Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
|
|
- Angela Rogers
- 6 years ago
- Views:
Transcription
1 The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview The Intersection A Path Toward Maturity COSO s ERM Framework A Case Study in Risk Questions and Discussion Enterprise Risk Defined A process, effected by an entity s board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. 1
2 The Business Motivation for ERM Reduce unacceptable performance variability Align and integrate risk management practices Build confidence of investment community Improve ability to anticipate and respond to impact of major events Reduce earnings volatility Improve consistency of operations. Avoid erosion of sources of value Manage increasing costs of mitigation Improve success rate at accomplishing strategic initiatives Enhance corporate governance Strengthen Board governance Meet regulator expectations Effectively communicate business and risk strategies Align throughout organization Clarify vertical and horizontal roles and authority levels Assess need for senior-level oversight structures Align multiple risk management functions Assess need for and role/authority of Chief Risk Officer (CRO) Integrate into critical management activities Link to shareholder value initiatives Increase ability to understand and aggregate risk exposure Successfully respond to changing business environment Become more forward looking Build management confidence Adopt to new business models Manage business alliances Adjust to competitor moves Exploit risk management strengths through product enhancements Improve resource allocation Demonstrate management s ability to take on and manage risk and provide an adequate return Display ability to handle industry issues and peer companions Increase transparency into risk management capabilities Align risk taking strategy with corporate culture Increase risk awareness Improve balance between risk taking vs. risk averse culture Improve tools to better understand risk exposures Increased accountability for managing risks Increase timely awareness of changes in risk profile and related controls Protiviti s Point of View on ERM If you don t know what your priority risks are, ERM will never begin If you don t have a view around the gaps existing with respect to your priority risks you will never be able to articulate a value proposition ERM is not something to build in a day start somewhere and build incrementally The purpose of ERM infrastructure is to drive continuous improvement of ERM capabilities Objective is to continuously improve capabilities around managing priority risks as circumstances change The tenets of effective ERM implementation: Leverage what you have Integrate with what you do Keep it simple!!! Forrester Independent Research Results In October 2005, The Forrester Wave : Enterprise Risk Consultants, 4th quarter, 2005, was released. The research identified Protiviti as a Leader in the field, along with Deloitte, PricewaterhouseCoopers and IBM Consulting. According to the study: Protiviti has strong methodologies and was rated well by clients. In the client reference category, Protiviti received a perfect score of 5 out of 5. Protiviti s service is an especially good fit for buyers that: Are looking for a strong source of ERM thought leadership and shared knowledge. Are looking for operational implementation of an ERM program. Protiviti s well-developed risk taxonomy is a key differentiator from the other leading firms. 2
3 Protiviti US Risk Barometer Survey Findings: Changing Risk Profile Corporate America s largest companies are taking more risks: They are vulnerable to these business risks and need to step up their risk management efforts to ensure their capabilities are keeping pace with changing risk profiles Risk levels as well as appetite for risk have changed significantly over the past two years Primary catalysts for change include the regulatory environment, strategic decisions, and current and potential litigation Risk Barometer Survey Findings: Risk Capabilities Most senior executives lack a high degree of confidence that their organization s risk management capabilities identify and manage all potentially significant business risks Only 38 percent of business leaders believe their organizations are very effective at managing significant risks More than half 54 percent acknowledge there is more they can do to identify, quantify and manage the risks they face Most companies are taking steps to improve their risk management capabilities Few companies are effective at balancing growth and control Not enough companies are employing best risk management practices CFOs own risk management in most organizations The most significant benefits of risk management are viewed to be lower costs of insuring risk and more timely identification of critical risks Risk Barometer Survey Findings: Current State of Risk Companies do not have just one predominant risk today rather, they face a range of risks The most significant risks cited were: Customer satisfaction (Internal) IT security (Internal) Competition (External) Current regulatory environment (External) 3
4 ERM: A Portfolio View Enterprise risk management requires an entity to take a portfolio view of risk. Corporate Marketing R&D Legal Sales The effects on the organization of: 20% decrease in marketing budget affect sales? 15% increase in R&D output affect demands to market new products. Shift to greater use of outside counsel affect communications with sales staff and R&D/patent process. Evolution of the COSO ERM Framework COSO Internal Control Framework COSO ERM Integrated Framework = New or Enhanced COSO Component Uncertainties Affect EACH Source of Value Unauthorized use Catastrophic loss Unacceptable costs Poor economic performance Insufficient sources of debt or equity Unacceptable losses Inadequate liquidity Physical Assets Financial Assets Organizational Assets Customer Assets Employer/ Supplier Assets Unclear or obsolete strategies Lack of institutional learning Ineffective/Inefficient processes Integrity breakdowns Inadequate information for internal decision making Incorrect executive certifications Reputation loss Significant losses of customers or channels Ineffective channels Loss of markets or market opportunities Lack of needed experience and skills Erosion of intellectual capital Loss of morale Poor relationships Inability to create effective partnerships Risk management should address exposures to ALL sources of value 4
5 ERM Builds upon Existing Risk Capabilities Focus Objective Scope Emphasis Risk Financial and hazard risks and internal controls Protect enterprise value Treasury, insurance and operations involved Financial and operations Business Risk Business risk and internal controls, taking a risk-byrisk approach Protect enterprise value Business managers accountable Enterprise Risk Business risk and internal controls, taking an entitylevel portfolio view of risk Protect and enhance enterprise value Applied across the enterprise, at every level and unit Strategy-setting Application Selected risk areas, units and processes Selected risk areas, units and processes Enterprise-wide to all sources of value CURRENT STATE CAPABILITIES FUTURE STATE VISION Five Practical Steps to ERM Implementation 3 Integrating ERA with Strategy Potential to Embed Risk Assessment Results into Strategic Processes Strategic Risk Assessment Strategic Planning (Value Creation and Protection) Corporate Objective Setting IA Planning Business Unit Objective Setting Budget and Planning Performance Dashboard Reporting (including risk metrics) Resource Allocation 5
6 Designing an ERM infrastructure ERM infrastructure may include: FOUNDATION Common risk language Enterprise risk management policy Risk committee charter Chief Risk Officer job description Clarification of roles and responsibilities CAPABILITIES Enterprise-wide risk assessment process Integration of risk responses with operating plans Supporting technology to collect and aggregate risk management data Common training on and knowledge sharing of best practices Dashboard and other risk reporting ELEMENTS FOR ENHANCING CAPABILITIES Tools to portray a portfolio view of risk Alignment of organizational behavior with risk appetite BCM Terminology and Process Introduction BCM = Crisis + Business Resumption Planning + IT Disaster Recovery Planning the development of strategies, plans and actions which provide protection or alternative modes of operation for those activities or business processes which, if they were to be interrupted, might otherwise bring about a seriously damaging or potentially fatal loss to the enterprise. 6
7 Terminology Confusion Confusion Around Terminology? Let s Discuss Some Similar Terms Business Continuity Planning (BCP) Business Recovery Planning (BRP) Business Resumption Planning (BRP) Business Resiliency Planning (BRP) Disaster Recovery Planning (DRP) Contingency Planning The Business Continuity Lifecycle Why Protiviti? Compliance Monitoring & Auditing Vulnerability & Risk Assessments Business Continuity Plan Benchmarking Training & Awareness Programs Continuity Life Cycle Business Impact Analysis Business Continuity Business Continuity Plan Testing Strategy Design Solutions Deployment Components of a BCM Program Executive Support Steering Committee Process Owner BCM Policy Training and Awareness Program Plan Testing & Exercise Program Plan Maintenance Process Tested, Documented Procedures Crisis Organizational Structure Emergency Operations Center Alternate Processing Facility Crisis Communications Processes Trained Response and Recovery Personnel Pre-positioned Resources Identified Vital Records, Information & Data 7
8 Business Continuity Drivers Regulatory Requirements Current Events and the Perceived Threat Single Points of Failure / Critical External Dependencies Customer Demands Director and Officer Liability Risk Transfer Costs Cannot Afford Downtime Corporate leaders have an obligation to the stakeholders of their organizations to ensure that everything that can reasonably be done to protect the business is done. Gartner Group - Real-Time Enterprise: Business Continuity and Availability October 22, 2002 The Intersection Developing a Common Language The Protiviti Risk Model provides a framework for identifying and defining key risks. It is a flexible tool that can be adapted to meet a client s specific facts and circumstances. The model provides a language to start with in narrowing down the risks to the vital few requiring specific attention. This helps build the confidence of executives and directors in the comprehensiveness of the process. Definitions are created to clarify the risk specificity in order to provide a substantive language for use across the enterprise. 8
9 A Path Toward Maturity Capability Maturity A Model for Describing Process Improvement Derived from Carnegie Mellon capability maturity model Six Elements of Infrastructure Business Policies Business Processes People and Organization Reports Methodologies Systems and Data Corporate, business unit, location level policies Integration into business processes and control environment Risk response ownership and accountability Key performance indicators and management reports Alignment to corporate and business unit methodologies (e.g., Six Sigma) Ability to manage risk response based on technology capabilities 9
10 Improved Maturity - Capability Improved risk management capabilities: Initial Repeatable Defined Managed/Optimizing Enterprise-wide risk strategies Risk Identification Common language Dedicated resources Risk management policy Executive management oversight Risk sourcing Defined process Initial quantification ERM responsibilities Policy and process guidelines followed across the organization Consistent risk reporting Robust risk measurement Enterprise-wide limits Risk diversification exploited competitively Quantification of risk versus tolerances Integrated risk measurement systems Risk measures applied to performance goals Integration with strategy and planning Improved Maturity - Benefits Accumulation of business performance benefits: Initial Repeatable Defined Managed/Optimizing Capitalize on market opportunities Risk awareness Improved business knowledge Uncertainties evaluated and understood Risk-reward decisions receive more attention More effective risk-based decision making Risk anticipated better than competitors Linkage between risk management and line operations management Improved capital and resource allocation Risk transparency with stakeholders Risk managed as integral part of managing the business Diversification effects understood and exploited Risks aggregated to reduce risk transfer costs Risk management integrated with business planning and strategy Protiviti s Enterprise Risk Assessment (ERA) Methodology Understand the business and its objectives Identify events that negatively impact one or more business objectives Understand, evaluate, and prioritize business risks by evaluating the impact and likelihood of potential events and Develop a plan to existing activities respond to high priority risks 10
11 Protiviti s Enterprise Risk Assessment (ERA) Methodology Inputs Establish Project Sponsor and Steering Committee Finalize Project Scope and Approach Develop Project Plan for Each Phase Finalize Project Team Resources Define Project Roles and Responsibilities Determine Approach to Communications Determine Project Team Requirements Meet With Steering Committee Determine Interview Questions and Participants Identify Potential High Risk Areas Conduct Risk Identification Interviews Develop Custom Document Results Risk Model of Interviews in Review Risk Model Documentation Deploy On-Line Request Survey as List Necessary Plan and Design ERA Workshop Develop Workshop Materials Conduct Facilitated Enterprise Risk Assessment Workshop Compile Results of Risk Assessment Activities Risk Profile Develop Executive Report Review Results with Executive ERA 1 2 Internal 3 Event 4 Risk 5 Project Environment and Identification Assessment Risk Reporting Methodology Planning Objectives Outputs Finalized Project Scope & Approach Project Communication Roles & Responsibilities Final Project Documentation Request List Custom Risk Model Understanding of Business Environment Inventory of Risks Identified Initial Top Risks Identified Survey and Interview Results Impact & Likelihood Results for Top Risks Risk Profile Initial Identification of Key Controls Risk Profile and Prioritized Risks Executive Report Documented ERM Next Steps Sample Risk Map IMPACT 9 Catastrophic 8 Major 7 6 Moderate 5 4 Minor 3 2 Risk - Moderate to High N V Risk Moderate K Risk Low D U Risk - High L Risk Moderate to High P Risk Low to Moderate O C R A X Risk Very High M Risk - High T G Risk Moderate G X M T C R P L U N V K O A D Change Performance Execution Business Interruption Technology Support Disaster Recoery Resources Allocation Product Development Regulatory Compliance Reputation Client Retention Security/Vulnerability HR Knowledge capital Communication Performance Monitoring Disaster recovery Insignificant 1 1 Remote 10% Unlikely Reasonably Possible 25% 50% LIKELIHOOD 7 Probable 75% 8 9 Almost Certain 90% Questions and Discussion 11
Enterprise Risk Management: Developing a Model for Organizational Success. White Paper
Enterprise Risk Management: Developing a Model for Organizational Success White Paper January 2009 Overview Less than a decade ago, Enterprise Risk Management (ERM) was an unfamiliar concept. Today, the
More informationEnterprise Risk Management Defined and Explained
Enterprise Risk Management Defined and Explained Council of Engineering and Scientific Society Executives ACCESSE16 July 27, 2016 Paul Klein Managing Director Not-for-Profit Atlantic Coast Market Territory
More informationCatching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010
Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified
More informationFrom Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance
Sharon Hale and John Argodale May 28, 2015 2 From Dictionary.com Enterprise: A project undertaken or to be undertaken, especially one that is important or difficult or that requires boldness or energy
More informationERM 101. Casualty Loss Reserve Seminar, Fall /5/ Practical Enterprise Risk Management (ERM) Agenda ERM 101 2
Practical Enterprise Risk Management (ERM) Casualty Loss Reserve Seminar, Fall 2013 Agenda ERM 101 2 Building an effective ERM program 8 Case study 28 Lessons learned 34 Q&A 38 1 Practical Enterprise Risk
More informationInternal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation
Internal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation April 2014 Disclaimer This presentation is made by KPMG Kenya, a member firm of the KPMG network of independent firms affiliated
More informationGleim CIA Review Updates to Part Edition, 1st Printing June 2018
Page 1 of 15 Gleim CIA Review Updates to Part 1 2018 Edition, 1st Printing June 2018 Study Unit 3 Control Frameworks and Fraud Pages 66 through 69 and 76 through 77, Subunit 3.2: In accordance with the
More informationRole of Board of Directors in Risk Management. CPA Erick Audi Thursday, 15 th November 2018
Role of Board of Directors in Risk Management Presentation by: CPA Erick Audi Thursday, 15 th November 2018 Uphold public interest Presentation Agenda Introduction & Definitions Legal Provisions/Guidelines
More informationRisk Management Developing an Effective Audit Plan
2013 CliftonLarsonAllen LLP Risk Management Developing an Effective Audit Plan Association of Credit Union Internal Auditors P L n L e A l n o s a r n L o t f i l C 3 1 0 2 cliftonlarsonallen.com Discussion
More informationIntroduction to ERM (Enterprise Risk Management)
Introduction to ERM (Enterprise Risk Management) Jonathan Burns Director of Finance for Paramount Health Care since November 2014 Relocated to NW OH from Lexington, KY Prior roles in higher education and
More informationRisk Management in the 21 st Century Ameren Business Risk Management
Management in the 21 st Century Ameren Business Management Charles A. Bremer V.P. Ameren Service Center/Information Technology Ameren Services Co. November, 2007 Ameren s History 2 Ameren Today Electric
More informationEnterprise Risk Management at
Enterprise Risk Management at John R.S. Fraser Vice President, Internal Audit & Chief Risk Officer, Hydro One Inc. February 15, 2006 for PRMIA Toronto Chapter - The Fields Institute Summary 1. Background
More informationHCCA Audit & Compliance Committee Conference. February 29-March 1, Drivers of ERM. Enterprise Risk Management in Healthcare.
Enterprise Risk Management in Healthcare Deloitte & Touche LLP Heather Hagan, Senior Manager Nancy Perilstein, Senior Manager February 29, 2016 Discussion Items Drivers of Enterprise Risk Management (ERM)
More informationCertificate in Enterprise Risk Management
Certificate in Enterprise Risk Management Who should attend? Risk managers Managers and Directors responsible for the risk management function or process Senior Internal Auditors and audit managers Other
More informationSuccessful ERM Program Standards. Definitions of Enterprise Risk Management (ERM)
1 Successful ERM Program Standards Enterprise Risk Management Vendor Management Business Continuity IT GRC Internal Audit Regulatory Compliance Manager William C. Hord V.P. of Enterprise Risk Management
More informationEnterprise Risk Management. Focus on the Future June 2017
Enterprise Risk Management Focus on the Future June 2017 2017 Crowe 2017 Crowe Horwath Horwath LLP LLP Learning Objectives and Agenda Objectives Distinguish Risk Management from ERM Understand the Value
More informationThe Future of Internal Auditing:
Internal Audit The Future of Internal Auditing: Changing Internal Audit s Value Proposition October 12, 2010 Istanbul, Turkey Presented by: Naman Parekh Partner, Agenda Background of the 2012 Study Key
More informationGleim CPA Review Updates to Business Environment and Concepts 2018 Edition, 1st Printing March 2018
Page 1 of 16 Gleim CPA Review Updates to Business Environment and Concepts 2018 Edition, 1st Printing March 2018 The content of BEC Study Unit 2, Subunit 2, has undergone extensive edits due to the 2017
More informationEnterprise Risk Management Program Development Update. Finance & Audit Committee Meeting September 25, 2015
Enterprise Risk Management Program Development Update Finance & Audit Committee Meeting September 25, 2015 Enterprise Risk Management Presentation Topics Enterprise Risk Management ( ERM ) Overview Lead
More informationEnterprise Risk Management
BUSINESS RISK MANAGEMENT LTD Enterprise Risk Management Who should attend? Risk managers Managers and Directors responsible for the risk management function or process Senior Internal Auditors and audit
More informationAsset Acceptance Capital Corp.
Asset Acceptance Capital Corp. A Practical Approach to Enterprise Risk Management Detroit Chapter IIA September 14, 2010 1 Presenters Jeffrey S. Bankowski, CIA, CPA, CFF Jeff is currently the Vice President
More information6. IT Governance 2006
6. IT Governance 2006 Introduction The Emerging Enterprise Model 3 p IT is an integral part of the business p IT governance is an integral part of corporate governance 4 Challenges for the IT IT gets more
More informationAligning and Integrating ERM and Business Process. Federal ERM Summit September 9, :00-12:00
Aligning and Integrating ERM and Business Process Federal ERM Summit September 9, 2013 11:00-12:00 1 Agenda Defining Risk and ERM The ERM Value Proposition An Integrated ERM Framework Aligning ERM with
More informationRisk Management Strategy
Risk Management Strategy 2017-2019 Created by: Role Name Title Author / Editor Kevin McMahon Head of Risk Management & Resilience Lead Executive Margo McGurk Director of Finance & Performance Approved
More informationISACA. The recognized global leader in IT governance, control, security and assurance
ISACA The recognized global leader in IT governance, control, security and assurance High-level session overview 1. CRISC background information 2. Part I The Big Picture CRISC Background information About
More informationTaking ERM to a. 6 GRC Today / October 2015
GLOBAL SCALE 6 GRC Today / October 2015 Global Scale lobal events highlighted by G business scandals, failures, information theft, and natural disasters have shone the spotlight yet again on risk management
More informationIntroducing ISO 22301
Introducing ISO 22301 1 2 Background How was the ISO22301 formed? Contributors 3 Context 4 Source documents included BS25999-2 NFPA 1600 ASIS OR standard Singapore standards ISO 27031 ISO Guide 73 ISOPAS22399
More informationGovernance Institute of Australia Ltd
Governance Institute of Australia Ltd Management Policy 1. Overview management is a key element of effective corporate governance. In view of this, Governance Institute of Australia Ltd (Governance Institute)
More informationBuilding an Intelligent Risk Organization Case Studies in Strategic Risk Management
Building an Intelligent Risk Organization Case Studies in Strategic Risk Management October 24, 2016 Yannick Kwan & Tom Durkin Aon Global Risk Consulting WWW.CHICAGOLANDRISKFORUM.ORG Global Trends in Risk
More informationEnterprise Risk Management (ERM) - Impact of 2017 COSO ERM Model
Enterprise Risk Management (ERM) - Impact of 2017 COSO ERM Model Institute of Internal Auditors, Detroit Chapter Meeting February 2019 With you today Sarah Ann Moore Director Internal Audit and Enterprise
More informationEnterprise Risk Management Program
Enterprise Management Program APPA Meeting Austin, Texas September 25, 2007 Presented by: L.D. Hollingsworth 1 Agenda Introduction - Why ERM? Governance & Reporting Structure CPS Energy s ERM Approach
More informationPerformance Risk Management Jonathan Blackmore, May 2013
Performance Risk Management Jonathan Blackmore, May 2013!@# Topics The world is changing How leading companies turn risk into results Back to basics 2 Company focus Market Risk Management an evolving journey
More informationpwc.co.uk Enterprise Risk Management
pwc.co.uk Enterprise Risk Management Contents What s on your mind? 01 Our point of view 02 What good looks like 04 How we can help 06 What you gain 07 When to act 08 Intelligent Digital 09 What s on your
More informationActive Essex Risk Management Strategy
Active Essex Risk Management Strategy 2017-2021 November 2017 Contents 1. Policy Statement 2. Statement of Commitment 3. Risk Management Framework 4. Risk Appetite 5. Risk Maturity 6. Risk Management Levels
More informationEnterprise Risk Management Discussion American Gas Association Risk Management Committee Meeting
Enterprise Risk Management Discussion American Gas Association Risk Management Committee Meeting July 17, 2017 Objectives Provide perspective on the evolution of Enterprise Risk Management (ERM) New 2017
More informationCOSO ERM: Integrating with Strategy and Performance. Michael Parkinson
COSO ERM: Integrating with Strategy and Performance Michael Parkinson Content The COSO Frameworks Risk (Enterprise) Risk Management The COSO risk management framework A few highlights Questions for management
More informationA Risk Management Framework for the CGIAR System
Agenda Item 10 For Decision Issued: 25 October 2017 A Risk Management Framework for the CGIAR System Purpose Building on core principles presented at SC4 for early input, this paper summarizes the main
More informationEnterprise Risk Management Course outline
Enterprise Risk Management Course outline Day One: Understanding Enterprise Risk Management (ERM) What is ERM Explanation of ERM and why it is not fully understood The current economic crisis and how ERM
More informationB U S I N E S S R I S K M A N A G E M E N T L T D
B U S I N E S S R I S K M A N A G E M E N T L T D Governance, Risk and Compliance (GRC) After completing this course you will be able to Course Level Understand the requirements and benefits of GRC Develop
More informationThe Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector
The Sector Skills Council for the Financial Services Industry National Occupational Standards Risk Management for the Financial Sector Final version approved April 2009 IMPORTANT NOTES These National Occupational
More informationA Risk Management Framework for the CGIAR System
Agenda Item 11 Cover Paper Issued: 29 November 2017 A Risk Management Framework for the CGIAR System Purpose This paper summarizes the main elements of the Risk Management Framework for the CGIAR System.
More informationIRM s Professional Standards in Risk Management PART 1 Consultation: Functional Standards
IRM s Professional Standards in Risk PART 1 Consultation: Functional Standards Setting standards Building capability Championing learning and development Raising the risk profession s profile Supporting
More informationThe Current State of Risk Management Maturity for Belgian Organizations kpmg.com/be
Enterprise Risk Management The Current State of Risk Management Maturity for Belgian Organizations kpmg.com/be 2 Enterprise Risk Management Table of content 1. Introduction...05 2. Takeaways...07 3. Key
More informationSan Francisco Chapter. Presented by Scott Perry - Slalom Consulting
Presented by Scott Perry - Slalom Consulting Introductions Session Objectives Overview of Enterprise Risk Management The Role Of IT IT Governance Model IT Risk Assessment How IT Auditors Add Value Key
More informationFigure 1: COSO Enterprise Risk Management Cube
Figure 1: COSO Enterprise Risk Management Cube Source: Committee of Sponsoring Organizations (COSO), "Enterprise Risk Management- Integrated Framework: Executive Summary" 5. As shown in the COSO ERM cube,
More informationSoftware Project & Risk Management Courses Offered by The Westfall Team
Software Project & Risk Management is a 5-day course designed to provide a knowledge base and practical skills for anyone interested in implementing or improving Software Project and Risk Management techniques
More informationRisk Advisory Services Developing your organisation s governance for competitive advantage
Advisory Services Developing your organisation s governance for competitive advantage The Deloitte Advisory Platform of Services can help you to govern your strategic plan to guide your operations measure
More informationEnterprise Risk Management (ERM) How Internal Audit Can Add Great Value
ASSOCIATION OF HEALTHCARE INTERNAL AUDITORS 2009 ANNUAL CONFERENCE Charting a Course for Excellence Enterprise Risk Management (ERM) How Internal Audit Can Add Great Value to Your Organization s ERM Process
More informationICAAP. Engaging the business in risk management. A presentation to FIDE Forum by Penny Fosker. 10 January towerswatson.com
ICAAP Engaging the business in risk management A presentation to FIDE Forum by Penny Fosker 10 January 2013 1 Agenda What is an ICAAP and what s in it for me? Managing capital and risk or managing my business?
More informationRisk appetite and internal audit
30 April 2018 Risk appetite and internal audit Chartered Institute of Internal Auditors This guidance looks at the nature of risk appetite and how it has come to the fore following the financial crisis
More informationRoad map for. March 19, Enterprise Risk Management USI Insurance Services National, Inc. All rights reserved.
Road map for Enterprise Risk Management March 19, 2018 2018 USI Insurance Services National, Inc. All rights reserved. Enterprise Risk Management (ERM) Roadmap ERM has come full circle in some ways. When
More informationMiles CPA Review: BEC Q Updates for 2017 Edition
Miles CPA Review Miles CPA Review: BEC Q2 2018 Updates for 2017 Edition Summary of updates: - New version CPA exam structure (w.e.f. April 2017) Time management on the exam - BEC-1.3 Enterprise Risk Management
More informationEnterprise Risk Management. Applying enterprise risk management to environmental, social and governance-related risks.
Enterprise Risk Management Applying enterprise risk management to environmental, social and governance-related Executive Summary PRELIMINARY DRAFT January 2018 This document was developed by the Committee
More informationStrengthening Your Enterprise Risk Management Process
Strengthening Your Enterprise Risk Management Process Belinda Mumma, Senior Consultant, Enterprise Risk Management Services bmumma@sollievo.com (866) 605-5664 x3400 Discussion Topics Definition of Enterprise
More informationAPM Risk SiG Conference 26 th October 2006 Reporting risks to the board
APM Risk SiG Conference 26 th October 2006 Reporting risks to the board Purpose The purpose of this paper is to summarise the key points from the various presentations and knowledge sharing session held
More information2012 CliftonLarsonAllen LLP. A Practical & Tactical Approach to. Management (ERM) Cooperatives (NSAC) Jennifer Leary, Partner National Risk Management
A Practical & Tactical Approach to Implementing Enterprise Risk Management (ERM) National Society of Accountants for Cooperatives (NSAC) Jennifer Leary, Partner National Risk Management 1 1 Speaker Bio
More informationEnterprise Risk Management Montana State Fund
Enterprise Risk Management Montana State Fund Report to the Board January 28, 2011 Presented by: Mary Peter, Director of Enterprise Risk Management Enterprise Risk Management (ERM) Defined An integrated
More informationClarifying the Role of. Enterprise Risk Management
Clarifying the Role of Enterprise Risk Management Introductions/Opening Remarks Speakers: Doug Webster, Director, Risk Officer, US Agency for International Development Mike Wetklow, Deputy CFO, National
More informationMore than 2000 organizations use our ERM solution
5 STEPS TOWARDS AN ACTIONABLE RISK APPETITE Contents New Defining Pressures Risk Appetite and Risk Tolerance Benefits The 5 Best of Practices Risk Assessments Benefits of an Actionable Risk Appetite More
More informationRisk Management at Statistics Canada
