The COSO Approach to Enterprise Risk Management

Similar documents
Implementing Authentic Enterprise Risk Management

Enterprise Risk Management 2016

Successful ERM Program Standards. Definitions of Enterprise Risk Management (ERM)

Enterprise Risk Management

Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, :45 p.m. 4:45 p.m.

A Practical Approach to Enterprise Risk Management

The COSO Risk Framework: A reference for internal control? Transition from COSO I to COSO II

Practices in Enterprise Risk Management

Strengthening Your Enterprise Risk Management Process

It s All About Strategy!

From Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance

Gleim CIA Review Updates to Part Edition, 1st Printing June 2018

Gleim CPA Review Updates to Business Environment and Concepts 2018 Edition, 1st Printing March 2018

By the Financial Forensic Investigation Team of the Attorneys Fidelity Fund

METROPOLITAN TRANSPORTATION AUTHORITY

Community Bankers Conference

ISACA CRISC. Certified in Risk and Information Systems Control. Download Full Version :

Introductions. Enterprise Risk Management. Thinus Nienaber. Why are You here? Where are You coming from? Where are You going?

GRM OVERSEAS LIMITED RISK MANAGEMENT POLICY

TRA Internal Audit Fiscal Year 2019 Audit Plan

Enterprise Risk Management

Enterprise Risk Management: Developing a Model for Organizational Success. White Paper

Enterprise Risk Management (ERM) - Impact of 2017 COSO ERM Model

DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015

IT Audit Process Prof. Liang Yao Week Three IT Risk Assessment

Changing Hats: Business Continuity to Operations Risk Manager. Presenter

So You Have Your Baseline Risk Assessment For ERM, What Next? San Antonio IIA I Heart Audit Conference February 2018

In Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015

COSO ERM: Integrating with Strategy and Performance. Michael Parkinson

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)

CGEIT QAE ITEM DEVELOPMENT GUIDE

Enterprise Risk Management Integrated with Strategy & Performance

Compliance Risk Management

Sample Corporate Risk Management Policy

CGEIT ITEM DEVELOPMENT GUIDE

LeiningerCPA, Ltd. RISK MANAGEMENT POLICY STATEMENT

Certificate in Enterprise Risk Management

RISK MANAGEMENT FRAMEWORK

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

The Role of the Chief Risk Office and the Board s Role in Risk Oversight

Guidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.

B U S I N E S S R I S K M A N A G E M E N T L T D

FREQUENTLY ASKED QUESTIONS ABOUT INTERNAL CONTROL OVER FINANCIAL REPORTING

Internal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation

Aligning and Integrating ERM and Business Process. Federal ERM Summit September 9, :00-12:00

Operational Risk what is it? How does BCM Fit?

Pillar 3 Reporting Disclosures

EFFICIENT USE OF AUDIT COMMITTEES

Enhanced Risk Management Policy

Enterprise Risk Management Course outline

10/29/2018. THOUGHTWARE Energy. Enterprise Risk Management for Energy Companies. Brian Matlock, CPA Ken Hirsch Charlie Wright, CPA, CIA, CISA

2012 CliftonLarsonAllen LLP. A Practical & Tactical Approach to. Management (ERM) Cooperatives (NSAC) Jennifer Leary, Partner National Risk Management

Internal Audit Report. Toll Operations: FHWA Reporting TxDOT Office of Internal Audit

RISK MANAGEMENT FRAMEWORK OF THE CGIAR SYSTEM

CRISC Q&As Certified in Risk and Information Systems Control

Risk Management Developing an Effective Audit Plan

Assistance Options to New Applicants and Sponsors in connection with Internal Controls over Financial Reporting

Risk Management Strategy

IT and Enterprise Governance By Michael J. A. Parkinson, CISA, CIA, and Nicholas J. Baker, CPA

Credit Unions of Jamaica Employee Development Programme 2018

Enterprise Risk Management From Incentives To Controls

Standards for Internal Control in New York State Government 2016 Update

MODEL RISK MANAGEMENT

Risk appetite and internal audit

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Risk Assessment - Balancing Risk While Enhancing Controls

Risk Management Culture: The Linkage Between Ethics & Compliance and ERM September 14, 2009

Susan Schmidt Bies: Corporate governance and community banks

RISK MANAGEMENT REPORT

GAIT FOR BUSINESS AND IT RISK

Key Takeaways. Course Requirements. Delegates must meet the following criteria to be eligible for certificate of completion:

Treasury s Leading Role in Enterprise Risk Management

BUSINESS CPA EXAM REVIEW V 3.0. For Exams Scheduled After March 31, 2017

The Board of Directors of Forise International Limited (the Board ) is pleased to present our inaugural Sustainability Report.

Enterprise Risk Management Framework

Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)

SAMPLE BEC SuperfastCPA Review Notes

Enterprise Risk Management. Applying enterprise risk management to environmental, social and governance-related risks.

Asset Acceptance Capital Corp.

APS 330 Remuneration Disclosure

CGMA Competency Framework

Including International Financial Reporting Standards (IFRS)

AUDITING. Auditing PAGE 1

Establishing Enterprise Risk Management in

University of California Risk Services. Enterprise Risk Management Resources

Taking ERM to a. 6 GRC Today / October 2015

Application: All licensed institutions and supervisory personnel

RISK MANAGEMENT REPORT

Figure 1: COSO Enterprise Risk Management Cube

Conversation with Representative Hill A Financial Services Perspective

Fraud Risk Management

Embedding Operational Risk

The Blue Sage Group. Sarbanes-Oxley. 404 Compliance Program. The Blue Sage Group

Fiduciary Responsibility in Higher Education. August 8, 2017 Mark Perry, Cornell University

External Quality Assessment Of The University Of Florida s Office Of Audit & Compliance Review May 2012

International Standards for the Professional Practice of Internal Auditing (Standards)

Comments to be received by 31 January 2008

Transcription:

Bank Enterprise Management May 4 5, 2016 New York City The COSO Approach to Enterprise Management Presented by: Jack R. Salvetti, Principal S.R. Snodgrass, P.C.

About COSO The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a voluntary private sector organization comprised of the following organizations dedicated to guiding executive management and governance participants towards the establishment of more effective, efficient, and ethical business operations on a global basis. American Accounting Association American Institute of Certified Public Accountants Financial Executives International Institute of Management Accountants The Institute of Internal Auditors 2 2

3

Enterprise Management Enterprise Management is a process for the measurement of risk associated with achievement of strategic objectives. The Committee of Sponsoring Organizations The Treadway Commission 4

COSO: Enterprise Management Integrated Framework 5

ERM RISKS The risk to earnings or capital arising from: s Credit Market Liquidity Definitions An obligor's (e.g., borrower or counterparty) failure to meet the terms of any contract or otherwise fail to perform as agreed. Movements in interest rates (repricing risk; basis risk; yield curve risk; options risk). Changes in the value of traded portfolios of financial instruments. The inability to meet obligations when they come due without incurring unacceptable losses. Changes in funding sources or market values. Operational Compliance & Legal Reputational Strategic Inadequate or failed internal processes, people, systems, or external events. Violations of, or nonconformance with, laws, rules, regulations, prescribed practices, internal policies and procedures, or ethical standards. Negative public opinion. Adverse business decisions, improperly implemented business decisions, or lack of responsiveness to industry changes. 6

as a Positive Force Certainly any business decision is about capturing some reward. To capture it, you take certain risks. But the better question is how does the enterprise USE RISK to achieve its strategic, financial and value creation objectives. 7

Balancing & Reward Desired Reward Response Appetite Profile 8

Strategic Planning ERM & Strategic Planning Long Term View Day-to-Day Operations Opportunities People Place Products Market Share Enterprise Management 9

Three Questions Concerning Your Strategy and Business Model Sustainable Scalable Relevant 10

Five Principles of Revenue Growth # 1 # 2 # 3 # 4 # 5 Double-Digit Growth Michael Treacy 11

Balancing & Reward Desired Reward Response Appetite Profile 17

Appetite Statement The aggregate level and types of risk the Board and management are willing to assume to achieve the Bank s strategic objectives and business plan, consistent with applicable capital, liquidity and other regulatory requirements. The statement describes both qualitative and quantitative measures and considerations. OCC Bulletin 18

Appetite Statement Components Introduction The Strategic Planning Process and Plan Summary 3-Year Summary Financial Projection ERM Platform Philosophy Statements by Type Compensation Philosophy Measures of Tolerances Explanation of Key Indicators Capital Capacity Evaluation Qualitative Factors by Type Current and Desired Profile Other 19

Balancing & Reward Desired Reward Response Appetite Profile 20

INHERENT RISK RISK MITIGATION RESIDUAL RISK STRATEGIC FACTORS SIGNIFICANCE (impact) LIKELIHOOD (chance) PEOPLE POLICIES PROCESSES CONTROL SYSTEMS ACCEPT REDUCE SHARE AVOID INCREASE 21

Profile - Assessment Credit Portfolio Composition Underwriting Characteristics Asset Quality Trends External Environment, & Market Conditions Inherent Significance & Likelihood Mitigation Policies, People, Processes and Systems, Control & Monitoring Composite Reflecting the Effects of Mitigation Trends The Direction and Velocity 22

RISK ASSESSMENT MATRIX Sample Bank Area Inherent Mitigation Composite Trend Credit ELEVATED ADEQUATE MODERATE STABLE Market MODERATE ADEQUATE MODERATE STABLE Liquidity MODERATE MARGINAL MODERATE INCREASING Operational ELEVATED ADEQUATE MODERATE STABLE Operational - IT HIGH ADEQUATE ELEVATED INCREASING Compliance & Legal ELEVATED MARGINAL ELEVATED INCREASING Strategic ELEVATED ADEQUATE MODERATE STABLE Reputation MODERATE ADEQUATE MODERATE INCREASING 23

KRI Development Portfolio Yield Emerging External Trends Velocity 27

Balancing & Reward Desired Reward Response Appetite Profile 28

Response Appetite 29

The Fourth Principle of ERM An effective ERM process answers four key questions: 1. Do we understand the risks we are taking across the company (enterprise)? 2. What is the reward? 3. Is the risk acceptable? 4. Is the reward great enough? The Five Enduring Principles of Enterprise Management: J. Salvetti and N. Schell 32

Jack R. Salvetti, CPA President S.R. Snodgrass, A.C. Jack R. Salvetti, CPA S.R. Snodgrass, P.C. Jack R. Salvetti is a Principal with S.R. Snodgrass, P.C., a regional accounting and consulting firm specializing in service to the banking industry. Jack assists banks throughout the United States by formulating successful strategies, improving financial performance, and implementing dynamic enterprise risk management frameworks. Jack is a frequent speaker, writer, and instructor at bank management schools and bank director programs. SRSNODGRASS.COM P:800.580.7738 33

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback