data, Results Software
More informationToolkit user guide. All content ACTS version 1.0
Toolkit user guide All content ACTS 2018 version 10 About Green Impact is an international program hosted in Australia by ACTS (Australian Campuses Towards Sustainability) This guide has been developed
More informationCalifornia State University, Chico Business Continuity Program. Mike Thorpe Risk Manager
California State University, Chico Business Continuity Program Mike Thorpe Risk Manager 530 898 6588 methorpe@csuchico.edu What is Business Continuity? Business Continuity is The ability of an organization
More informationNOT PROTECTIVELY MARKED. Item Number 5.10 Gary Devlin, Partner, Scott- Moncrieff Recommendation to Members Members are requested to note the report.
NOT PROTECTIVELY MARKED Meeting Audit Committee Date 24 July 2018 Location Pacific Quay, Glasgow Title of Paper Internal Audit Annual Report Item Number 5.10 Presented By Gary Devlin, Partner, Scott- Moncrieff
More informationEstablishing Enterprise Risk Management in
Establishing Enterprise Risk Management in Management Practices Introductions/Opening Remarks Speakers: Cynthia Vitters, Chief Risk Officer, Federal Student Aid Mike Wetklow, Branch Chief, Office of Management
More informationAudit Training-of-Trainers Workshop, November 2014, Vienna Components of internal control within organization
Audit Training-of-Trainers Workshop, 18-19 November 2014, Vienna Components of internal control within organization Andrei Busuioc, Senior Financial Management Specialist, CFRR Session objectives The session
More information