Integrating Corporate Compliance Programs into Enterprise Risk Management Programs
|
|
- Joel Knight
- 5 years ago
- Views:
Transcription
1 Integrating Corporate Compliance Programs into Enterprise Risk Management Programs Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Presenters Rick Moyer, CIA Senior Associate Vice President and Chief Risk Officer, Stanford University Mike Somich Director, Baker Tilly Retired Executive Director, Office of Audit, Risk and Compliance, Duke University 2 1
2 Objectives Understand an ERM process and the way a compliance program fits into it Explore the structure of an ERM program and comparing it to a mature compliance program Identify the places where risk tolerance enter into decision made when developing a compliance program and ways a current program could begin to mature 3 Compliance Programs Federal Sentencing Guidelines > Provides outline for an effective compliance program > Not prescriptive on how it should be designed > Must determine how meeting guidelines fits into institution organization > Must decide how institution will effectively meet the guideline based on size of institution o If large research institution, program will need to be more detailed and specific o If a smaller institution, rigor may be focused on a few key compliance risk areas with other focus at a high level > One size does not fit all 4 2
3 Compliance Programs Elements of the Federal Sentencing Guidelines > Prevent and detect criminal conduct > Management informed of program > Insure engagement of employees in ethical conduct > Communicate standards to board, senior leaders, managers and employees > Monitor; evaluate program periodically; hot line > Enforce program; consequences > Remediate problems 5 Develop Framework Four Levels of Participation Governance Program Design and Management Risk Ownership Audit 6 3
4 Organizational participation - Governance Usually assigned to Audit Committee (AC) Must understand program Annually review program Board Must oversee program Annually approve high risk items Receive reports on monitoring plans Involved in overseeing significant governmental investigations and institution response 7 Organizational participation - Governance Administrative report of the Chief Compliance Officer (CCO) Approves suggested program changes annually and recommends approval to AC Senior Leaders Oversees the management of the program Reviews recommendation of high compliance risk items, Approves and recommends AC approval Receives reports of monitoring activities before reported to AC Involved with significant investigations to insure institutional perspectives are considered 8 4
5 Organizational participation Program Development and Management Program Framework Design (Could be performed by committee before CCO is hired) Providing umbrella over the decentralized compliance activities on campus Defines responsibilities of those managing a compliance activity Compliance managers have a dotted line to CCO Chief Compliance Officer Leads annual compliance risk assessment process Oversees monitoring activities of compliance managers Presents results of monitoring activities to senior leadership and AC Manages process of government investigations 9 Organizational participation Risk Ownership Each compliance risk has an owner and manager Compliance risk owner Compliance risk manager One of the senior leaders of the institution Has the ability to set the risk tolerance on the risk for the institution Education Risk assessment Monitoring Reporting Remediation 10 5
6 Organizational participation Audit Function Department (vertical) Audit Function performed by Internal Audit Responsibility to IA based on risk Reports delivered to senior leaders, AC Compliance process (horizontal) Specific grants (focused) 11 Compliance Programs - Conclusion > The previous slides highlight responsibilities > The design and extent and depth of procedures will be based on risk, size, culture > Annual reassessment of framework allows changes to be made to respond to changes in federal grants, law changes, institutional changes > One size does not fit all 12 6
7 Enterprise Risk Management (ERM) Types of risk assessments: Strategic Operating Financial Compliance 13 ERM organizational responsibilities Board Full board aware of the ERM process Assigns oversight to AC Annual approval of management recommendation of risk management process for the next year Option to report strategic risks to full board rather than AC Receives annual assessment of strategic risk If reported to AC, then the report of strategic risk goes to full board annually Could alternate presentations each year 14 7
8 ERM organizational responsibilities Answer question who can set risk tolerance? Identify risk owners Who can make an institutional decision on risk tolerance? Identify risks that have the largest potential impact on the organization Senior Leaders President, as ultimate risk owner, makes presentation to the AC (or full board) of strategic risks Oversee the risk assessments of operating, financial and compliance ensuring the annual risk management process is followed Oversee the assessment of mitigation strategies and approve changes 15 ERM organizational responsibilities Lead risks assessments of their area of responsibility Report assessment results to the senior leadership Vice Presidents (operational, financial, compliance) Risk Managers Lead the review of the mitigation strategies Recommend changes in mitigation strategies Once approved, implement changes in mitigation strategy Manage the risk day to day 16 8
9 Frequency of reporting Annual Periodic Biannual > Strategic Risk best practice > Compliance considered necessary under Federal Guidelines > Based on the organization s desire > Some consider annual appropriate > Pro constant process > Con takes significant time and the changes in a year are often not significant > Pro better use of resources > Con something may happen in two years > Mitigate this con by holding meeting with CRO (or equivalent) and VP to discuss whether changes to heat map have occurred. If so, they are reported to the senior leadership with plans to address. 17 Compliance vs. ERM Outside Guiding Principles Compliance Federal Sentencing Guidelines Guidance not prescriptive Interpretation of what fits organization ERM None, rating agency expectations Guidance not prescriptive Interpretation of what fits organization 18 9
10 Compliance vs. ERM Board s Role Compliance Understand program Oversee program Assign oversight to Audit Committee Annually review and approve program Approve high risk compliance items Receive monitoring reports on high risk items ERM Understand program Oversee program Assign oversight to Audit Committee Annually review and approve ERM process Receive report of strategic risks Board or a committee monitors strategic risks 19 Compliance vs. ERM Senior Leaders (SL) Compliance CCO reports administratively to SL Approves program changes annually Receives recommendation of high risk items and approves Receives monitoring reports ERM CRO reports administratively to SL Approves annual ERM plan Receives risk assessments of operational, financial and compliance people Receives reports on mitigation strategies and recommendations for changes 20 10
11 Compliance vs. ERM Vice Presidents/Compliance Risk Managers Compliance Leads risk assessment in this area Reports results to SL Leads review of mitigation strategies Recommends changes to mitigation strategies Implements changes to mitigation strategies Manages the risk day to day ERM Education Risk assessment Monitoring Reporting Remediation 21 Observations If you adopt the COSO model, since compliance is a level of risk, it would be logical that the structure for compliance would parallel ERM. However: > Common practice is they are not developed at the same time > History is hard to break > Both ERM and compliance programs often do not define senior leader role and responsibility > Decentralized environments > Difficulty in defining who manages what 22 11
12 Benefits of coordination > Board responsibility consistent and defined > Senior Leader involvement defined Definition of risk owners and setting institutional risk tolerance Encourages them to be more engaged in the processes > Aligns risk manager responsibilities Whether ERM risk manager Or compliance risk manager Consistent across the institution > Overall Improves culture; makes it more consistent Involves more people in decisions earlier More points of view considered Risk considered in decisions at all phases of decision making 23 Maturing a compliance program using risk > Early stage of compliance program Define formal program Identify risk owners Compliance risk managers o Identify what is being done o Identify what should be done o Teach those who do to make work consistent > Infancy stage 24 12
13 Maturing a compliance program using risk > Each compliance manager assesses risk (impact and probability > Chief Compliance Officer and others evaluate responses and recommend to SL top ten compliance risks > These are the requirements we have to meet; we have to do well; we cannot accept errors > Look at process managing these areas Using resources to mitigate areas of greatest risk Tighten processes to mitigate risk Assure process controls in place to detect errors Monitor > Moving forward in maturity 25 Maturing a compliance program using risk > Senior Leaders receive reports of monitoring results; understand the program > Over time, less time needed to talk about these routine items > Discussion morphs to emerging compliance issues/risks > Example - Institutional Conflict of Interest > Number of meetings can decrease > Breadth of committee can increase > Increasing maturity 26 13
14 Maturing a compliance program using risk Delivering value > Many compliance processes developed by middle management > Generally risk adverse > Processes over-engineered > Opportunity With SL input on risk tolerance in place Sync process with risk tolerance, reducing burden to researchers Align monitoring activity with risk tolerance > Reaching a high level of maturity Addressing issues of noise in the organization Aligning resources used with risk Involving those affected by the problem in the solution Opens productive discussions on other issues that can benefit the institution 27 Q&A 28 14
15 Contact information MIKE SOMICH DIRECTOR RICK MOYER, CIA SENIOR ASSOCIATE VICE PRESIDENT AND CHIEF RISK OFFICER
Using a Compliance Program Assessment to Elevate Institutional Compliance Effectiveness
Using a Compliance Program Assessment to Elevate Institutional Compliance Effectiveness Kevin Robinson Associate Vice President, Office of Audit, Compliance & Privacy Auburn University Michael Somich Executive
More informationBeaver Works: Business Excellence Adding Value & Service. Business Operations Project Plan Information Sessions August-October 2018
Beaver Works: Business Excellence Adding Value & Service Business Operations Project Plan Information Sessions August-October 2018 Information Session Agenda Where We ve Been Background, Challenges, and
More informationExecutive Teams and the Use of ISO in Decision Making. Scott Wightman, ARM-E National Director Gallagher ERM Practice
Executive Teams and the Use of ISO 31000 in Decision Making Scott Wightman, ARM-E National Director Gallagher ERM Practice Agenda Defining ERM Mission, Objectives and Uncertainty Governance and Risk Varying
More informationWhat s New In GAO s Revised Greenbook
What s New In GAO s Revised Greenbook Association of Government Accountants, KC Chapter Fall 2014 Professional Development Seminar November 10, 2014 Michael A. Fiene Chief, USDA/FSA-Internal Control and
More informationINTERNAL CONTROLS ON OUR CAMPUS. Kara Kearney-Saylor Director of Internal Audit, UB
INTERNAL CONTROLS ON OUR CAMPUS Kara Kearney-Saylor Director of Internal Audit, UB 1 Select headlines over the past 12 months.. Dennis Black under investigation for UB spending Former UB VP Dennis Black
More informationEnterprise Risk Management Process Overview
Enterprise Risk Management Process Overview MISO Corporate Governance and Strategic Planning October 20, 2013 2013 ERM assessments indicated current status and improvement needs Booz & Company Study Maturity
More informationBenchmarking Compliance Effectiveness:
Benchmarking Compliance Effectiveness: Developing a Maturity Model to Measure Your Compliance Program and Report to Your Board/Audit Committee Robert F. Roach Vice President, Chief Global Compliance Officer
More informationSample Corporate Risk Management Policy
Sample Corporate Risk Management Policy This document provides a sample Risk Management policy which includes an overview of the key roles and responsibilities of the various stakeholders. Risk Oversight
More informationThat the ISO Board of Governors approve the Compliance Program Policy included as Attachment A to this Memorandum.
California Independent System Operator Corporation Memorandum To: ISO Board of Governors From: John C. Anders, Acting Corporate Secretary Yakout Mansour, President and Chief Executive Officer Date: January
More informationLeveraging ERM & Compliance. About me DISCLAIMER
Leveraging ERM & Compliance Helen Goodwin, CCEP, Ethics and Compliance Professional Jana Utter, CCEP, Vice President ERM, Centene Corporation SCCE Utilities and Energy Compliance Conference February 2016
More informationAUDIT COMMITTEE CHARTER APRIL 30, 2018
AUDIT COMMITTEE CHARTER APRIL 30, 2018 I. Purpose The Audit Committee ( Committee ) is appointed by the Board of Directors ( Board ) to assist the Board in its oversight responsibilities relating to: the
More informationBenchmarking 101: Shaping your E&C Program for Maximum Value
Benchmarking 101: Shaping your E&C Program for Maximum Value Presented on November 15, 2016 Copyright 2016NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented by Mary Bennett Vice President, Advisory Services,
More informationDurham College Policy and Procedure
Durham College Policy and Procedure TYPE: Administrative TITLE: Risk Management NO.: ADMIN-223 RESPONSIBILITY: Chief Administrative Officer and Chief Financial Officer APPROVED BY: Durham College Leadership
More informationSCCE Compliance & Ethics Institute. Agenda. Trust & Verify: Investigation and Compliance Forensic Tools. September 16, 2014
SCCE & Ethics Institute Trust & Verify: Investigation and Forensic Tools September 16, 2014 Martin Wolin Chief Risk & Officer Mercer North & Latin America Boston, MA Alan K. Halfenger Chief Officer Bain
More informationGovernance: Risk Committees
Governance: Risk Committees Eric Holmquist Managing Director, ERM National Practice FIS Melinda Thompson SVP, Director, Operational Risk Management Rabobank NA Agenda Introductions The Role of Risk Committees
More informationEnterprise Risk Management: Developing a Model for Organizational Success. White Paper
Enterprise Risk Management: Developing a Model for Organizational Success White Paper January 2009 Overview Less than a decade ago, Enterprise Risk Management (ERM) was an unfamiliar concept. Today, the
More informationSession 7: Corporate Governance
Session 7: Corporate Governance New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
More informationStructuring Compliance: The Duke Model
Structuring Compliance: The Duke Model June 2, 2014 Michael L. Somich, Executive Director, Office of Internal Audits Tina R. Tyson, JD, Chief Ethics and Compliance Officer What is a Compliance Program?
More informationCOSO ERM: Integrating with Strategy and Performance. Michael Parkinson
COSO ERM: Integrating with Strategy and Performance Michael Parkinson Content The COSO Frameworks Risk (Enterprise) Risk Management The COSO risk management framework A few highlights Questions for management
More informationINTEGRATING ENTERPRISE RISK MANAGEMENT IN THE FEDERAL GOVERNMENT. Partnership for Public Service September 10, 2015
INTEGRATING ENTERPRISE RISK MANAGEMENT IN THE FEDERAL GOVERNMENT Partnership for Public Service September 10, 2015 Welcome, Introductions, and Purpose 3 Federal Enterprise Risk Management Framework Mission/Vision
More informationStructuring Compliance: The Duke Model
Structuring Compliance: The Duke Model June 2, 2014 Michael L. Somich, Executive Director, Office of Internal Audits Tina R. Tyson, JD, Chief Ethics and Compliance Officer What is a Compliance Program?
More informationAuditing Culture Building Culture from the Ground Up May 19, 2016
Auditing Culture Building Culture from the Ground Up May 19, 2016 Carrie Weber, Vice President Internal Audit, Ameritas Agenda Culture: What? Why? How did I do it? Polling Question #1 How familiar are
More informationSustainable Compliance - Using Investigations to Drive Remedial Measures
Sustainable Compliance - Using Investigations to Drive Remedial Measures April 17, 2018 Julie J. Gresham, Senior Counsel & Director of Compliance James B. Perrine, Senior Counsel & Director of Investigations
More informationDeloitte Governance Framework and Maturity Model
Deloitte Governance Framework and Maturity Model Deloitte Governance Framework The Deloitte Governance Framework was developed to help boards and executive management assess the effectiveness of the organization
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationCompliance, Internal Audit, and Risk Management: What do they look like at a Managed Care Plan?
Compliance, Internal Audit, and Risk Management: What do they look like at a Managed Care Plan? And, other words of wisdom... Objectives: Define risk and identify where risk comes from Recognize what risk
More informationCompliance Risk Management
Compliance Risk Management Seventh Annual University Compliance Conference Society for Corporate Compliance and Ethics May 30, 2009 Robert F. Roach, NYU University Ethics and Compliance Officer Robert.Roach@nyu.edu
More informationStrengthening Your Enterprise Risk Management Process
Strengthening Your Enterprise Risk Management Process Belinda Mumma, Senior Consultant, Enterprise Risk Management Services bmumma@sollievo.com (866) 605-5664 x3400 Discussion Topics Definition of Enterprise
More informationGovernance in a multidimensional environment
Subsidiary Governance October 2016 On the board s agenda Governance in a multidimensional environment As organizations expand their operations, many do so by creating or acquiring legal entities to operate
More informationSample Strategy and Value Oversight Policy
Sample Strategy and Value Oversight Policy This document provides a sample Strategy & Value Oversight policy which includes a high level overview of the key roles and responsibilities of the various participants.
More information5/16/2017. Conducting Compliance Risk Assessments: Understanding Risk at the Functional Level. Career - Responsibilities.
SCCE Higher Education Conference Monday June 5, 2017, 1.45-2.45 pm Conducting Compliance Risk Assessments: Understanding Risk at the Functional Level Sonal J. Shah, CPA, MSPA, CHC, CGMA Chief Ethics and
More informationProfessional Internal Auditor Training program Modules & Outcomes
rofessional Internal Auditor Training program Modules & Outcomes Training modules supplementary to the Workplace Structured Training Training Module 1: Internal Audit s role in Governance 1. The business
More informationIIA ERM Summit. Jim DeLoach and Steve Jameson August 22, 2010
IIA ERM Summit Jim DeLoach and Steve Jameson August 22, 2010 Agenda Background on COSO ERM Framework How COSO Compares with Other Frameworks The Role of the IIA Questions 2 The COSO ERM Framework Project
More informationEnterprise Risk Management (ERM) Program Primer
Enterprise Risk Management (ERM) Program Primer Updated March 5, 2018 Prepared by Al Turgeon Chief Risk Officer (CRO) For more information about UVM s ERM program, visit www.uvm.edu/~erm Introduction Before
More informationAligning and Integrating ERM and Business Process. Federal ERM Summit September 9, :00-12:00
Aligning and Integrating ERM and Business Process Federal ERM Summit September 9, 2013 11:00-12:00 1 Agenda Defining Risk and ERM The ERM Value Proposition An Integrated ERM Framework Aligning ERM with
More informationEffective Compliance Programs How Does Your Program Measure Up?
Effective Compliance Programs How Does Your Program Measure Up? Maryland Leading Age 2016 Karla Dreisbach, CHC, CHPC Vice President of Compliance, Peace Church Compliance Program What is the compliance
More information2013 COSO Internal Control Framework Update. September 5, 2013
2013 COSO Internal Control Framework Update September 5, 2013 Agenda 2013 COSO IC Framework Topic Minutes The update process 5 What is not changing / What is changing 5 The 17 principles and changes to
More information2013 New COSO 2013 Framework and Current Trends in Risk Management
2013 New COSO 2013 Framework and Current Trends in Risk Management Session 105 IASA 86 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW Agenda COSO 2013 framework Overview Why the update? What has been
More informationAnheuser-Busch Companies, Inc. Audit Committee Charter
Anheuser-Busch Companies, Inc. Audit Committee Charter Overview The Audit Committee of the Board of Directors assists the full Board in fulfilling its oversight responsibilities with respect to assuring
More informationHCCA Audit & Compliance Committee Conference. February 29-March 1, Drivers of ERM. Enterprise Risk Management in Healthcare.
Enterprise Risk Management in Healthcare Deloitte & Touche LLP Heather Hagan, Senior Manager Nancy Perilstein, Senior Manager February 29, 2016 Discussion Items Drivers of Enterprise Risk Management (ERM)
More informationGuidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Audit Committee March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note )
More informationGuidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Audit Committee January 2018 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note
More informationERM Colloquium Session - Risk Management at Cameco. Forward-looking Statement
ERM Colloquium Session - Risk Management at Cameco Brett Welder, P. Eng., EP(EMSLA) Manager, SHEQ Audit April 10, 2013 Presentation to the 2013 AAC Conference Forward-looking Statement Statements made
More informationThe Role of the Chief Risk Office and the Board s Role in Risk Oversight
The Canadian Society of Corporate Secretaries 16th Annual Corporate Governance Conference Banff Springs Hotel Banff, AB August 24 27, 2014 The Role of the Chief Risk Office and the Board s Role in Risk
More informationUPMC POLICY AND PROCEDURE MANUAL. Links to policies referenced within this policy can be found in Section V.
UPMC POLICY AND PROCEDURE MANUAL POLICY: INDEX TITLE: HS-EC1800 Ethics & Compliance SUBJECT: Corporate Ethics & Compliance Program DATE: April 1, 2016 I. STATEMENT OF PURPOSE It is the policy of UPMC to
More informationInternal Audit & the Audit Committee
HCCA Audit & Compliance Committee Conference February 2008 Internal Audit & the Audit Committee Glen C. Mueller, CPA, CIA, CISA, CISM Scripps Health, San Diego, CA VP-Chief Audit & Compliance Executive
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationENTERPRISE RISK MANAGEMENT
ENTERPRISE RISK MANAGEMENT MICHAEL L. SOMICH EXECUTIVE DIRECTOR, OFFICE OF INTERNAL AUDITS AHIA 32 nd Annual Conference August 25-28, 2013 Chicago, Illinois www.ahia.org Organization 2 MANAGEMENT STRUCTURE
More informationCertificate in Enterprise Risk Management
Certificate in Enterprise Risk Management Who should attend? Risk managers Managers and Directors responsible for the risk management function or process Senior Internal Auditors and audit managers Other
More informationRole of Board of Directors in Risk Management. CPA Erick Audi Thursday, 15 th November 2018
Role of Board of Directors in Risk Management Presentation by: CPA Erick Audi Thursday, 15 th November 2018 Uphold public interest Presentation Agenda Introduction & Definitions Legal Provisions/Guidelines
More informationFrom Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance
Sharon Hale and John Argodale May 28, 2015 2 From Dictionary.com Enterprise: A project undertaken or to be undertaken, especially one that is important or difficult or that requires boldness or energy
More informationStrengthening Control and integrity: A Checklist for government Managers
Forum: Analytics and Risk Management Tools for Making Better Decisions Strengthening Control and integrity: A Checklist for government Managers By James A. Bailey The next contribution is based on a Center
More informationEmerging Trends in Auditing ERM COSO ERM 2017
Emerging Trends in Auditing ERM COSO ERM 2017 AGENDA Our Agenda for today will Include; Introducing COSO ERM 2017. Organizational Bias Risk - Aware Culture Risk Portfolio View. Risk Appetite & Tolerance.
More informationExternal Quality Assessment Are You Ready? Institute of Internal Auditors
External Quality Assessment Are You Ready? Institute of Internal Auditors Objectives Describe frameworks used to assess the quality of an IA activity Discuss benefits, challenges, and success factors related
More informationTHE ENTERPRISE AND RISK MANAGEMENT POLICY
Appendix 10 THE ENTERPRISE AND RISK MANAGEMENT POLICY 1. INTRODUCTION The Manila Water Company, Inc. (Manila Water) operates in a regulated and dynamic business environment where uncertainties, both detrimental
More informationDeveloping an Integrated Anti-Fraud, Compliance, and Ethics Program
Developing an Integrated Anti-Fraud, Compliance, and Ethics Program Establishing an Effective Anti-Fraud, Compliance, and Ethics Function 2018 Association of Certified Fraud Examiners, Inc. Discussion
More informationGuidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Board of Directors January 2018 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance
More informationThe Current State of Risk Management Maturity for Belgian Organizations kpmg.com/be
Enterprise Risk Management The Current State of Risk Management Maturity for Belgian Organizations kpmg.com/be 2 Enterprise Risk Management Table of content 1. Introduction...05 2. Takeaways...07 3. Key
More informationCompliance Plan. Introduction to the Complince Plan of the Archdiocese of Indianapolis. John S. (Jay) Mercer
Compliance Plan Introduction to the Complince Plan of the Archdiocese of Indianapolis John S. (Jay) Mercer Overview I. Compliance Background II. Elements of an Effective Compliance Program What is Compliance?
More informationTexas Tech University System
Texas Tech University System October 31, 2017 ERM Overview Evolution of Risk Management Risk Traditional Definition The possibility that something bad or unpleasant will happen. Merriam-Webster Minimizing
More informationVectren/ PHMSA SMS Info Share. WEI April 2018
Vectren/ PHMSA SMS Info Share WEI April 2018 Vectren s Gas Footprint 2 Vectren Energy Delivery of Indiana South 110,000 gas customers Vectren Energy Delivery of Indiana North 570,000 gas customers Vectren
More informationTO MEMBERS OF THE COMMITTEE ON COMPLIANCE AND AUDIT: DISCUSSION ITEM
A3 Office of the President TO MEMBERS OF THE COMMITTEE ON COMPLIANCE AND AUDIT: For Meeting of September 11, 2012 DISCUSSION ITEM RESPONSE TO RECENT HIGHER EDUCATION EVENTS Overview While the release of
More informationRisk Management Policy
Risk Management Policy 2015 Steadfast Group Limited ABN: 98 073 659 677 Risk Management Policy 1 ABN: 98 073 659 677 2013 Steadfast Group Limited Contents 1. INTRODUCTION 2 2. POLICY INTENT 2 3. POLICY
More informationMPAC BOARD OF DIRECTORS MANDATE
MPAC BOARD OF DIRECTORS MANDATE The Municipal Property Assessment Corporation Act is the foundation of the governance model that establishes Municipal Property Assessment Corporation (MPAC) and sets out
More informationCreating a Culture of Compliance Through Effective Program Structure 2012 HCCA Compliance Institute
Creating a Culture of Compliance Through Effective Program Structure 2012 HCCA Compliance Institute Sarah Campbell, Director Al Josephs, Senior Director Ryan Whitehill, Manager Ethics and Compliance Tenet
More informationCOMPLIANCE MANAGEMENT FRAMEWORK FOR VICTORIA UNIVERSITY
COMPLIANCE MANAGEMENT FRAMEWORK FOR VICTORIA UNIVERSITY July 2018 Prepared by: Policy Services (Compliance) Portfolio of the Vice-President (Planning) and Registrar Contents 1. BACKGROUND... 2 2. COMMITMENT
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which
More informationDeveloping an Integrated Anti-Fraud, Compliance, and Ethics Program
Developing an Integrated Anti-Fraud, Compliance, and Ethics Program Monitoring, Assessing, and Remediating the Program 2018 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. How does
More informationPharmaceutical Congress Spring Preconference Symposia Compliance 101 for Pharmaceutical Manufacturers
Pharmaceutical Congress Spring 2003 Preconference Symposia Compliance 101 for Pharmaceutical Manufacturers Michael P. Swiatocha June 8, 2003 Agenda Introductions & Objectives Overview of Industry Practices
More informationFAU COMPLIANCE AND ETHICS PROGRAM
FAU COMPLIANCE AND ETHICS PROGRAM October 2, 2018 I. INTRODUCTION FAU COMPLIANCE AND ETHICS PROGRAM Higher Education is one of the most highly regulated and decentralized industries in the country. At
More informationERM: Risk Maps and Registers. Performing an ISO Risk Assessment
ERM: Risk Maps and Registers Performing an ISO 31000 Risk Assessment Agenda Following a Standard? Framework First Performing a Risk Assessment Assigning Risk Ownership Data Management Questions? Following
More informationTHE FLORIDA INTERNATIONAL UNIVERSITY BOARD OF TRUSTEES AUDIT AND COMPLIANCE COMMITTEE CHARTER
THE FLORIDA INTERNATIONAL UNIVERSITY BOARD OF TRUSTEES AUDIT AND COMPLIANCE COMMITTEE CHARTER 1. Overall Purpose/Objectives The Audit and Compliance Committee ( Committee ) is appointed by the Florida
More informationDon t make the same mistake twice! Avoiding repeat violations of Reliability Standards
Don t make the same mistake twice! Avoiding repeat violations of Reliability Standards 17 November 2010 www.morganlewis.com www.ey.com Welcome to Don t Make the Same Mistake Twice! Avoiding Repeat Violations
More informationOffice of Internal Auditing
Office of Internal Auditing CONTENTS Executive Summary... 4 Introduction... 5 Personnel/Proficiency/Professional Development... 6 Resources - Allocation... 7 FY19 Goals and a Vision for the Road Ahead...
More informationIIA ERM Summit. August 22, 2010
IIA ERM Summit August 22, 2010 Key market drivers have created a perfect storm for risk transformation Trends Challenges Opporties SEC rule changes requiring additional disclosures in proxy and information
More informationClaims Leakage Studies. Does your organization need to complete a Claims Leakage Study?
Claims Leakage Studies Does your organization need to complete a Claims Leakage Study? Best-in-class insurance carriers and claim service providers regularly measure their performance through internal
More information2015 Duke University Compliance Program Standards and Responsibilities
Attachment A2 2015 Duke University Compliance Program Standards and Responsibilities STANDARD 1: Provide policy and procedural guidance to liaisons. Provide recommendations to RCSC and ARCC related to
More informationAre you prepared for this Challenge? The new COSO Enterprise Risk Management Framework
Are you prepared for this Challenge? The new COSO Enterprise Risk Management Framework CAGFO 2018 Conference Winnipeg, MB September 13, 2018; 10:30am Agenda 01 What is being said of ERM today? 02 What
More informationThree Lines of Defense vs. Five Lines of Assurance
Three Lines of Defense vs. Five Lines of Assurance Elevating the Role of the Board and CEO in Risk Governance Tim Leech, Managing Director Risk Oversight Solutions Inc. Lauren Hanlon, Director Risk Oversight
More informationUsing a Compliance Program Assessment for Strategic Impact
SCCE 10th Annual and Ethics Institute Using a Program Assessment for Strategic Impact Laura LaCorte, University of Southern California Andrew Reisman, Ernst & Young LLP September 13, 2011 Overview Goals
More informationCOMPLIANCE MANAGEMENT FRAMEWORK. Conceptual Design Document
COMPLIANCE MANAGEMENT FRAMEWORK Conceptual Design Document 18 February 2013 1. INTRODUCTION & SUMMARY The purpose of the Compliance Management Framework is to ensure the University meets all of its external
More informationERM 101. Casualty Loss Reserve Seminar, Fall /5/ Practical Enterprise Risk Management (ERM) Agenda ERM 101 2
Practical Enterprise Risk Management (ERM) Casualty Loss Reserve Seminar, Fall 2013 Agenda ERM 101 2 Building an effective ERM program 8 Case study 28 Lessons learned 34 Q&A 38 1 Practical Enterprise Risk
More informationWhat is Enterprise Risk Management (ERM)? What the Heck is ERM? Is There an 8 th Element of a Good Compliance Program?
What the Heck is ERM? Is There an 8 th Element of a Good Compliance Program? Kim Otte, Chief Compliance Officer Chris Davies, Regional Compliance Officer, NW Wisconsin Brenda Mickow, Revenue Compliance
More informationACADEMIC DIVISION ENTERPRISE RISK MANAGEMENT (ERM) GARY NIMAX ASSISTANT VICE PRESIDENT FOR COMPLIANCE AND ENTERPRISE RISK MANAGEMENT
Meeting of the Board of Visitors Audit, Compliance and Risk Committee June 12, 2015 ACADEMIC DIVISION ENTERPRISE RISK MANAGEMENT (ERM) GARY NIMAX ASSISTANT VICE PRESIDENT FOR COMPLIANCE AND ENTERPRISE
More informationIntegrating COSO s Fraud Risk Management Guide on an Enterprise Scale
Integrating COSO s Fraud Risk Management Guide on an Enterprise Scale September 15, 2017 Vincent Walden Partner EY Atlanta Delores White Director, Internal Audit Southern Company Scott Hulsey Chief Compliance
More informationSee your auditor clearly. Transparency report: How we perform quality audit engagements
See your auditor clearly. Transparency report: How we perform quality audit engagements February 2014 Table of contents 1) A message from the CEO and Managing Partner Assurance 2 2) Quality control policies
More informationOffice of Human Resources Courage. Compassion. Commitment.
Office of Human Resources Michelle Lamb Moone, SPHR Assistant Vice Chancellor and Chief Human Resources Officer mlmoone@uncg.edu; (336) 334-5167 Agenda for Today 90-Day Assessment The Role of the Human
More informationPresented by Russ Hissom and Carol Arneson
Evidence Standards and Insights for NERC Compliance Audits Presented by Russ Hissom and Carol Arneson Baker Tilly Virchow Krause, LLP March 1, 2010 1 About Baker Tilly Virchow Krause Company Overview Firm
More informationCIRCOR International, Inc. Principles of Corporate Governance
CIRCOR International, Inc. Principles of Corporate Governance Purpose of the Board of Directors The primary role of the Board of Directors is to represent the interests of the Company s shareholders in
More informationSAMPLE Marketing Slides for Building a Compliance Program
SAMPLE Marketing Slides for Building a Compliance Program Compliance Mission A central organization that integrates compliance programs and provides oversight to existing programs to provide a reasonable
More informationVIRGINIA POLYTECHNIC INSTITUTE AND STATE UNIVERSITY COMPLIANCE, AUDIT, AND RISK COMMITTEE OF THE BOARD OF VISITORS COMPLIANCE, AUDIT, AND RISK CHARTER
VIRGINIA POLYTECHNIC INSTITUTE AND STATE UNIVERSITY COMPLIANCE, AUDIT, AND RISK COMMITTEE OF THE BOARD OF VISITORS I. PURPOSE COMPLIANCE, AUDIT, AND RISK CHARTER The primary purpose of the Compliance,
More informationCOSO Internal Control Integrated Framework Public Exposure Feedback Questions, December 2011
March 31, 2012 Response e-mailed to www.ic.coso.org RE: COSO Internal Control Integrated Framework Public Exposure Feedback Questions, December 2011 Dear Sir/Madam: The Institute of Internal Auditors (IIA),
More informationOffice of Compliance, Risk and Ethics Program Report. January 2016 December 2016
Office of Compliance, Risk and Ethics Program Report January 2016 December 2016 Table of Contents Table of Contents Executive Summary... 2 Higher Education Trends in Compliance and Risk Management... 4
More informationEnterprise Risk Management (ERM) How Internal Audit Can Add Great Value
ASSOCIATION OF HEALTHCARE INTERNAL AUDITORS 2009 ANNUAL CONFERENCE Charting a Course for Excellence Enterprise Risk Management (ERM) How Internal Audit Can Add Great Value to Your Organization s ERM Process
More informationInternational Finance Corporation
International Finance Corporation Corporate Governance and Internal Audit Overview Bob Lamm Independent Senior Advisor Center for Corporate Governance Deloitte LLP Neil White Global IA Analytics Leader
More informationISACA. The recognized global leader in IT governance, control, security and assurance
ISACA The recognized global leader in IT governance, control, security and assurance High-level session overview 1. CRISC background information 2. Part I The Big Picture CRISC Background information About
More informationIntroduction to ERM (Enterprise Risk Management)
Introduction to ERM (Enterprise Risk Management) Jonathan Burns Director of Finance for Paramount Health Care since November 2014 Relocated to NW OH from Lexington, KY Prior roles in higher education and
More informationHR and Business Collaboration for Leadership Development Why It Is Important and How to Make It Happen Andrea Derler, Ph.D.
HR and Business Collaboration for Leadership Development Why It Is Important and How to Make It Happen Andrea Derler, Ph.D., Leadership and Succession Research Leader, Bersin by Deloitte, Deloitte Consulting
More informationCITIBANK N.A JORDAN. Governance and Management of Information and Related Technologies Guide
CITIBANK N.A JORDAN Governance and Management of Information and Related Technologies Guide 2018 Table of Contents 1. OVERVIEW... 2 2. Governance of Enterprise IT... 3 3. Principles of Governance of Enterprise
More informationSeven Opportunities for Stronger Info Governance
Seven Opportunities for Stronger Info Governance April 13, 2015 Rita Bowen, MA, RHIA, CHPS, SSGS Sr. Vice President of HIM and Privacy Officer Maria A. Muscarella, RHIA AVP, HIM and Privacy Officer DISCLAIMER:
More information