Risk Management at Statistics Canada Presentation to Workshop on Risk Management Practices in Statistical Organizations J. Mayda April 25 th, 2016 Introduction Statistics Canada has had a formal Integrated
More informationStrategic Risk Management -The Route to Business success
BUSINESS RISK MANAGEMENT LTD Strategic Risk Management -The Route to Business success Attend this brand new seminar led by world renowned expert Phil Griffiths of Business Risk Management Ltd and learn
More informationSession 7: Corporate Governance
Session 7: Corporate Governance New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
More informationEffectively Communicating Enterprise-Wide Business Continuity to Senior Management and Stakeholders. October 7, 2014
Effectively Communicating Enterprise-Wide Business Continuity to Senior Management and Stakeholders October 7, 2014 Agenda Background Program Elements What Makes it Enterprise-wide Recommended Strategies
More informationMETROPOLITAN TRANSPORTATION AUTHORITY
ENTERPRISE RISK MANAGEMENT AND INTERNAL CONTROL GUIDELINES Pursuant to Public Authorities Law Section 2931 Adopted by the Board on November 16, 2016 These guidelines apply to the Metropolitan Transportation
More informationNext-generation enterprise risk management
Next-generation enterprise risk management Advancing strategy and performance in light of the COSO 2017 refresh Heading into the beginning of the year, the EY Center for Board Matters published the Top
More informationRisk Alert or Risk Averse for Business Sustainability. G. Simpson, FCII
Risk Alert or Risk Averse for Business Sustainability G. Simpson, FCII Agenda Perspectives on Risk Emerging Trends on Risk Management RM and Sustainability Everything Matters Employee Engagement Returns
More informationIntroduction to Business
ANALYSIS DESIGN IMPLEMENTATION Introduction to Business Continuity course This course is an introduction to the world of business continuity (BC). It is designed as a first step for newcomers to the subject
More informationRisk Intelligent Enterprise Risk Management (ERM) Dolores Atallo-Hazelgreen, Firm Director
Risk Intelligent Enterprise Risk Management (ERM) Dolores Atallo-Hazelgreen, Firm Director March, 2010 Today s Agenda In the Spotlight More Than 15 Minutes of Fame Marketplace Perspective Deloitte Global
More informationCertificate in Internal Audit 3
Certificate in Internal Audit 3 Risk Based Auditing- the next level Who should attend? Heads of Audit, Audit managers and senior auditors Auditors responsible for developing or implementing a risk based
More informationICMI PROFESSIONAL CERTIFICATION
ICMI PROFESSIONAL CERTIFICATION Contact Center Management Competencies The ICMI Professional Certification Contact Center Management Competencies specify job role-specific knowledge, skills and abilities
More informationAgenda. Agenda. Definitions and Processes. Risks. Audit & ERM. Key Strategies. Conclusions ERM and Audit 1. ERM and Audit.
Agenda 1 Agenda Definitions and Processes Risks Audit & ERM Key Strategies Conclusions 2 2017 1 ERM: Definition From Wikipedia, the free encyclopedia ERM in business includes the methods and processes
More informationRisk Management Policy and Framework
Risk Management Policy and Framework Introductory Note to User: CompanyLongName There is no requirement in Australia for a non-publicly listed entity (other than a company regulated by APRA) to comply
More informationCurrent State of Enterprise Risk Oversight:
Current State of Enterprise Risk Oversight: Progress is Occurring but Opportunities for Improvement Remain July 2012 Mark Beasley Bruce Branson Bonnie Hancock Deloitte Professor of ERM Associate Director,
More informationAdvisory Services. Global process ownership: implications for organizations. Global process ownership as a concept. by Lisa Janke and Neel Garg
Advisory Services Global process ownership: implications for organizations by Lisa Janke and Neel Garg Global process ownership as a concept Developing a governance model that seeks to assign process ownership
More informationInside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali
MANAGING OPERATIONAL RISK IN THE 21 ST CENTURY White Paper Series Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali 2 In today s competitive and
More informationIt s All About Strategy!
Enterprise Management: What s the Role of the? Mark Beasley Deloitte Professor of Enterprise Management NC State University 1 It s All About Strategy! 2 1 Strategic View of Management What is management
More informationENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA
ENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA Chapter 1 Fundamentals of Enterprise Risk Management Risk management has become a vital ingredient in the entrepreneurial culture
More informationIT Governance and the Audit Committee Recognizing the Importance of Reliable and Timely Information
IT ADVISORY IT Governance and the Audit Committee Recognizing the Importance of Reliable and Timely Information KPMG INTERNATIONAL IT Governance and the Audit Committee: Recognizing the Importance of
More informationStrategic Asset Management Plan
Strategic Asset Management Plan Prepared for Town of Oakville December 2017 CH2M HILL Canada Limited 245 Consumers Road Suite 400 Toronto, ON M2J 1R3 CA Contents Section Page Acronyms and Abbreviations...
More informationRisk Appetite Statement
Risk Appetite Statement May 2018 Risk Appetite Statement Contents 1. Mission, Vision, Values and Beliefs... 3 2. Introduction... 3 3. Overall Risk Appetite... 4 4. Risk Framework... 4 5. Key Risk Appetite
More informationAre you prepared for this Challenge? The new COSO Enterprise Risk Management Framework
Are you prepared for this Challenge? The new COSO Enterprise Risk Management Framework CAGFO 2018 Conference Winnipeg, MB September 13, 2018; 10:30am Agenda 01 What is being said of ERM today? 02 What
More informationSub-section Content. 1 Preliminaries - Post title: Head of Group Risk - Reports to: CRO - Division: xxx - Department: xxx - Location: xxx
Sub-section Content 1 Preliminaries - Post title: Head of Group Risk - Reports to: CRO - Division: xxx - Department: xxx - Location: xxx 2 Job Purpose - To assist in the maintenance and development of
More informationRisk Management Culture: The Linkage Between Ethics & Compliance and ERM September 14, 2009
2009 Compliance and Ethics Institute Risk Management Culture: The Linkage Between Ethics & Compliance and ERM September 14, 2009 Table of contents Section 1 2 3 4 5 6 Learning objectives Why measure risk
More informationBusiness Plan
Business Plan 2017-2018 rev. May 2017 MESSAGE FROM THE CEO As the Chief Executive Officer of PEC, I am pleased to present the 2017 2018 Business Plan, a tool that will enable the Cooperative to make informed
More informationTexas Tech University System
Texas Tech University System October 31, 2017 ERM Overview Evolution of Risk Management Risk Traditional Definition The possibility that something bad or unpleasant will happen. Merriam-Webster Minimizing
More informationA Risk Practitioners Guide to ISO 31000: 2018
A Risk Practitioners Guide to ISO 31000: 2018 Review of the 2018 version of the ISO 31000 risk management guidelines and commentary on the use of this standard by risk professionals 1 A Risk Practitioners
More informationL44: Taking BCP to BCM. Victoria D. Leighton Avanade, Inc.
L44: Taking BCP to BCM Victoria D. Leighton Avanade, Inc. AGENDA Part I: Critical steps from BCP to BCM Part II: Gaining buy-in from Executive Management Part III: Rolling out the process Enterprise wide
More informationEnterprise Risk Management
Enterprise Risk Management A Roadmap For Implementation June 12, 2018 Presented by: Speaker Name Marianne Turnbull CohnReznick LLP 4 Becker Farm Road Roseland, NJ 07068 P: 973-228-3500 E:marianne.turnbull@cohnreznick.com
More informationCGEIT Certification Job Practice
CGEIT Certification Job Practice Job Practice A job practice serves as the basis for the exam and the experience requirements to earn the CGEIT certification. This job practice consists of task and knowledge
More informationEmbedding Operational Risk
Embedding Operational Risk Banking & Payments Federation Ireland Angela Calapa, Risk & Regulatory Director Areas of Challenge for Embedding Operational Risk Most banks face a significant number of challenges
More informationRisk Advisory SERVICES. A holistic approach to implementing effective governance, managing risk and maintaining compliance
Risk Advisory SERVICES A holistic approach to implementing effective governance, managing risk and maintaining compliance Contents Weaver's Risk Advisory Services 1 Enterprise Risk Management 4 Assessing
More informationEnterprise Risk Management Demystified
Enterprise Risk Management Demystified Charles W. Soucy, CPCU, CLU, ARM Joe C. Underwood, CPCU, ARM, AIC October 27, 2010 Agenda 1. What is it? A formal definition of ERM How it s different 2. Why do it?
More informationUNF Finance and Audit Committee January 15, 2013
Item 7 UNF Finance and Audit Committee January 15, 2013 Issue Office of Internal Auditing Audit Planning Methodology Proposed Action Report Background Information The purpose of this item is to present
More informationIT Strategic Alignment Benchmark
IT Institute IT Strategic Alignment Benchmark This report was prepared for: Joann Chizlett Director of Information Technology Orlando-Orange County Expressway Authority The IT Institute (ITPI) is an independent
More informationPRACTICE. Reframing risk BY MARK BUTTERWORTH
Feature PRACTICE Reframing risk As the major revision of one of the world s most influential pieces of guidance on risk turns one year old, what does COSO ERM mean to the profession? BY MARK BUTTERWORTH
More informationCARNEGIE MELLON UNIVERSITY
CARNEGIE MELLON UNIVERSITY 1 Integrated Risk Management for the Enterprise Brett Tucker December 2018 Carnegie Mellon University Software Engineering Institute Carnegie Mellon University Pittsburgh, PA
More informationA Guide to Business Continuity
A Guide to Business Continuity Getting Started Business Continuity Management is a process driven from the top of the organisation. The first stage has to be an acceptance by the Board or the Executive
More informationRisk management is changing. Act now.
Global Regulatory Reform Risk management is changing. Act now. Risk Transformation 01 The call to action 01 02 New world. New CRO. 02 03 The risk function must operate differently 04 04 The ART of risk
More informationSo You Have Your Baseline Risk Assessment For ERM, What Next? San Antonio IIA I Heart Audit Conference February 2018
So You Have Your Baseline Risk Assessment For ERM, What Next? San Antonio IIA I Heart Audit Conference February 2018 Speaker Profiles Jody Allred, CPA, CITP, CISA, CGMA Partner, Risk Advisory Services
More informationERM Retooled: Driving Performance by Revising and Enhancing Risk Management Governance Wipfli LLP
ERM Retooled: Driving Performance by Revising and Enhancing Risk Management Governance 2018 Wipfli LLP In September 2017, the Committee of Sponsoring Organizations (COSO) a committee that provides guidance
More information