ENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA

Similar documents
Certificate in Enterprise Risk Management

Strategic Risk Management -The Route to Business success

Enterprise Risk Management Course outline

Enterprise Risk Management

B U S I N E S S R I S K M A N A G E M E N T L T D

5 DAY MBA. Certified Enterprise Risk Management

Certificate in Internal Audit 3

Certificate in Internal Audit 3. Advanced Audit Techniques

Risk Management Strategy

IRM s Professional Standards in Risk Management PART 1 Consultation: Functional Standards

Introduction to Risk and Control

29/11/2017. Risk Management Policy

SPECIMEN PAPER. 992 Risk Management in Insurance

Governance Institute of Australia Ltd

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)

COSO ERM: Integrating with Strategy and Performance. Michael Parkinson

RISK MANAGEMENT FRAMEWORK

Enterprise Risk Management: Developing a Model for Organizational Success. White Paper

The Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector

Operational Risk Management Policy

CGEIT Certification Job Practice

Strengthening Your Enterprise Risk Management Process

The Urbis Academy Trust Risk Management Strategy

Sub-section Content. 1 Preliminaries - Post title: Head of Group Risk - Reports to: CRO - Division: xxx - Department: xxx - Location: xxx

Role Profile. Role Details. Grade 4 Business unit. Date produced or updated March 2017

Alarm National Competencies for Risk Managers: A Discussion Document

ADVANCED RISK BASED AUDITING

Strategy, Risk Management & Governance PROUDLY SPONSORED BY

Active Essex Risk Management Strategy

GRM OVERSEAS LIMITED RISK MANAGEMENT POLICY

AUD108. Essential Guide to Internal Auditing - 15 hours

This policy establishes the approach to risk management at Sunshine Coast Council (Council) and outlines the guiding principles and framework.

ICAAP. Engaging the business in risk management. A presentation to FIDE Forum by Penny Fosker. 10 January towerswatson.com

Risk Management Update ISO Overview and Implications for Managers

PRACTICE. Reframing risk BY MARK BUTTERWORTH

CSU Fitting the Pieces Together Risk Conference April 28, André Le Duc Executive Director Enterprise Risk Services University of Oregon

IDENTIFYING MATERIAL ISSUES AND ENGAGING STAKEHOLDERS

Risk Management and Assurance Strategy

AASHTO Guide for Enterprise Risk Management: An Overview. Tim Henkel, Assistant Commissioner, Mn DOT NCHRP Project 08-93

Project Pr Health Checks Check and and Audits Week 8

RISK MANAGEMENT STRATEGY

HEALTH AND SAFETY STRATEGY

Ixion Group Policy & Procedure. Quality & Assurance Framework

Risk Management Policy

3. In addition, it describes the process the Court will use to evaluate the effectiveness of the institution s internal control procedures.

Tutorial: Relationship between internal audit and risk management

THE UK STRATEGY FOR COMPETENCE IN PROCESS SAFETY MANAGEMENT

Gleim CIA Review Updates to Part Edition, 1st Printing June 2018

WILTSHIRE POLICE FORCE POLICY

Statement on Risk Management and Internal Control

WHITE PAPER UNDERSTANDING KEY CONTROL INDICATORS & HOW THEY CAN REDUCE RISK

Risk Management and Corporate Governance

ASSURANCE FRAMEWORK. A framework to assure the Board that it is delivering the best possible service for its citizens SEPTEMBER 2010.

Senior Manager, ERM Regulatory Risk and Compliance

Head of Operational Risk

Northern Ireland Blood Transfusion Service

Business Continuity Management and Resilience Framework

From Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance

RISK MANAGEMENT REPORT

Certificate in Establishing an Internal Audit Function

Contractor Safety Performance -

RISK MANAGEMENT POLICY

KING IV APPLICATION REGISTER. We do it better

Internal audit effectiveness reviews. Working in partnership to help you enhance the quality and effectiveness of your internal audit function

Welsh Government Housing Directorate Regulation

The 9 Characteristics of Successful Multi Academy Trusts. Sir David Carter South West Regional Schools Commissioner July 2015

Advanced Audit Techniques

Translate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.

Code of Governance for Community Housing Cymru s Members (a consultation)

Aligning organisational culture with Enterprise Risk Management

EAST SUSSEX FIRE AUTHORITY Job Description

ABL Information Risk Policy

The future of risk management in your organisation

What Directors Need to Know about Codes of Conduct. Michael Gunns, FCA

CORPORATE GOVERNANCE THEORY, SCOPE AND IMPORTANCE

Enterprise Risk Management From Incentives To Controls

Audit and Risk Management Committee Policy Ecosave Holdings Limited ACN

Annual Governance Statement

AFM Corporate Governance Code

Stress-Testing Frameworks and Techniques in the Banking Industry Donovan Hutchinson

Auckland Transport HS08-01 Safety In Design

The more rarely a procedure is used, e.g. those for plant upsets, emergency response, etc, the more detailed the procedure will need to be.

INFORMATION ACCESS AND RECORDS SPECIALIST

Community Housing Cymru s Code of Governance

From the cube to the rainbow double helix: a risk practitioner s guide to the COSO ERM Frameworks

Significant Service Contracts Framework

Role of Internal Audit

The 10 Characteristics of Successful Multi Academy Trusts

Risk Management Policy and Framework

Fraud Risk Management

Irish Aid. Evaluation Policy

SENIOR INTERNAL AUDITOR

COMPLIANCE MANAGEMENT FRAMEWORK FOR VICTORIA UNIVERSITY

Charter for Enterprise Risk Management

Communication and Engagement Strategy

Meeting Stakeholder Expectations for Assurance: Internal Audit s Role in a Group Effort

Enterprise Risk Management Defined and Explained

INDEX ISO 9000 Fundamentals and Vocabulary ISO 9004 Manage for sustained success

TEMPLATE. Asset Management. Assetivity

Head of Programmes and Performance Improvement

Transcription:

ENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA Chapter 1 Fundamentals of Enterprise Risk Management Risk management has become a vital ingredient in the entrepreneurial culture and is needed to develop, expand and improve business performance. There is clear evidence that good risk management adds considerable value to the business. This chapter introduces risk management, associated roles and responsibilities, and introduces the Risk Management Framework. 1.1 What is risk? 1.2 Why Enterprise Risk management (ERM) is receiving such publicity 1.3 A Brief History of Risk 1.4 Why a formal approach to risk management is vital 1.5 Breaking down the barriers

1.6 Why senior management often do not understand the risks 1.7 Types of risk 1.8 The Role and responsibilities of Directors and managers in relation to risk management 1.9 Why misunderstanding risk can spell disaster 1.10 The link between objectives and risk 1.11 Understanding risk appetite 1.12 The ERM Framework 1.13 Risk and Competitive Advantage 1.14 Risk Averse and risk embracing cultures and the implications Chapter 2 Establishing an Embedded Risk Management Process Management of risk is an integral part of good business practice and quality management. Learning how to manage risk effectively enables managers to improve outcomes by identifying and analysing the wider range of issues and providing a systematic way to make informed decisions. This chapter looks at financial risks and beyond, and at the need to embed the risk management process in the organisation, linking it to strategic planning and gaining top level support. 2.1 Establishing a business risk programme the steps to success 2.2 Surprises and risk 2.3 The need to learn from surprises and mistakes 2.4 Why financial risks are the tip of the iceberg 2.5 The widening of the risk portfolio 2.6 The need to link risk management with strategic planning 2.7 The relationship between vision, values, behaviour and risk 2.8 Getting your Chief Executives support 2.9 Developing a risk strategy 2.10 The benefits to be achieved

Chapter 3 Risk Identification and Evaluation This chapter looks at identifying the risks to which the organisation is exposed. Risk can be categorised in many ways and this module introduces the seven most commonly used categories. Your organisation s risk policy is an important component of your overall approach, providing guidance on the role of risk management and responsibilities. Measuring the potential consequences of risks and prioritising them are activities that will support your risk management initiatives, ensuring that those areas that need to be monitored closely are clearly identified. 3.1 Approaches and techniques 3.2 Agreeing a common risk language 3.3 Developing a risk policy 3.4 How to establish a risk workshop process 3.5 Risk Workshops the do s and the don ts 3.6 Facilitation Skills 3.7 The use of diagnostic questions and thought provokers 3.8 How to identify, sift and group the risks 3.9 Measuring the consequences and likelihood of occurrence 3.10 The use of matrices to prioritise the risks 3.11 Getting Management Support 3.12 People and Process Risks Chapter 4 Risk Mitigation Having identified and evaluated the risks, we come to the most important stage. This is determining how well the risks are being managed. This is usually termed risk mitigation. Each risk needs to be considered and the process, system or methods employed to manage the risk determined. 4.1 Managing risk-the options 4.2 How to assess risk mitigation 4.3 Identification of risk exposures 4.4 Dealing with the exposures 4.5 Establishment of action plans

4.6 Risk Registers the need to coordinate the output 4.7 Flagging Interdependencies 4.8. Risk Treatment Analysis 4.9 Risk Financing 4.10 Risk Management as a route to reducing bureaucracy 4.11 Coordinating assurance under the risk umbrella 4.12 How to use the risk process to break down the cultural barriers 4.13 Measuring the benefits Chapter 5 Dealing with Risks It is important to recognise that the risk process does not sit in isolation. Hopefully objectives will have been considered when beginning the risk identification process. It is equally important to take the output from the risk programme and link it with the business objectives. Depending on the type of risk the comparison will be against either corporate or functional objectives. There is also a range of reporting mechanisms which should be considered to ensure that the organisation deals with the risks effectively. 5.1 Linking Corporate risks into the Strategic planning process 5.2 Linking Operational Risks into the Business planning process 5.3 Risk Owners how to determine such personnel and enforce ownership 5.4 Annual statements by risk owners 5.5 Risk Tracking 5.6 Using the Risk register as a decision skeleton 5.7 Quarterly Board Reporting 5.8 Risk Management Committee Reporting 5.9 Half yearly evaluation of key risks to ensure new risks identified and included 5.10 Reports for Senior Management 5.11 Making risk management second nature 5.12 Keeping up the momentum

Chapter 6 Risk Standards There are a range of standards and policies available on best practice in risk management issued by various risk management bodies and national/international working groups. What do they recommend and how do you determine which ones to apply? 6.1 The explosion of regulation and external assurance 6.2 ISO 31000 6.3 The Australia / New Zealand risk standard 4360 6.4 COSO Standards 6.5 IRM/ALARM risk standard 6.6 Basel 11 6.7 Other standards 6.8 Other legislation and regulation 6.9 How to get through the minefield of advice 6.10 How to decide which standards to apply Chapter 7 Cascading the Process Communication is a key element of risk management, but it is often a weak area in terms of both personal skills and organisational structures. If no-one knows about the results of the risk process, nothing will be done to manage the risk. Who gets the risk register, and who has responsibility for coordinating the process? Where does responsibility sit in the organisation? Changing your organisational culture is the toughest task you will ever take on. Your culture was formed over years of interaction between the participants in the business. You can change your organisational culture to support the accomplishment of your business goals. Changing the culture requires time, commitment, planning and proper execution but it can be done. The risk of not doing so could be dire. 7.1 Stakeholders interest in risk 7.2 Workshops for other management levels 7.3 Risk awareness for staff 7.4 Sharing output with partners

7.5 Evaluating risks within partnerships 7.6 Risk Indicators 7.7 How to identify and reduce excessive controls 7.8 Feeding key risks up the organization 7.9 Coordinating the whole process 7.10 Useful websites and books 7.11 Managing stakeholder expectations 7.12 How to use the programme to change the culture Chapter 8 Risk Management in Practice Risks need to be managed throughout the organisation. There need to be risk management processes in place on projects, but there are other issues where risk management is practiced and needs to be practiced, including Health and Safety, Insurance, IT risks, reputation risks and environmental risk management. 8.1 Project Risk 8.2 Integrating Incident Management 8.3 Business Continuity Planning 8.4 Health and Safety 8.5 Insurance 8.6 IT Risks 8.7 Reputation risks 8.8 Damage by Association partnering and alliances 8.9 Environmental risk management Chapter 9 Corporate Governance and Risk Management Governance is the umbrella that brings together all aspects of assurance. Risk management is one of those aspects (and arguably the most important one). It is crucial for all organisations to consider the effectiveness of the risk

management environment and be satisfied that the annual accounts and other assurance statements properly reflect the risk 9.1 The Increasing importance of Corporate Governance 9.2 Hawkamah research results 9.3 Records of accountability 9.4 Protecting the financial position 9.5 Fulfilment of promises 9.6 External evaluation and the need to manage the process 9.7 Media management 9.8 Crisis management strategy 9.9 Sharing of Values 9.10 Community Risks 9.11 Environmentally responsible sources 9.12 Corporate Social Responsibility 9.13 Customer service 9.14 Management of complaints 9.15 Communication internally and externally 9.16 Carrying out a vulnerability audit 9.17 What does the future hold for risk management? Copyright- Business Risk Management Ltd 2012

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback