Enterprise Risk Management

Similar documents
Enterprise Risk Management

Using a Compliance Program Assessment for Strategic Impact

ACADEMIC DIVISION ENTERPRISE RISK MANAGEMENT (ERM) GARY NIMAX ASSISTANT VICE PRESIDENT FOR COMPLIANCE AND ENTERPRISE RISK MANAGEMENT

Enterprise Risk Management Program Development Update. Finance & Audit Committee Meeting September 25, 2015

Enterprise Risk Management. Focus on the Future June 2017

FINANCE & BUSINESS AT PENN STATE...

San Francisco Chapter. Presented by Scott Perry - Slalom Consulting

National Defense University. Strategic Plan 2012/2013 to 2017/18 One University Evolution

NEW DIRECTIONS: A Strategic Plan for Piedmont Technical College, CONTENTS. 1. Introduction. 2. Planning Purpose

LI & FUNG LIMITED ANNUAL REPORT 2016

ENTERPRISE RISK MANAGEMENT

Managing Risk In Higher Education. Jeff Mueller, CPA / Ron Bocciardi April 25, 2012

San Jose Evergreen Community College District Strategic Goals 2013 to 2016

Texas Tech University System

STRATEGIC MANAGEMENT CERTIFICATION PREP COURSE

APM Risk SiG Conference 26 th October 2006 Reporting risks to the board

Internal Oversight Division. Internal Audit Strategy

The Ohio State University Human Resources Strategic Plan

Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS.

ITS STRATEGIC PLAN. ITS Strategic Plan

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Indiana Youth Group Strategic Plan

Strategic Plan. The College of New Jersey Information Technology

Richland Community College May 2009

CORROSION MANAGEMENT MATURITY MODEL

Purpose. CSU Benefits. Objective

The University of North Carolina at Chapel Hill Efficiency and Effectiveness Project Scope of Work February 2009

Enterprise Risk Management Defined and Explained

Enterprise Risk Management Plan FY Submitted: April 3, 2017

Making it Happen: How Project Managers Drive Strategic Alignment and Strategy Execution. Jacob Parrish, MPH, PMP Vice President, Systems & Procedures

University Business Classification Scheme

Cloud Computing: HCM SaaS

Executive Summary THE OFFICE OF THE INTERNAL AUDITOR. Internal Audit Update

Management Excluded Job Description

Enterprise Risk Management

Enterprise Risk Management Handbook. June, 2010

Data Authorization and Access: Empowering Faculty and Research Units

Standard Administrative Policy and Procedure

Administrative Review and Restructuring. Objectives and Scope. Board of Trustees

Administrative Review and Restructuring. Objectives and Scope. Board of Trustees

BUSINESS AND FINANCIAL AFFAIRS ASSOCIATE VICE PRESIDENT, BFA

According to Paul Thomlingson, in his book Effectiveness Maintenance, the objectives of a good maintenance function are to:

National Director, World Vision South Africa

Enterprise Risk Management (ERM) How Internal Audit Can Add Great Value

Institutional Three-Year Strategic Plan

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)

Strategic Plan

2018 SPHR. Exam Content Outline CERTIFICATIONS IN HUMAN RESOURCES. SPHR Senior Professional in Human Resources

RISK MANAGEMENT REPORT

IRM s Professional Standards in Risk Management PART 1 Consultation: Functional Standards

BRITISH COLUMBIA INSTITUTE OF TECHNOLOGY

This report can be found on CNSC s website at:

Advancement Framework Planning

Executive Summary. Exhibit 1- Streamlined communication to the Board of Directors

California Resources Corporation. Health, Safety & Environmental Management System

B U S I N E S S R I S K M A N A G E M E N T L T D

INFORMATION TECHNOLOGY SERVICES. KEY PRIORITIES for CSU Information Technology In support of Graduation Initiative 2025

Approve Revised Timeline and Budget for HR/Payroll Modernization Program

ICMI PROFESSIONAL CERTIFICATION

Process for University Strategic Planning Examples

Enterprise Risk Management Implementation Foundations and Reflections of a University Chief Risk Officer at the Five Year Milestone

4/10/2014. Developing an HR Strategic Plan A Step by Step Approach. Agenda. By a Show of Hands: The HR Strategic Plan. Critical Success Factors

Goal 1: Prepare Students for Leading Roles in an Innovation-driven Economy and Global Society

Survey of Institutional Practices to Promote College-wide Web Accessibility

ETA Sector Strategies Technical Assistance Initiative Self-Assessment Pilot Tool 2.0

BACKGROUND KEY FINDINGS

Self-Assessment for the CoSN Certified Education Technology Leader (CETL ) Certification Exam

Enterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach. SCCE s Higher Education Compliance Conference

Operational Plan

Risk Appetite Statement

QUICK FACTS. Delivering a Managed Services Solution to Satisfy Exponential Business Growth TEKSYSTEMS GLOBAL SERVICES CUSTOMER SUCCESS STORIES

Target Evaluation Date. Associate Superintendent, Instruction and Institutional Effectiveness

AEC Corporate Governance Framework

Charter for Enterprise Risk Management

BAYLOR UNIVERSITY REPORT OF EXTERNAL AND INDEPENDENT REVIEW RECOMMENDATIONS. Take swift and certain action consistent with these recommendations.

Role of Board of Directors in Risk Management. CPA Erick Audi Thursday, 15 th November 2018

Key essential skills are: Continuous Learning, Oral Communication, Problem Solving, Reading Text and Writing. Level 1. Level 2

WFP s 2018 enterprise risk management policy

Securing Intel s External Online Presence

Students First Administrative Planning PRESENTATION OF SAMPLE DRAFT PLANNING TEAM RECOMMENDATIONS OCTOBER 19, 2017

Example Approach To Non-Profit Organizations. ExeComp Solutions Compensation Advisory Services May 2014

Board of Trustees Committee Charters

How it works: Questions from the OCAT 2.0

Creating & Sustaining a University-wide Integrated Marketing Culture. Dec. 6, 2012 (Webinar)

Leveraging Internal Audit and Corporate Compliance for Effective Risk Management

Office of Technology Services IT Strategy

Strategic Plan

VICE PRESIDENT ENROLLMENT, MARKETING and COLLEGE COMMUNICATIONS POSITION SUMMARY

Key Strategic Planning Questions

Association for Collaborative Leadership (ACL) Checklist and Key Performance Indicators for Consortia

2014 Enterprise Risk Management (ERM) Risk Assessment Results ERM Risk Assessment Results and Reporting

Risk Management Developing an Effective Audit Plan

General Manager People and Culture

To provide an update on the progress of the HR/Payroll Modernization program since the May 2016 Board of Regents meeting.

VICE CHANCELLOR, HUMAN RESOURCES AND EMPLOYEE RELATIONS

CLEMSON UNIVERSITY UNIVERSITY RELATIONS

Request for Proposal Strategic Planning Consultant. Proposals will be received until: August 6, :00 PM CST

Enterprise Risk Management Assessment Results

A Strategic Plan for the University of Wyoming Office of General Counsel

Business Capabilities Definitions

Transcription:

Compliance, Audit, Risk Management and Legal Affairs Committee Enterprise Risk Management Higher Education Scorecards, Performance Based Metrics, and Faculty Compensation Alan D. Phillips Vice President for Administration and Finance Northern Illinois University August 27, 2015 1

What is Risk Management? Enterprise risk management (ERM) is an enterprise-wide continuous process that enables an enterprise to pursue its strategic mission while identifying, controlling and mitigating risks. ERM is a tool that combines compliance and control with strategic decision-making. 2

Why is ERM Important. ERM brings value by: Proactively identifying, assessing, and prioritizing material risks. Developing and deploying effective mitigation strategies. Aligning with strategic objectives and administrative processes. Embedding key components into the organization s culture Risk ownership, governance, and oversight Reporting and communications Leveraging technology and tools 3

Issues Prompting Discussion of Risks Audit findings Business Continuity Planning Construction Projects Crisis Response Drills Cyber Security Enrollment Declines Financial Underperformance High Profile Event Legal/Regulatory Compliance New Academic Programs Litigation Reputation Issue Research/Healthcare Staff Reduction Student Health/Safety State Budget Cuts Tuition Increases 4

Higher education Enterprise risk inventory 1 Students Faculty Teaching and Student Life Alumni External Stakeholders Student satisfaction/preferences Inter-class relations Housing Athletics Admissions policy Recruitment Retention Greek life/student life Student welfare Student judiciary Attract and retain faculty Tenure policies Curricula/program design Research & development Intellectual property Fraudulent research Fraudulent credentials Alumni relations Endowment Donations Research & development programs Athletic rankings Corporate/institutional alliances Community outreach Endowment Donations Brand/reputation Academic rankings Human Capital Employment practices Faculty/tenure succession planning Performance incentives Employee stress/ burnout Compensation Unionization Workforce productivity Hiring and retention Finance Tuition rates/ tuition stability Cost of capital/ interest rate fluctuations Expansion capital Pension fund Claim reserve liability Risk financing Litigation Endowment Integrity Conflict of interest Employee fraud Ethical decisionmaking Illegal acts Management fraud Third party fraud Unauthorized acts Process Athletics Business interruption Field courses Student activities Faculty bookings Infrastructural renewal and capacity Regulatory compliance Failure to educate Vendor alliances Licensing Contract commitment Strategy Reputation/ branding Marketing Foreign expansion Admissions policy Product and delivery model Outsourcing Corporate/ institutional alliances Planning Intellectual property Resource allocation Technology transfer Information Technology Access Availability Privacy Technological capacity Data integrity e-commerce Infrastructure Internet security Relevance Reliability Environmental Health/Safety Environmental compliance Visitors and contractors Illness/injury to faculty, students or staff Natural hazards Campus security Special events Student/faculty travel External Demographics Competition Economy Social responsibility 1 This inventory does not capture the risks associated with a university medical center Copyright 2006 Mercer Oliver Wyman NYC-MOW171ERC-027 5 16

ERM Goals and Objectives 1. Create a culture of risk awareness where all employees understand and consider risk in decision making. 2. Reduce operational surprises and losses. 3. Increase capacity to identify and seize opportunities by facilitating greater transparency and openness regarding risk. 4. Enhance institutional decision making by providing senior management and trustees with timely and robust information that improves their understanding of enterprise level risks and opportunities. 5. Improve the efficiency and effectiveness of institutional risk management efforts. 6

NIU ERM Proposal Requirements Conduct an overview of state of the art ERM practices for major NIU stakeholder groups to provide them with a common knowledge base from which to launch comprehensive risk assessments and thereafter maintain a robust on-going ERM program; Recommend a sustainable methodology and tools to enhance and supplement current risk assessment efforts; Explain options for and assist NIU in developing governance, oversight, and operational structures (including subject area work groups) with clear and appropriately focused roles and responsibilities at each level of oversight; Assist University personnel in learning and utilizing a high risk discovery methodology and tools to identify, evaluate, rate and prioritize risk (e.g., heat maps, risk rankings) After identifying key risks, assist the President and Senior Leadership in determining: risks that require monitoring; risk tolerance; opportunities for transferring risk; the allocation of risk ownership and accountability; the need for specific polies and processes to manage risks and disasters or crises; plan to mitigate risk; development of a formal annual schedule for reviewing, monitoring, and re-assessing risks; a protocol to report risk management activities to the Board of Trustees; 7

NIU ERM Proposal Requirements Identify staffing and other resource requirements for the on-going day-to-day activities needed to support an ERM program. The necessary information, tools and skills to empower University leadership and staff to successfully perform the ERM activities; Instruct and work with University s team and representatives; Identify all known and other potentially serious risk exposures; assist stakeholders in completing an initial University-wide risk assessment and then identifying challenges, opportunities, and situations in which preparedness is critical to provide to improve the University s risk/control environment; Evaluate mitigation strategies; Develop policy and procedures; Identify blind spots or other unanticipated risks that might not yet have come to the attention of leaders; Integrate blind spots into a comprehensive University-wide risk assessment; 8

Options for Consideration Do not undertake an ERM process at this time Vendor In-House In-House with limited consultation 9

Option 1: NO ERM Pros: Keeps focus on issues that are important now Allows time to consider future options Retains resources (people, money, time) for other uses Cons: Leaves in place a siloed approach to risk Delays implementation of mitigation and control measures Leaves leadership and the board without a comprehensive view of enterprise-wide risk 10

Option 2: Vendor Pros: Outside expertise Big picture understanding of the issues Experience from other institutions Cons: Cost Limited time and resources for information gathering Limited understanding of our institutional culture Generic approach No capacity for long-term follow up 11

Option 3: In-House Pros: Resident expertise Knowledge of our institutional culture More time/longer process permits better information collection, ability to work through matters in greater depth, capacity for long-term follow up Lower Cost Cons: Limited perspective Limited comparative knowledge in higher education sector Lack of perceived authority that often comes with outside expertise 12

Option 4: In-House with Limited Consultation Pros: Outside Expertise Comparative Knowledge Wider range of perspectives, knowledge bases Ability to draw from consultants (e.g., Marsh), practitioners (DeKalb Fire Dept), experts on other campuses, professional societies (Society for College and University Planning(SCUP)) Limited and controllable costs Cons: Need for strong coordination Higher transactional costs More variation in approach 13

Vendor Plan and Timeframe Key Project Activities Plan and Understand Project Gather and Analyze Risk Information via Interviews & Surveys Prepare Workshop Materials Facilitate Assessment Workshop Develop Assessment Report and Recommendations Deep Dives in 2-3 risk areas Ongoing Coaching and Support during the project period Timeframe: 3-4 Months 14

In-House Plan and Timeframe Project Phases (with or without external consulting assistance) Phase I: Identify strategic objectives Phase II: Identify operational controls and risks factors by functional areas Phase III: Assess risks and match with current risk management controls Phase IV: Identify key risk factors, interactions among risk factors and priorities Phase V: Design specific risk management action plans for control, mitigation, and timelines for each risk area, and identify resource needs for implementation Phase VI: Communicate resource needs and proposed action plans and timelines to the Board, the President and key decision-makers Phase VII: Design dashboards and set timelines to monitor progress Timeframe: 4-6 months 15

QUESTIONS? 16

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback