risk and compliance department business plan

Similar documents
DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015

Human Resources FTE s

Session 7: Corporate Governance

Office of Internal Auditing

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

COMMUNITY LIVING BRITISH COLUMBIA 2015/ /18 SERVICE PLAN

2012 Work Plan PUBLIC WORKS DEPARTMENT PARKING OPERATIONS, MAINTENANCE & DEVELOPMENT 7 COMITÉ DES TRANSPORTS RAPPORT 15 LE 28 MARS 2012

Government Services ACCOUNTABILITY STATEMENT

Annual Report to the Audit Committee Internal Audit Division Work Plan and Activity

The Red (Book) Rocks The Latest and Greatest Audit Standards

2 O 1 4 C O R P O R A T E R E S P O N S I B I L I T Y. Bank s. Stakeholders

TOYOTA FINANCIAL SERVICES (SOUTH AFRICA) LIMITED

Internal Oversight Division. Internal Audit Strategy

2018/ /21 SERVICE PLAN

Internal Audit of Compensation and Benefits

August 14, Dear Ms. Gula:

Practice Guide ASSESSING ORGANIZATIONAL GOVERNANCE IN THE PUBLIC SECTOR

Audit of Human Resources Planning

This is the third and final article in a series on developing

Fraud Risk Management

CHARTER OF THE SONOMA COUNTY INTERNAL AUDIT FUNCTION JANUARY 15, 2013

Conseil des écoles publiques de l Est de l Ontario

EXCITING CAREER OPPORTUNITIES

IPO Readiness. Sarbanes-Oxley Compliance & Other Considerations. Presented by:

Head of Service Job Description

Session 4C: Model Governance: What Could Possibly Go Wrong? (Part I) Moderator: Dwayne Allen Husbands, FSA, MAAA

Executive Director Profile

Internal Communications: MMU Board of Commissioners, General Manager, department managers, department supervisors, utility staff

Human Resources & Risk Manager Class Specification

Ministry of Finance Comptroller General Victoria, BC

Correlation Matrix & Change Summary

Canadian Centre for Occupational Health and Safety

Meeting Stakeholder Expectations for Assurance: Internal Audit s Role in a Group Effort

WORKING WITH THIRD PARTIES POLICY POLICY ADOPTED MARCH 2015, REVISED FEBRUARY 2017

COMMUNITY LIVING BRITISH COLUMBIA 2017/ /20 SERVICE PLAN. February 2017

Conseil scolaire Viamonde (Conseil scolaire de district du Centre Sud-Ouest)

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Job Description: Operations Manager September 2017

Ministry of Education. Conseil scolaire de district catholique Centre-Sud Follow-up Report to the Operational Review

See your auditor clearly. Transparency report: How we perform quality audit engagements

Aboriginal Affairs and Northern Development Canada. Internal Audit Report. Management Practices Audit of the Treaties and Aboriginal Government Sector

Transparency statement for the financial year ended

Moving from ISO/TS 16949:2009 to IATF 16949:2016. Transition Guide

COSO Internal Control Integrated Framework Proposed Update

1.1 Scope and purpose of the Manual Introduction Purpose Authority and responsibility... 2

INTERNAL AUDIT DIVISION REPORT 2017/022. Audit of knowledge and records management at the United Nations Framework Convention on Climate Change

ISO 9001: 2015 Quality Management System Certification. Awareness Training

Advisory Services Governance, Risk & Compliance

Beyond Cost Reduction

Quality Assurance and Improvement Program (QAIP)

Westfield Corporation Slavery and Human Trafficking Statement. Financial Year Ended 31 December 2016

Public Service Commission of Canada

University Internal Audit

AUDITING. Auditing PAGE 1

Independent Validation of the Internal Auditing Self-Assessment

Using the COSO Map. Unpublished Article By Larry Hubbard

University Students Council of the University of Western Ontario BY-LAW #4. AUTHORITY: Council RATIFIED BY: Council DAY MONTH YEAR BY-LAW #4

POSITION DESCRIPTION. JOB TITLE: Director, Corporate Services STATUS: Permanent. LOCATION: Sydney HOURS: 35 hours per week

ISO In 2014 Asset Management System. Benny Mok March 2013

Fiscal Services County Administration Building 300 Monroe Avenue NW, Grand Rapids, MI Phone (616) Fax: (616)

Internal Audit Policy and Procedures Internal Audit Charter

Rules, Procedures, and Internal Controls Manual BRAM Bradesco Asset Management

Enterprise risk management for consumer products companies

Value-Added Internal Audit: Myth or Reality?

