Leveraging ERM & Compliance. About me DISCLAIMER
|
|
- Audrey Bell
- 6 years ago
- Views:
Transcription
1 Leveraging ERM & Compliance Helen Goodwin, CCEP, Ethics and Compliance Professional Jana Utter, CCEP, Vice President ERM, Centene Corporation SCCE Utilities and Energy Compliance Conference February About me ENERGY FINANCIAL HEALTH Texas Eastern Panhandle Eastern Great Plains Energy KCPL MISO Fiserv, Inc. Centene Corp Accounting Initiated retail Initiated Enterprise Oversaw Corporate Lead Enterprise natural gas trading Risk Insurance Risk Tax desk Launched Initiating NAIC Natural Gas Trader Managed KCPL s Corporate ORSA Reporting regional accounts Compliance Program Initiated Enterprise Risk Oversaw Process Improvement, SSAE 16, and Records COMMON THEME Regulation, Regulation, Regulation. 2 DISCLAIMER The views and opinions expressed in this presentation are based on the experiences of the presenter. These views and opinions do not necessarily represent those of Centene Corp. 3 1
2 Building Upon Your Enterprise Risk Program Can Help You Navigate the Rough Waters of Compliance and Ethics Risks Chart the Course: Join efforts with ERM to map compliance related risk coordinates Stay On Course: Use the ERM Risk Assessment as your lighthouse to see potential risks Maintain the Deck Log: Keep a scorecard to check your accuracy of compliance and ethics risk findings 4 CHART THE COURSE The value of partnering with ERM 5 KEY POINTS Join efforts with ERM to map compliance related risk coordinates while the focus of ERM and Compliance may differ, alignment is important. Apply the Three Lines of Defense Consider Organizational Structure Leverage Communication Channels 6 2
3 The Three Lines of Defense Board of Directors and Board Committees Executive and Oversight Committee Enterprise Risks Strategic Risks Risks Emerging Risks 1 st Line of Defense Operational Process / Risk Ownership and Control 2 nd Line of Defense Corporate Risk and Compliance Functions Enterprise Risk Compliance Information Security Financial Controls Quality Supporting frameworks and processes for risk and compliance management, monitoring, and improvement 3 rd Line of Defense Internal Audit Independent and comprehensive assurance for governance, risk, and controls External Auditors Regulators 7 The Second Line of Defense Supporting frameworks and processes for risk and compliance management, monitoring, and improvement Compliance IT Compliance Enterprise Risk Quality/ Process Continuity Physical Security IT Security Financial Controls/SOX Operational Controls/SSAE 16 Records 8 Advantages of 2 nd Line Partnering Identify common themes and connected processes Supports Executive and the Board Presenting the 2 nd Line reports within the same forum allows the governance and oversight functions to gain a holistic view of risks Enterprise Risk Report includes high-level view of compliance risk assessments and reporting Builds upon and reiterates risk-related information received by the 1 st Line Executive and the Board are able to hear and see how risks ebb and flow within the company Supports External Reviews Consistency in the governance and reporting structure and the framework for 2 nd Line reporting streamlines reviews for both the company and the reviewers 9 3
4 2 nd Line of Defense Organizational Structure Example Chief Risk Officer Corporate Compliance and Ethics CISO Continuity / Disaster Recovery Enterprise Risk Quality / Process Improvement Records Information Security IT Compliance Physical Security Risk (Insurable Risks) Financial Controls Operational Controls 10 The Third Line of Defense Independent and comprehensive assurance for governance, risk, and controls Internal Audit Findings Sharing IA reports with the 2 nd Line informs and validates 2 nd Line risk identification Risk Assessments Sharing 2 nd Line risk reports & assessments informs the 3 rd Line & serves as inputs for audit focus consideration 11 Challenges & Pitfalls ERM and Compliance aren t the same Challenges ERM and Compliance are complementary but each have a different focus ERM = focuses on all areas of risks, including Compliance and Ethics Compliance = focused on Compliance and Ethics risks with other risk areas addressed as needed Pitfalls Inconsistent reporting to Executive Mgmt. and the Board Both functions typical produce corporatelevel periodic risk reports Lack of collaboration between ERM and Compliance may cause confusion 12 4
5 Overcoming Challenges & Pitfalls Charting the Course Together Partner Remember that both ERM and Corporate Compliance are part of the 2 nd LoD Common purpose to help the company achieve its strategic objectives while effectively managing risks Don t forget about joining forces with the other 2 nd LoDs too! Coordinate Share risk frameworks, risk assessments, mitigation plans, and risk reports To the extent possible, framework methodologies should be similar or complementary (i.e. scaling, dashboards) Risk reports with the same audience should be co-reviewed 13 Keep your Shipmates Informed Communication channels with the 1 st Line of Defense Market Steer clear of 2 nd Line confusion and burden I thought I just did a risk assessment?!? Demonstrate coordinated and integrated processes for corporate-wide risk and control information Raise Awareness Don t operate in a vacuum How does ERM and Corporate Compliance benefit me? Leverage 2 nd LoD risk info to be helpful to the front line Train Avoid feelings of uncertainty and lack of understanding How can I be sure I m compliant?/i didn t know I needed to do that! Is this issue a risk? Equip the ship! Share knowledge and highlight best practices 14 Keep the Communication Channels Open Even if your 2 nd Lines of Defense are not organizationally structured under a Chief Risk Officer, you can still establish open channels for sharing risk information. Quality ERM Corporate Compliance Board Executive Mgmt Oversight Committee Physical Security CISO Continuity 15 5
6 The ERM Viewpoint Mature ERM processes create a risk aware culture which cascades to supporting a culture of compliance. The ERM Process Risk Identification Uncover compliance issues Risk Assessment Evaluate severity Risk Mitigation Holistic remediation plans 16 Building Upon Your Enterprise Risk Program Can Help You Navigate the Rough Waters of Compliance and Ethics Risks Chart the Course: Join efforts with ERM to map compliance related risk coordinates Stay On Course: Use the ERM Risk Assessment as your lighthouse to see potential risks Maintain the Deck Log: Keep a scorecard to check your accuracy of compliance and ethics risk findings 17 STAY ON COURSE Leveraging Risk Assessments 18 6
7 A Deeper Dive into Risk Assessments Not all risk assessments are created equal but the results may reveal hidden themes. Focus of various risk assessments differ Identifying root cause helps to remediate risks and close gaps Surveys may address cultural and organizational gaps 19 2 nd Lines 3 rd Line Streamlining Risk Assessments for the 1 st Lines Compliance/Ethics Compliance Gaps Risk Assessment Remediation Timely sharing of information about independent risk assessments helps the Areas to holistically approach mitigation/remediation/action plans. Ops IT System Ops IT Apps 20 Reporting for Risks Oversight by one Executive level committee for corporate-level risk reporting. Executive Oversight Committee Corporate Risk/Compliance Functions & Internal Audit ERM Compliance & Ethics Internal Audit Areas Operations IT System Operations IT Applications Each member of Executive should have awareness of the issues under their purview contained in these reports but may not have had the opportunity to gain a holistic view Sharing the ERM, Compliance, and IA reports in the same meeting facilitates broader understanding of inter-related issues 21 ERM, Compliance, and Internal Audit reports capture the various types of risks of concern to Executive and the Board ERM captures all types of risks (strategic, operational, compliance, financial and sub-categories of each such as market performance, business process effectiveness, IT, quality, financial performance, and others) Corporate Compliance captures non-compliance issues and risks related to both internal and external requirements; typically identifies weak links in ethics, compliance training gaps, compliance culture (Hotline activity) Internal Audit captures control-based risks, operational process gaps, financial integrity and quality 7
8 Committee Structures Help Communication Oversight Committee Chief Risk Officer Chief Compliance Officer CISO Chief Audit Executive Board of Directors Chief Risk Officer Chief Compliance Officer CISO Chief Audit Executive A seat at the table will support consistency in: Knowledge and understanding of issues Communication Reporting Risk Oversight Committee CRO, CCO, CISO, CAE Corporate Compliance Committee CRO, CCO, CISO, CAE 22 Information Security Committee CRO, CCO, CISO, CAE Staying on Course Periodic Assessments ERM and Compliance processes include periodic rechecks Progress of mitigation and remediation plans Reassessment of issues and risk Monitoring effectiveness of mitigation and remediation Internal Audit processes include periodic monitoring Tracking of Action Plans Closure of noted gaps Risk assessment for Annual Audit Plan development 23 Keeping the Deck in Check! Using Surveys to Gauge the Winds Identifying needed tweaks in the efforts of the ERM and Compliance/Ethics teams may avoid rough waters ahead Corporate Employee Engagement Surveys may gauge awareness levels and culture relating to risk and compliance Cultural Diagnostic (Corporate Executive Board) measurement tool for assessing the ethics culture of the company; tool provides for customized questions which can be used to also assess the risk culture Committee Self-Assessments results of Oversight and Board Committee(s) may provide helpful feedback Results may provide Corporate Compliance/Ethics and ERM with opportunities to further collaborate to address gaps or streamline efforts 24 8
9 Watching for Obstacles Compliance Risks Keep in mind that being compliant may not mean that business operations can rest easy controls needed to demonstrate compliance are not enough to guard against risks. 25 Building Upon Your Enterprise Risk Program Can Help You Navigate the Rough Waters of Compliance and Ethics Risks Chart the Course: Join efforts with ERM to map compliance related risk coordinates Stay On Course: Use the ERM Risk Assessment as your lighthouse to see potential risks Maintain the Deck Log: Keep a scorecard to check your accuracy of compliance and ethics risk findings 26 MAINTAIN THE DECK LOG Maturing the Crew 27 9
10 Risk Registers Keep It Going! Reflecting upon your journey and maintaining a strong knowledge base of information and experiences will help you and the organization grow. Residual Risk Monitoring Building Deeper Awareness Advancing Training 28 Don t Lose Sight ---Let past experiences guide the future Risk Registers log past and present concerns for current and future reference. Internal Audit Compliance ERM Risk Knowledge Base Info Security Continuity 29 Keep past experiences in check Risk Impact Likelihood Level of Control Risk Score [Residual Risk Level] Previous Risk Score Risk # % Yes Risk # % No Risk # % No Review Requested Risk Score = 100 less the result of Impact x Likelihood multiplied by % of Level of Control Periodic risk assessments of both mitigated and active risks helps to keep risks under tow Reassessing mitigated risks helps to ensure corrective actions and remediation plans targeted the correct root cause If the residual risk score increases, a review is needed If the residual risk score is higher than desired, further mitigation should be considered 30 10
11 Foster the Culture Awareness Sharing experiences raises awareness What did you do to mitigate risks? Did you identify the real issues? What did you learn? What would you do differently? Training Weave training into the program As ERM and Compliance processes mature, new elements are added to the framework New elements can also be externally driven Use new elements as an opportunity to refresh and advance knowledge 31 Opportunity to Share How do ERM and Compliance & Ethics align and interact at your organizations? How do your organizations address Three Lines of Defense? 32 Opportunity to Share Why do companies with Compliance and ERM programs in place fail? How have your organizations utilized risk assessments and surveys? 33 11
12 Opportunity to Share How do your organizations maintain a robust knowledge base of risk and compliance issues? How have your organizations matured ERM and Compliance & Ethics? 34 12
Improve GRC Maturity through Combined Assurance
White Paper Improve GRC Maturity through Management External Assurance Providers Internal Assurance Providers Oversight Governance; Risks and Controls Figure 1: The Model What is Combined Assurance? With
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationMore than 2000 organizations use our ERM solution
5 STEPS TOWARDS AN ACTIONABLE RISK APPETITE Contents New Defining Pressures Risk Appetite and Risk Tolerance Benefits The 5 Best of Practices Risk Assessments Benefits of an Actionable Risk Appetite More
More informationWHITE PAPER THE 6 DIMENSIONS (& OBSTACLES) OF RISK MANAGEMENT
WHITE PAPER THE 6 DIMENSIONS (& OBSTACLES) OF RISK MANAGEMENT Risk management efforts often begin as focused attempts to improve certain elements of risk or compliance management within one functional
More informationPPM Assessment. Analyze Your PPM Practices In-Depth for Systematic Improvement
Assessment Analyze Your Practices In-Depth for Systematic Improvement Your Journey Starts Here. Understand Your Strengths & Weaknesses Evaluate Performance and Required Next Steps by Area Build a Improvement
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationEnterprise Risk Management Process Overview
Enterprise Risk Management Process Overview MISO Corporate Governance and Strategic Planning October 20, 2013 2013 ERM assessments indicated current status and improvement needs Booz & Company Study Maturity
More informationIT Management & Governance Tool Assess the importance and effectiveness of your core IT processes
IT & Governance Tool Assess the importance and effectiveness of your core IT processes STRATEGY& GOVERNANCE IT & Governance Framework APPS EDM01 ITRG04 DATA &BI ITRG06 IT Governance Application Portfolio
More informationCatching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010
Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29, 2010 1 Session Objectives Fraud Facts (2008 Association of Certified
More informationLeadership and Rising Stakeholder Expectations
Leadership and Rising Stakeholder Expectations Larry Harrington VP, Internal Audit Raytheon Company December 16, 2014 Copyright 2014 Raytheon Company. All rights reserved. Customer Success Is Our Mission
More informationUniversity System of Georgia Enterprise Risk Management (ERM) Creating A More Educated Georgia
University System of Georgia Enterprise Risk Management (ERM) Agenda What is ERM? How are we implementing ERM? The Way Ahead 2 What is ERM? (1/5) ERM is a process-driven tool that enables senior management
More information7 Key Trends in Enterprise Risk Management
7 Key Trends in Enterprise Risk Management John Verver, CPA CA, CISA, CMC Kevin Legere, ACDA Presenters John Verver Consultant and Advisor to ACL Kevin Legere Director of Product Design Agenda Excellence
More informationAudit of Entity Level Controls
Unclassified Internal Audit Services Branch Audit of Entity Level Controls February 2014 SP-606-03-14E You can download this publication by going online: http://www12.hrsdc.gc.ca This document is available
More informationRisk & Compliance. the way we do it. QualityData Advantage. for Basel Compliance
Risk & Compliance the way we do it QualityData Advantage SM for Basel Compliance Data Quality: The Foundation for Basel While data quality has been a hot topic in the industry for years, operationalizing
More informationDeVry Approach to ERM
IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago DeVry Approach to ERM Elizabeth Truelove McDermott, CPA Vice President, Audit, Ethics & Compliance
More informationGetting Started with Marsh ClearSight Your guide to achieve the clearest line of sight to your risk
Getting Started with Marsh ClearSight Your guide to achieve the clearest line of sight to your risk www.marshclearsight.com last updated October, 25, 2015 Copyright 2015 Marsh ClearSight, inc. All rights
More informationEnterprise Risk Management: Developing a Model for Organizational Success. White Paper
Enterprise Risk Management: Developing a Model for Organizational Success White Paper January 2009 Overview Less than a decade ago, Enterprise Risk Management (ERM) was an unfamiliar concept. Today, the
More informationWhitepaper September Middle East Perspective State of the Internal Audit Profession 2016
Whitepaper September 2016 Middle East Perspective State of the Internal Audit Profession 2016 Foreword 4 Introduction 5 Value Staying effective in a changing world 6 Leadership 5 attributes of the most
More informationEmployee Engagement. Pulse Survey. Recommendations Report
Employee Engagement Pulse Survey Recommendations Report Only purchased Proactive Insights employee engagement surveys provide the customized Intelligent Recommendations report that is specific to your
More informationdoing the right things.
U.S. Foundation Improve Public Sector Results With A Balanced Scorecard: Nine Steps To Success Howard Rohm Vice-President, the Balanced Scorecard Institute Director, U.S. Foundation Internet: www.balancedscorecard.org
More information2014 Global Council. Dubai, UAE 6-9 March 2014 DAY 2. globaliia.org
2014 Global Council Dubai, UAE 6-9 March 2014 DAY 2 Opening Remarks Paul J. Sobel, Chairman of the Board Agenda - Tuesday Opening Remarks P. Sobel Expanding the Umbrella of the IIA D. Beran Tuesday Discussion
More informationExtended Enterprise Risk Management
Extended Enterprise Risk Management Driving performance through the extended enterprise October 2015 A network within a network The Extended Enterprise is the concept that an organization does not operate
More informationDepartment of Navy Audit Update
Department of Navy Audit Update Northern Virginia Chapter Association of Government Accountants April 28, 2017 Victoria Crouse, Chief Strategy Officer Agenda What We ve Done Journey to Date: Key Milestones
More informationBreaking the Bottlenecks in Your SDLC
Breaking the Bottlenecks in Your SDLC The value of upfront business-it alignment As organizations urgently navigate Agile transformation, there is a new air of uncertainty towards the methodologies that
More information2012 IIA Standards Update
2012 IIA Standards Update International Internal Audit Standards Board (IIASB) October 2012 1 Session Overview Why the Standards matter Standards-setting due process The key changes in 2012 Best practices
More informationTHE ENTERPRISE AND RISK MANAGEMENT POLICY
Appendix 10 THE ENTERPRISE AND RISK MANAGEMENT POLICY 1. INTRODUCTION The Manila Water Company, Inc. (Manila Water) operates in a regulated and dynamic business environment where uncertainties, both detrimental
More informationNEW SKILLS AND PARTNERSHIPS IN IT ASSET MANAGEMENT
NEW SKILLS AND PARTNERSHIPS IN IT ASSET MANAGEMENT TRENDS FROM MATURING LICENSE MANAGEMENT TEAMS The Oracle LMS Steering Group Oracle Open World India 2017 New Delhi The Oracle License Management Services
More informationContinuous Auditing - A Delicate Chemistry
Continuous Auditing - A Delicate Chemistry Continuous Auditing - A Delicate Chemistry - WeiserMazars LLP s Governance, Risk and Compliance (GRC) Group WeiserMazars LLP is an independent member firm of
More informationERM and SMS Working Together in Harmony
ERM and SMS Working Together in Harmony Mike Smith CAA & Operations Auditing Lisanne Sison Director and Practice Leader, Risk Management Consulting Agenda I. Overview of SMS II. Overview of ERM III. Review
More informationLeadership Agility Profile: 360 Assessment. Prepared for J. SAMPLE DATE
Prepared for J. SAMPLE About this Report Introduction LEADERSHIP that special quality that enables leaders to achieve extraordinary success. In today's uncertain world the need for leadership is at an
More informationInsurance Operations: Managing Change for Maximum Results
Insurance Operations Guide Insurance Operations: Managing Change for Maximum Results A guide to seamlessly update processes and systems Insurance companies are complex organizations managing multiple levels
More informationQuality Assurance and Improvement Program
Internal Audit Foundations Standards 1000, 1010, 1100, 1110, 1111, 1120, 1130, 1300, 1310, 1320, 1321, 1322, 2000, 2040 There is an Internal Audit Charter in place Internal Audit Charter is in place The
More informationBest Practices for Establishing a Cost-Effective Internal Audit Function. Article by Heidi Wier June 2016
Best Practices for Establishing a Cost-Effective Internal Audit Function Article by Heidi Wier June 2016 Best Practices for Establishing a COST-EFFECTIVE INTERNAL AUDIT FUNCTION BY HEIDI WIER The heightened
More informationOptimizing an Enterprise Wide Effective Vendor Risk Management Program. Pam Schott Head and VP Enterprise Supplier Governance
Optimizing an Enterprise Wide Effective Vendor Risk Program Pam Schott Head and VP Enterprise Supplier Governance June 1, 2015 Emerging Industry Trends As Procurement organizations mature; their focus
More informationInternational Finance Corporation
International Finance Corporation Corporate Governance and Internal Audit Overview Bob Lamm Independent Senior Advisor Center for Corporate Governance Deloitte LLP Neil White Global IA Analytics Leader
More informationMeeting stakeholder expectations strategies for responding to the challenges. Mark Stock, Partner PwC
Meeting stakeholder expectations strategies for responding to the challenges Mark Stock, Partner PwC Value PROTECT ENABLE REASSURE Control What do your stakeholders value? -2- 1. The challenge 2. Recognising
More informationSolvency II and Risk Management: Generali Group approach. Stefano Ferri Group Chief Risk Officer Generali Group
Solvency II and Risk Management: approach Stefano Ferri Group Chief Risk Officer CETIF Milan, May 23 rd 2012 Strengthening of the Risk Management System in light of Solvency II 2 SOLVENCY II Solvency (Technical
More informationCORPORATE GOVERNANCE THEORY, SCOPE AND IMPORTANCE
CORPORATE GOVERNANCE THEORY, SCOPE AND IMPORTANCE What is on the agenda Corporate Governance: In Theory Brief history The concept Principles Corporate Governance: In Practice Corporate governance elements
More informationUnderstanding Customer Experience Management. Five Essential Elements of a Comprehensive Approach
Understanding Customer Experience Management Five Essential Elements of a Comprehensive Approach Overview In this era of the referral economy, the customer experience has more influence than ever on the
More informationEuropean CEI. Compliance 101
European CEI Compliance 101 Debbie Troklus, CHC-F, CCEP-F, CHRC, CHPC, CCEP-I Managing Director Aegis Compliance and Ethics Center dtroklus@aegis-compliance.com Sheryl Vacca, CHC- F, CCEP-F, CCEP-I, CHRC,
More informationEnterprise Risk Management Demystified
Enterprise Risk Management Demystified Charles W. Soucy, CPCU, CLU, ARM Joe C. Underwood, CPCU, ARM, AIC October 27, 2010 Agenda 1. What is it? A formal definition of ERM How it s different 2. Why do it?
More informationVENDOR RISK MANAGEMENT FCC SERVICES
VENDOR RISK MANAGEMENT FCC SERVICES Introductions Chris Tait, CISA, CFSA, CCSK, CCSFP Principal, Financial Services Baker Tilly Russ Sommers, CPA, CISA Senior Manager, Financial Services Baker Tilly Agenda
More informationAudit Committee Reporting: Trends and Best Practices. Claudio de los Rios CPA, CA, Wolters Kluwer November 1, 2016
Audit Committee Reporting: Trends and Best Practices Claudio de los Rios CPA, CA, Wolters Kluwer November 1, 2016 Claudio de los Rios Canadian CPA,CA Public accounting and Tax in Vancouver, Canada Deloitte,
More informationThe Future of Internal Auditing:
Internal Audit The Future of Internal Auditing: Changing Internal Audit s Value Proposition October 12, 2010 Istanbul, Turkey Presented by: Naman Parekh Partner, Agenda Background of the 2012 Study Key
More informationGood Practices of the Audit Committee
Good Practices of the Audit Committee Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA President and Chief Executive Officer The Institute of Internal Auditors Overview Audit Committee s Core responsibilities
More information2013 SCCE Higher Education Conference. Matching and Mismatching Metrics for Meaning. Presentation Goals
2013 SCCE Higher Education Conference Matching and Mismatching Metrics for Meaning Luanna Putney, PhD, CHC, CCEP, Director of Research Compliance, University of California Marti Arvin, JD, CHC F, CPC,
More informationPresentation Goals. Matching and Mismatching Metrics for Meaning. Developing Metrics that Matter SCCE Higher Education Conference
2013 SCCE Higher Education Conference Matching and Mismatching Metrics for Meaning Luanna Putney, PhD, CHC, CCEP, Director of Research Compliance, University of California Marti Arvin, JD, CHC F, CPC,
More informationRisk Management and Regulatory Examination/Compliance Seminar October 27, Eric Young CCO-Americas and CCO-IHC
Risk Management and Regulatory Examination/Compliance Seminar October 27, 2015 Eric Young CCO-Americas and CCO-IHC I. Volcker Rule: Overview of the Compliance Program 2 The Volcker Compliance Program:
More informationExternal Quality Assessment Are You Ready? Institute of Internal Auditors
External Quality Assessment Are You Ready? Institute of Internal Auditors Objectives Describe frameworks used to assess the quality of an IA activity Discuss benefits, challenges, and success factors related
More informationInternal Audit Best Practices for Community Banks. A CSH White Paper
Internal Audit Best Practices for Community Banks A CSH White Paper Internal audit is not an option; examiners expect your bank to have an effective internal audit program in place. However, in today s
More informationOperationalizing NPS Benchmarks. How to Use Comparative Data to Drive Customer Experience Success
Operationalizing NPS Benchmarks How to Use Comparative Data to Drive Customer Experience Success Overview Net Promoter Score (NPS ) has become the most widely accepted measure of customer loyalty and retention.
More informationHow to Conduct an End-of-Year SOCIAL MEDIA AUDIT. That Will Drive Results & Impress Your Boss
How to Conduct an End-of-Year SOCIAL MEDIA AUDIT That Will Drive Results & Impress Your Boss The End-of-Year Social Media Audit While social marketers tend to think in terms of real-time and future campaigns,
More informationCaribbean Association of Audit Committee Members Inc. Independent Quality Assurance Assessment of the Internal Audit function
www.pwc.com/bb Caribbean Association of Audit Committee Members Inc. Independent Quality Assurance Assessment of the Internal Audit function Strengthening the Performance and Influence of the Audit Committee
More informationDon t make the same mistake twice! Avoiding repeat violations of Reliability Standards
Don t make the same mistake twice! Avoiding repeat violations of Reliability Standards 17 November 2010 www.morganlewis.com www.ey.com Welcome to Don t Make the Same Mistake Twice! Avoiding Repeat Violations
More informationCompliance 3.0: Leveraging Social Media to Drive a Culture of Compliance. Summary
Compliance 3.0: Leveraging Social Media to Drive a Culture of Compliance Louis A. Sapirman & Thomas R. Fox September 25-28, 2016 Summary Focus on how the Compliance Team can act as a steward of Corporate
More informationERM: Risk Maps and Registers. Performing an ISO Risk Assessment
ERM: Risk Maps and Registers Performing an ISO 31000 Risk Assessment Agenda Following a Standard? Framework First Performing a Risk Assessment Assigning Risk Ownership Data Management Questions? Following
More informationITIL Goes Strategic! Marrying Program and Service MGMT
The Presentation Will Begin At 12PM EST ITIL Goes Strategic! Marrying Program and Service MGMT Service Operations processes are fairly easy to implement as they stand on their own, but the remaining four
More informationBEATING THE BENCHMARK. A comprehensive guide for assessing and benchmarking compliance program effectiveness
BEATING THE BENCHMARK A comprehensive guide for assessing and benchmarking compliance program effectiveness 68% of chief compliance officers attempt to measure compliance program effectiveness....but only
More informationSession 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA
Session 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA Presenters: James Russell Collingwood, ASA, MAAA David Paul, FCAS, MAAA Chad R. Runchey,
More informationMPAC BOARD OF DIRECTORS MANDATE
MPAC BOARD OF DIRECTORS MANDATE The Municipal Property Assessment Corporation Act is the foundation of the governance model that establishes Municipal Property Assessment Corporation (MPAC) and sets out
More informationCONTENTS. Acknowledgments... iv. 1: Introduction : Why have organizations chosen to seek compliance with the Standards?...2
IIA STANDARD 1312 - EXTERNAL QUALITY ASSESSMENTS: RESULTS, TOOLS, TECHNIQUES AND LESSONS LEARNED THE IIA RESEARCH FOUNDATION JULY 2007 Disclosure Copyright 2007 by The Institute of Internal Auditors Research
More informationRisk Management Strategy
Risk Management Strategy 2017-2019 Created by: Role Name Title Author / Editor Kevin McMahon Head of Risk Management & Resilience Lead Executive Margo McGurk Director of Finance & Performance Approved
More informationInstruction Guide. Version 2.0 Last Updated: August Praesidium All rights reserved.
Instruction Guide Version 2.0 Last Updated: August 2016 Congratulations! Your organization has partnered with Praesidium, the national leader in abuse risk management, to provide abuse prevention tools
More informationService Business Plan
Service Business Plan Service Name Internal Audit Service Type Internal Service Owner Name Sheila Jones Year 2018 Service Owner Title Service Description City Auditor An internal service to provide independent,
More informationData, Analytics and Your Audit
Data, Analytics and Your Audit What Financial Executives Need to Know By Roger O Donnell Partner, KPMG LLP Reprinted by permission from Financial Executive kpmg.com audit Perhaps no business trend has
More informationLIVING IN THE REAL WORLD THE LEGAL AND INSURANCE ASPECTS OF SMS
LIVING IN THE REAL WORLD THE LEGAL AND INSURANCE ASPECTS OF SMS Minneapolis, Minnesota August 8-9, 2017 Special Thanks Our Host: August 8-9, 2017 Panelists Risk Management Perspective Michael Yip, Vice
More informationREPORT 2014/115 INTERNAL AUDIT DIVISION. Audit of information and communications technology management at the United Nations Office at Geneva
INTERNAL AUDIT DIVISION REPORT 2014/115 Audit of information and communications technology management at the United Nations Office at Geneva Overall results relating to the effective and efficient management
More informationMarked as Read: The Story of the Ineffective Code of Conduct
Marked as Read: The Story of the Ineffective Code of Conduct Presented by Ed Petry Vice President, Advisory Services Elizabeth Lewis Content Director, NAVEX Engage www.navexglobal.com Copyright 2016NAVEX
More informationInternal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation
2015 State of the Internal Audit Profession Study Internal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation 68% of companies have gone through or
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which
More informationGlobal Expectations for Addressing Fraud Risk and the Investigative Process
Global Expectations for Addressing Fraud Risk and the Investigative Process Waheed Alkahtani CFE, CISA, and CCEP-I Saudi Aramco Internal Auditing Special Audits Division Copyright 2014, Saudi Aramco. All
More informationadp.ca Outsourcing: Today s Approach to Doing More with Less Your guide to getting the most from your HR outsourcing experience
adp.ca Outsourcing: Today s Approach to Doing More with Less Your guide to getting the most from your HR outsourcing experience Executive Summary Table of Contents Executive Summary... 2 Recommendations
More informationPlanview Enterprise One
Data sheet Planview Enterprise One Accelerate strategic execution enterprise-wide across all work and resources Savvy business leaders aspire to confidently drive change that advances their strategic objectives,
More informationInternal Oversight Division. Internal Audit Strategy
Internal Oversight Division Internal Audit Strategy 2018-2020 Date: January 24, 2018 page 2 TABLE OF CONTENTS LIST OF ACRONYMS 3 1. BACKGROUND 4 2. PURPOSE 4 3. WIPO STRATEGIC REALIGNMENT PROGRAM 5 (A)
More informationLEADERSHIP AND SUPERVISION
CHAPTER 21 LEADERSHIP AND SUPERVISION To lead, you must first be able to follow; for without followers, there can be no leader. Navy Saying Today s Navy operates with fewer people and resources than before.
More informationAn Overview of the AWS Cloud Adoption Framework
An Overview of the AWS Cloud Adoption Framework Version 2 February 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes
More informationTaking ERM to a. 6 GRC Today / October 2015
GLOBAL SCALE 6 GRC Today / October 2015 Global Scale lobal events highlighted by G business scandals, failures, information theft, and natural disasters have shone the spotlight yet again on risk management
More informationAudit Standards 6/23/2017. Outline. Let s Refresh. Changes to the IIA Standards
Audit Standards Let s Refresh Outline Changes in the Standards Changes in the Yellowbook Standards Attribute/General Standards Performance/Fieldwork Standards Reporting Standards Key Differences Changes
More informationIncreasing ROI with mobile computing
Adopting into the enterprise can increase productivity and help stakeholders make more accurate, faster decisions based on real-time information. However, in order to avoid the cost drains and changemanagement
More information2017 North American Pulse of Internal Audit. Public Sector Focus. Courageous Leadership: Instilling Confidence from Within
2017 North American Pulse of Internal Audit Public Sector Focus Courageous Leadership: Instilling Confidence from Within Agenda Pulse Overview Topics Communications Not Traditionally Subject to Assurance
More informationENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS. Dan Julevich and Chris Dawes April 17, 2015
ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS Dan Julevich and Chris Dawes April 17, 2015 Agenda ERM What, Why, How? ERM Keys to Success Fail, Survive, or Thrive? ERM Current State Overview ERM Leading
More informationWhat Every Internal Auditor Should Know Perspectives of a Chief Compliance Officer
What Every Internal Auditor Should Know Perspectives of a Chief Compliance Officer IIA: November 11, 2011 Jon Rydberg Agenda 1. Opening Comments 2. Weak Infrastructure May Drive Value Destruction 3. Case
More informationTHE ROADMAP TO SAFETY EXCELLENCE: 8 ESSENTIAL STEPS FOR CHANGE
THE ROADMAP TO SAFETY EXCELLENCE: 8 ESSENTIAL STEPS FOR CHANGE INTRODUCTION Every 15 seconds, more than 150 workers are involved in a workplace accident 1. Leaders committed to safety know that the only
More informationValue-Added Internal Audit: Myth or Reality?
Value-Added Internal Audit: Myth or Reality? Istanbul 12 November 2013 Jean-Pierre Garitte, CIA, CCSA, CISA, CFE, RFA Past Chairman of the Board IIA Past President ECIIA Polling question #1 For how long
More informationClarifying the Role of. Enterprise Risk Management
Clarifying the Role of Enterprise Risk Management Introductions/Opening Remarks Speakers: Doug Webster, Director, Risk Officer, US Agency for International Development Mike Wetklow, Deputy CFO, National
More informationSUSTAINING AN ETHICAL CULTURE: IT S NOT ALWAYS BLACK AND WHITE
SUSTAINING AN ETHICAL CULTURE: IT S NOT ALWAYS BLACK AND WHITE Most companies want to do the right thing when it comes to ethics. It seems that it should be as easy as telling everyone in the organization
More informationManagers at Bryant University
The Character of Success for Managers at Bryant University Interviewing Guide (Revised 8/25/04) Career Strategies, Inc. Boston, MA A New Approach to Interviewing for Managers at Bryant University An interviewer
More informationKPMG Internal Audit: Top 10 key risks in 2016
KPMG Internal Audit: Top 10 key risks in 2016 Financial Services kpmg.nl I Six years after the financial crisis, internal auditors at banks, insurance companies and capital markets firms continue to face
More informationWORKGROUP-LEVEL OVERVIEW. What You Will Learn. What You Will Apply To Your Workgroup
INTRODUCTION TO PERFORMANCE SCORECARDS WORKGROUP-LEVEL OVERVIEW What You Will Learn 1. By implementing Performance Scorecards, you are adopting an organized, proven method of defining key business outcomes
More informationFinancial Services Cloud: Platform for High-Touch Client Relationships
Financial Services Cloud: Platform for High-Touch Client Relationships Salesforce, Spring 18 @salesforcedocs Last updated: January 11, 2018 Copyright 2000 2018 salesforce.com, inc. All rights reserved.
More informationCONTACT CENTER CAPABILITIES SELF-ASSESSMENT RESULTS
2017 RESEARCH REPORT CONTACT CENTER CAPABILITIES SELF-ASSESSMENT RESULTS Research Reveals Common Themes and Trends Across Companies in 10 Key Areas 86% of buyers say they would pay more for a better customer
More information6 PERSPECTIVES OF A LEADER
6 PERSPECTIVES OF A LEADER Your leadership effectiveness is determined by two things: the decisions you make and the influence you have. Great leaders are able to make exceptional decisions. They have
More informationIBM Impact Grants. Offering Portfolio
Offering Portfolio The consultative services provided by IBM for our strategic plan were used as a catalyst for our programming model. The facilitators were excellent and the leadership model positioned
More informationBeyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404
Beyond Compliance Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404 Note to Readers Regarding This First Edition April 2003: This document was published
More informationPART THREE: Work Plan and IV&V Methodology (RFP 5.3.3)
PART THREE: Work Plan and IV&V Methodology (RFP 5.3.3) 3.1 IV&V Methodology and Work Plan 3.1.1 NTT DATA IV&V Framework We believe that successful IV&V is more than just verification that the processes
More informationAudit s Role in Risk Governance
Audit s Role in Risk Governance Presentation to: Auditors Forum Spokane, WA October 12-13, 2016 Jeremy Taylor, Co-CEO AuditOne, LLC Risk governance Takes in an expanding array of functions and responsibilities.
More informationThird Party Risk Management ( TPRM ) Transformation
Third Party Risk Management ( TPRM ) Transformation September 20, 2017 Internal use only An introduction to TPRM What is a Third Party relationship? A Third Party relationship is any business arrangement
More information2017 ENTERPRISE RISK MANAGEMENT BENCHMARK SURVEY
2017 ENTERPRISE RISK MANAGEMENT BENCHMARK SURVEY 2017 ENTERPRISE RISK MANAGEMENT BENCHMARK SURVEY ANALYSIS Brandon Righi Carol Fox PUBLICATIONS EDITOR Morgan O Rourke ART DIRECTOR Nick Nguyen METHODOLOGY
More informationAuditing the Compliance Function Maturity, Coordination and Complying Effectively
Auditing the Compliance Function Maturity, Coordination and Complying Effectively Eric Young, BNP Paribas CUSO/IHC and Americas CCO (moderator) Gilles Karpowicz, BNP Paribas Chief Auditor CUSO/IHC and
More informationREVISED CORPORATE GOVERNANCE PRINCIPLES FOR BANKS (CONSULTATION PAPER) ISSUED BY THE BASEL COMMITTEE ON BANKING SUPERVISION
January 9, 2015 Secretariat of the Basel Committee on Banking Supervision Bank for International Settlements CH-4002 Basel, Switzerland Submitted via http://www.bis.org/bcbs/commentupload.htm REVISED CORPORATE
More information