Deputy Minister. M unicipal. Legal Services. Director Grants and Programs. Grants & Program Administration. Financial Analysis. Municipal.

Managing Residential Properties Learning Objectives

View Point Health Basics of Supervision Module 5: Performance Management

Directory of Personal Information Banks Public Service Commission

OPPORTUNITY PROFILE. Chief Human Resources Officer

ISO 9001:2015 How your ISO 9001 audit will be different. Whitepaper

Asset management Overview, principles and terminology

ARCHIVED Audit of Risk Management

Adding Value by Proactively Managing Departmental Risks

The City of Kawartha Lakes Public Library

CITY OF VAUGHAN EXTRACT FROM COUNCIL MEETING MINUTES OF JUNE 25, 2013

OUR PEOPLE, OUR STRENGTH

Evaluation, Evaluators, and the American Evaluation Association

Audit of the Management of Projects within Employment and Social Development Canada

VOLUNTEER DEVELOPMENT

Prince William County Public Schools Annual Audit Plan

Risk assessment checklist - Plan and organize

Conseil scolaire de district du Grand Nord de l Ontario

Terms of Reference Audit Consultant UN Women Audit Unit Office of Audit and Investigations

STATE OF NEVADA DEPARTMENT OF PUBLIC SAFETY CAPITOL POLICE DIVISION

Audit and Advisory Services Integrity, Innovation and Quality. Audit of Internal Controls over Financial Reporting

ITIL Intermediate Lifecycle Stream:

SANTANDER GROUP GENERAL POLICY ENVIRONMENTAL MANAGEMENT AND CLIMATE CHANGE POLICY

CORPORATE GOVERNANCE KING III COMPLIANCE

This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.

General Manager Corporate Services (Ongoing, fulltime position based at Head Office)

Assessment of the Design Effectiveness of Entity Level Controls. Office of the Chief Audit Executive

UNIVERSITY OF COLORADO DEPARTMENT OF INTERNAL AUDIT 2018 AUDIT PLAN As of June 1, 2017

Patty Miller, CIA, QIAL, CPA, CRMA, CISA PKMiller Risk Consulting, LLC

Pinellas County Business Technology Services

SPTF Universal Standards for. Social Performance. Management. Version 2.0, Published August 2016

LIVING IN THE REAL WORLD THE LEGAL AND INSURANCE ASPECTS OF SMS

23 CORPORATE ASSET MANAGEMENT POLICY

Proud Heritage, Exciting Future. Communications &Engagement. Strategy. More Than Words: Listening, Understanding, and Delivering

Audit of Entity Level Controls

Public Service Secretariat Business Plan

Transcription:

risk and compliance department business plan 2012-2014

TABLE OF CONTENTS 1. Our Services 1.1 Our Mandate 1.2 Lines of Business 2. Accomplishments 3. Implementing Sustainability 3.1 Strategy 1 3.2 Strategy 2 3.3 Strategy 3 4. The Measures of Our Performance 5. Operating Budget

Message from the DireCTOr It is my pleasure to present to you Risk and Compliance Department s business plan for 2012-2014. Our Department was established in March 2008 to enable the efficient and effective governance of significant risks and related opportunities to the organization and its departments. The Risk and Compliance Department assists the Municipality to accomplish its objectives by bringing a systematic and disciplined approach to evaluate and improve the integrity and effectiveness of the Municipality s systems of risk management and control for governance, management and operational functions. As Director of the Department, I am accountable to enable the corporation to balance risk and reward through the Insurance Services, Compliance and Control, and Enterprise Risk Management (ERM) branches. As we progress through the strategies, actions and initiatives of our 2012-2014 Business Plan, I will guide the Department s activities to ensure alignment with the priorities of the Municipal Development Plan, in particular the priority to Enhance and improve corporate responsibility and governance. A fundamental of good governance is that sound legislation, administrative, monitoring and service delivery systems exist to help establish accountability for results. As a Department, we will delivery strategies, actions and initiatives that support the directions and strategies of the Municipal Development Plan. Our Department strategy to improve corporate identification of and response to operational risk will support the Municipal Development Plan (MDP) strategy to promote effectiveness in service provision. Our strategy to enhance efficiency and effectiveness of business performance will likewise support the MDP strategy to promote the efficient use of resources in service delivery. Lastly, our strategy to develop and promote a systematic governance approach to setting the best course of action which includes the implementation of Enterprise Risk Management, will support the MDP strategy to pursue advanced administrative practices and structures. As we move forward with developing the new branches, I look forward to establishing best practices and high standards of excellence that support not only the MDP, but other Council and corporate priorities in addition to the Municipality s needs and requirements in risk management and compliance. Sincerely, Ralph Timleck, CMA, CIA, CISA Director, Risk and Compliance Department Regional Municipality of Wood Buffalo

1.1 Our Mandate The Risk and Compliance Department will assist the corporation in creating a healthy organization with a strategic focus on resource management and planning for the future. To achieve this we will work towards embedding an organizational enterprise risk management culture throughout the organization. The department will concentrate on effectively assessing and addressing strategic, reputational, operational, financial, and legal or compliance related risks to the Regional Municipality of Wood Buffalo as well as assisting Municipal management in enhancing efficiency and effectiveness of business performance through reviews of business processes and activities of the Municipality.

our SERVICES 1.2 Lines of Business Risk Management (Insurance Services) Improve corporate identification of and response to operational risk. Develop policies and processes to identify, document, insure, monitor and communicate risks. Promote risk awareness and stakeholder roles in operational risk. Compliance and Control Enhance efficiency and effectiveness of business performance. Create mandates, procedures and processes to support the functions of audits in Compliance and Controls Branch Conduct audits in accordance with the annual audit plan Enterprise Risk Management Developing and promote a systemic governance approach to setting the best course of action. Implement Enterprise Risk Management (ERM) as a method to balancing risks with opportunities Develop policies and processes to identify and communicate risks Educate Municipal management team on departmental function and Enterprise Risk Management

ACCOMPLISHMENTS The Risk and Compliance Department continued to evolve in 2011 with the Insurance Services, Compliance & Control and Enterprise Risk Management branches. The Insurance Services branch is now fully staffed allowing their attention to be focused on the ongoing processes and procedures to help provide risk management services to the organization and customer service to our clients. The development and implementation of the intranet and internet pages ensures that our citizens as well as internal clients have the tools to ensure that various stakeholder risks are identified and addressed. The Compliance and Control branch is currently staffed with a Senior Auditor and an Auditor with plans to fill the positions of Manager and another Auditor by the end of 2011. In December 2010 a review of current risk assessment practices across all departments of the municipality was done in preparation of the 2011 Audit Plan. The assessment was based on key areas within the Departmental Business Plans: organizational structures, business objectives, project control, risk management polices and processes including services, staffing need and other resources required to achieve their business objectives. Other areas covered included the Municipality s property management, exposure to potential liabilities in the course of conducting their activities, cost saving opportunities, and sound risk management techniques. Eight audits have been completed to date with more on the horizon. The Enterprise Risk Management branch is in the process of filling the Manager position. In September of 2010 a training session for the ERM Framework was done. The ERM Methodology ISO 31000 was introduced and steps to further educate the organization are ongoing.

implementing SUSTAINABILITY In 2012-2014, the Risk and Compliance Department will support the implementation of the Municipal Development Plan through the delivery of Strategies, Actions and Initiatives that support many areas of the MDP. Some of the key points of alignment between the MDP and the Department s 2012-2014 Business Plan are as follows Municipal Development Plan Strategy Municipal Development Plan Strategy Municipal Development Plan Strategy 6.2.1 Promote effectiveness in service provision 6.2.2 Promote the efficient use of resources in service delivery 6.1.5 Promote Community Safety Strategic plan priority 10 Demonstrate leadership in climate change adaptation and mitigation Strategic plan priority 10 Demonstrate leadership in climate change adaptation and mitigation Strategic plan priority 10 Demonstrate leadership in climate change adaptation and mitigation Risk and Compliance Department 2012-2014 strategy 1 Improve corporate identification of and response to operational risk The Risk and Compliance Department will support the MDP strategy of promoting effectiveness in service provision by improving the Corporation s identification and response to operational risk. Department actions in support of this will include: the development of policies and processes to identify, document, insure, monitor and communicate risks; and the promotion of risk awareness and stakeholder roles in operational risk. Risk and Compliance Department 2012-2014 strategy 2 Enhance efficiency and effectiveness of business performance In 2012-2014, the Department will promote the efficient use of resources in service delivery by creating mandates, procedures and processes to support the functions of audits in Compliance and Controls Branch. By conducting audits in accordance with the annual audit plan, the Department will enhance efficiency and effectiveness of business performance. Risk and Compliance Department 2012-2014 strategy 3 Developing and promote a systematic governance approach to setting the best course of action The Department s strategy to develop and promote a systematic governance approach to setting the best course of action involves the implementation of Enterprise Risk Management (ERM) as an advanced administrative practice. Initiatives in support of ERM will include the development of a Corporate Risk Profile and the establishing of process compatibility with ISO31000.

3.1 Strategy 1 Improve corporate identification of and response to operational risk

action 1.1 Develop policies and processes to identify, document, insure, monitor and communicate risks INITIATIVE 1.1.1 Investigate the possibility of self-insurance of specific assets INITIATIVE 1.1.2 Create a Risk Management Manual INITIATIVE 1.1.3 Create a Claims Manual INITIATIVE 1.1.4 Investigate the possibility of providing physical risk/hazard inspection services to departments action 1.2 Promote risk awareness and stakeholder roles in operational risk INITIATIVE 1.2.1 Create a Risk Management Communication Strategy for external stakeholders INITIATIVE 1.2.2 Develop an internal training plan for municipal employees INITIATIVE 1.2.3 Develop and maintain relationships with internal stakeholders INITIATIVE 1.1.5 Create a Motor Vehicle Usage Risk Management Strategy INITIATIVE 1.1.6 Develop a process for managing evidence of insurance INITIATIVE 1.1.7 Review the Risk Management Policy for required updates

3.2 Strategy 2 Enhance efficiency and effectiveness of business performance

action 2.1 Create mandates, procedures and processes to support the functions of audits in Compliance and Controls Branch INITIATIVE 2.1.1 Develop audit programs, processes and procedures INITIATIVE 2.1.2 Develop required audit templates INITIATIVE 2.1.3 Acquire and implement audit software INITIATIVE 2.1.4 Develop Standard Reporting Plans action 2.2 Conduct audits in accordance with the annual audit plan INITIATIVE 2.2.1 Conduct an Organizational Risk Assessment in conjuction with Enterprise Risk Management INITIATIVE 2.2.2 Develop an audit plan based on organizational risk assessment INITIATIVE 2.2.3 Train staff on specific technical requirements needed to support the yearly audit plan INITIATIVE 2.2.4 Conduct risk and compliance reviews of vendor s processes and projects

3.3 Strategy 3 Develop and promote a systematic governance approach to setting the best course of action

action 3.1 Implement Enterprise Risk Management (ERM) as a method to balancing risks with opportunities. INITIATIVE 3.1.1 Continue with development of the Corporate Risk Profile INITIATIVE 3.1.2 Establishing an Enterprise Risk Management process compatable with the requirements of ISO31000. INITIATIVE 3.1.3 Promote, monitor and guide the practice of Enterprise Risk Management INITIATIVE 3.1.4 Ensure continuous Risk Management learning both in the Department and across the Municipality action 3.2 Develop policies and processes to identify and communicate risks INITIATIVE 3.2.1 Prepare Whistleblower Policy INITIATIVE 3.2.2 Prepare Code of Conduct / Code of Ethics Policy INITIATIVE 3.2.3 Develop and implement Enterprise Risk Management policy INITIATIVE 3.2.4 Research best practices to identify further required policies action 3.3 Educate Municipal management team on departmental function and Enterprise Risk Management INITIATIVE 3.3.1 Develop and implement a communication plan for the department INITIATIVE 3.3.2 Implement Enterprise Risk Management training plans

the measures of OUR PERFORMANCE In 2012-2014, the Risk and Compliance Department will measure the results of programs and activities on an annual basis. These measures will be a combination of output measures and outcome measures. Output measures support budgeting and planning processes by measuring the volume of work, and the demand for our services. Outcome measures based on client satisfaction allow us to determine if our work is meeting the expectations and needs of our internal clientele. The following is a listing of some of our performance measures in 2012-2014. STRATEGY, ACTION OR INITIATIVE PERFORMANCE MEASURE 2 0 1 1 2 0 1 2 2 0 1 3 2 0 1 4 1 Client satisfaction with the Municipality's Securing of insurance for assets TBD TBD TBD TBD 1 Client satisfaction with Claims adjusting services provided by Risk Management Branch TBD TBD TBD TBD 1.1 Number of policies and processes developed to identify, document, insure, monitor and communicate risks TBD TBD TBD TBD 1.2 2 2.1.1 Client satisfaction with Risk and Compliance Department's Promoting business risk identification and awareness Level of agreement with the statement: The overall business performance of the Municipality is effective. (Employee Survey of Internal Department Services) Level of agreement with the statement: The overall business performance of the Municipality is effective. (Employee Survey of Internal Department Services) TBD TBD TBD TBD TBD TBD TBD TBD TBD TBD TBD TBD 2.2 Number of audits conducted TBD TBD TBD TBD 2.2.4 Number of risk and compliance reviews completed TBD TBD TBD TBD

operating BudgET 2009 2010 2011 2011 2012 2013 2014 Actual Actual Budget Projection* Budget Plan Plan REVENUES Taxes - - - - - - - Grants in lieu - taxes - - - - - - - Sales to other Governments - - - - - - - Sales/Goods - Services 639 - - - - - - Other Revenue From Own Services - - - - - - - Sale of Fixed Assets - - - - - - - Conditional Grants - - - - - - - Other Transfers - - - - - - - TOTAL REVENUES 639 - - - - - - EXPENDITURES Salaries, Wages & Benefits 493,495 1,103,547 1,146,898 1,124,505 1,838,267 1,925,839 1,990,767 Contracted & General Services 916,373 1,124,352 2,103,884 2,181,386 2,146,920 2,152,000 2,156,216 Purchases from Government - - - - - - - Materials, Goods, Supplies & Utilities 4,354 10,913 12,500 12,500 11,500 11,845 12,200 Fixed Asset Acquisition - 8,482 4,000 4,000 10,000 10,300 10,609 Transfers & Grants - - - - - - - Financial Services Charges 50 135 200 200 300 309 318 Other Expenditures - - - - - - - TOTAL EXPENDITURES 1,414,272 2,247,429 3,267,482 3,322,591 4,006,987 4,100,293 4,170,111 OPERATING SURPLUS (DEFICIT) (1,413,633) (2,247,429) (3,267,482) (3,322,591) (4,006,987) (4,100,293) (4,170,111) Contribution to Capital - - - - - - - Transfer from Reserve - - - (237,502) - - - Transfer to Reserve - 237,502 - - - - - PAYG - - - - - - - SURPLUS/(DEFICIT) (1,413,633) (2,484,931) (3,267,482) (3,085,089) (4,006,987) (4,100,293) (4,170,111) * Projection as of September 30, 2011 RISK & COMPLIANCE SUMMARY OF REVENUES AND EXPENDITURES

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback