POLICY ON RISK MANAGEMENT

Similar documents
National Policy Corporate Governance Principles. Table of Contents

Corporate Risk Management Audit

Risk Management at Statistics Canada

Enhanced Risk Management Policy

Her Majesty the Queen in Right of Canada, represented by the President of the Treasury Board, 2011 Catalogue No. BT22-89/2012E-PDF ISBN

TERMS OF REFERENCE & PROFILE: Director of the Board DATE: January 2018

BOARD POLICY I - VISION, MISSION & STRATEGIC OBJECTIVES

Active Essex Risk Management Strategy

AUDIT REPORT NOVEMBER

Code of Governance for Community Housing Cymru s Members (a consultation)

Risk Management and Assurance Strategy

This policy establishes the approach to risk management at Sunshine Coast Council (Council) and outlines the guiding principles and framework.

Risk Management Strategy

Durham College Policy and Procedure

Director Training and Qualifications

AUDIT COMMITTEE HANDBOOK

NACCHO GOVERNANCE CODE: NATIONAL PRINCIPLES AND GUIDELINES FOR GOOD GOVERNANCE

CHAPTER 3 - ELEMENTS OF A COMPREHENSIVE SAFETY, HEALTH AND ENVIRONMENTAL MANAGEMENT PROGRAM

Increasing the Intensity and Effectiveness of Supervision

TRUST GOVERNANCE POLICY (formerly referenced as the CMFT Governance Strategy) - UPDATED NOVEMBER

POSITION PROFILE FOR THE CHIEF OF THE WINNIPEG POLICE SERVICE. Last updated October, 2015

This policy was approved by the Board of Trustees on December 11, 2012

Sample Corporate Risk Management Policy

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

Guidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.

Guidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.

This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.

E D M O N T O N ADMINISTRATIVE PROCEDURE

RISK MANAGEMENT POLICY

Contents. Contents 1 Executive Summary 2 What We Examined 2 Why It's Important 2 What We Found 2 Special Examination Opinion 4

Alberta Energy Regulator Mandate and Roles Document

VALUES AND ETHICS CODE

Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS.

Fraud Risk Management

Board Corporate Governance and Risk Committee

Policy (Board Approved)

Canada. Internal Audit Charter 1+1. Canadian Nuclear Safety Commission. Office of Audit and Ethics. April 18, 2011

GOVERNANCE POLICY. This governance policy has been developed to provide the framework from which the

Operational Risk Management Policy

Key Risks and Risk Based Management Update

Work Health and Safety

INVESTMENT INDUSTRY REGULATORY ORGANIZATION OF CANADA ( IIROC ) BOARD CHARTER

UN-HABITAT ENTERPRISE RISK MANAGEMENT IMPLEMENTATION GUIDELINES

Health and Safety Management System Review Form

Sample Strategy and Value Oversight Policy

KING IV GOVERNANCE PRINCIPLES APPLICATION BY MURRAY & ROBERTS FY The governing body should lead ethically and effectively (Leadership)

TRANS HEX GROUP LIMITED REGISTER OF APPLICATION OF THE KING IV PRINCIPLES

Community Housing Cymru s Code of Governance

Risk Management Strategy

DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015

INTEGRITY MANAGEMENT CONTINUOUS IMPROVEMENT. Foundation for an Effective Safety Culture

Federal Policy for Emergency Management BUILDING A SAFE AND RESILIENT CANADA

Corporate Risk Profile. National Film Board of Canada

ISO INTERNATIONAL STANDARD. Risk management Principles and guidelines. Management du risque Principes et lignes directrices

THE WORKERS COMPENSATION BOARD OF MANITOBA BOARD OF DIRECTORS GOVERNANCE MANUAL

ISLE OF MAN FINANCIAL SERVICES AUTHORITY STRATEGIC PL AN

Texas Tech University System

REPORT 2015/077 INTERNAL AUDIT DIVISION

Chair all meetings of the Board of Directors and shareholders;

Corporate Governance Principles 2015

SAFETY, ENVIRONMENTAL AND SOCIAL RESPONSIBILITY POLICY

CHIEF EXECUTIVE OFFICER TERMS OF REFERENCE

Horizontal audit of the Public Services and Procurement Canada investigation management accountability framework

Manager VIP Transport

Board Policy 1 Division Foundation Statements

Terms of Reference for the Board of Directors

STATEMENT ON RISK MANAGEMENT AND INTERNAL CONTROL

BEST PRACTICE GUIDELINES. BC Governance and Disclosure. Guidelines for Governing Boards. of Public Sector Organizations

NOGDAWINDAMIN FAMILY AND COMMUNITY SERVICES

CORPORATE GOVERNANCE GUIDELINES

Risk Management Policy and Framework

INTERNAL AUDIT OF PROCUREMENT AND CONTRACTING

SENIOR MANAGEMENT ASSESSMENT CRITERIA1

International Standards for the Professional Practice of Internal Auditing (Standards)

Executive Director Position Profile

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program

Audit of Business Continuity Planning (BCP) Audit and Evaluation Branch

COLLEGE OF PHYSICIANS AND SURGEONS OF ONTARIO GOVERNANCE PROCESS MANUAL

Manager Ministerial Resourcing

BOM / BSD 7 /April 2001 BANK OF MAURITIUS. Guideline on Corporate Governance

St Francis Social Services

2 nd Healthcare Governance Conference: Promoting and Enhancing Board Leadership ROLES AND RESPONSIBILITIES OF THE BOARD OF DIRECTORS

Indigenous and Northern Affairs Canada (INAC) National On-reserve Emergency Management Plan

TERMS OF REFERENCE FOR THE CHAIRPERSON Approved by the Board of Directors on June 7, 2018

Open Government Committee Terms of Reference

AFN FNIHB Engagement Protocol AFN-FNIHB ENGAGEMENT 1 PROTOCOL

MANAGING RISK AT SUNCORP

ANNUAL EVALUATION OF THE DIRECTOR OF EDUCATION

Audit of Corporate Information Management

Ministry of Public Safety and Solicitor General Assistant Deputy Minister, Police Services

Statement on Risk Management and Internal Control

Making Trust an Organizational Capability

DIGGING DEEPER. CEO Guide to Risk. Take a closer look. Detailed questions to assess the effectiveness of your health and safety risk management

TEACHERS RETIREMENT BOARD. AUDITS AND RISK MANAGEMENT COMMITTEE Item Number: 9 SUBJECT: Scope and Structure of the Enterprise Compliance Program

TORONTO COMMUNITY HOUSING CORPORATION CHARTER OF THE BOARD OF DIRECTORS

Self Assessment Workbook

Assessment of the Design Effectiveness of Entity Level Controls. Office of the Chief Audit Executive

GOVERNMENT OF YUKON POLICY 1.13 GENERAL ADMINISTRATION MANUAL

The anglo american Safety way. Safety Management System Standards

Our vision is: New Zealand values the wellbeing of tamariki above all else.

Transcription:

POLICY ON RISK MANAGEMENT This Policy was approved by the Board of Trustees on March 14, 2017.

Table of Contents 1. INTRODUCTION... 1 2. OBJECTIVE... 1 3. APPLICATION... 1 4. POLICY... 1 5. ROLES AND RESPONSIBILITIES... 3 6. INQUIRIES... 4 APPENDIX: DEFINITIONS... 5

1. INTRODUCTION The National Gallery of Canada (NGC or the Gallery) continually improves the way it delivers programs and services to Canadians. Its management regime fosters flexibility, seeks opportunities and focuses on results. Integral to such a regime is awareness and application of risk management principles and practices. Risk, defined as the effect of uncertainty on objectives, is inherent to all administrative and business activities. Risk management is defined as a systematic approach to setting the best course of action under uncertainty by identifying, assessing, understanding, making decisions on and communicating risks. The Gallery considers risk management as fundamental to effective corporate governance and to the achievement of its strategic and operational objectives. Its approach to risk management supports the fulfillment of the Gallery s mandate as set forth in the Museums Act and allows the institution to respond proactively to change and uncertainty. In the broadest sense, effective risk management ensures the successful continuity of the Gallery s operations. 2. OBJECTIVE This Policy formally acknowledges the Gallery s commitment to effective risk management. It seeks to raise the level of confidence and capacity of all those concerned in identifying and managing risks. In particular, it aims to ensure that every effort is made to manage risks appropriately, to maximize potential opportunities and to minimize the adverse effects of potential hazards. 3. APPLICATION Effective risk management relies on the commitment and co-operation of all internal stakeholders. Consequently, this Policy applies to the members of the Board of Trustees, all staff, interns, fellows and volunteers. Contractors and service providers working onsite, are encouraged to adhere to the spirit of this Policy. 4. POLICY 4.1 Policy Statement The Gallery will have in place sound risk management practices in order to protect visitors, human and financial resources, and safeguard the collection as well as physical and digital assets. As a minimum, the Gallery will: a. Develop triennially a Corporate Risk Profile and the Risk Based Internal Audit Plan; b. Review risks and update the Corporate Risk Register annually; c. Evaluate controls in place, identify risk-mitigating strategies, and prioritize key strategic risks; NGC Policy on Risk Management Page 1

d. Assign risk owners and monitor key strategic risks at the senior management level on a regular basis; e. Report key strategic risks to the Board of Trustees, and to the Minister and the Treasury Board via the Gallery s Corporate Plan; and f. Educate, as appropriate, to promote effective risk management culture at the Gallery. 4.2 Risk Management Approach The Gallery s approach to risk management will: a. Support those government-wide policies and priorities that apply to the Gallery, while maintaining public confidence, partner and stakeholder interests; b. Be tailored and responsive to the Gallery s external and internal context, including: its mandate; strategic priorities as set by the Board of Trustees; organizational risk culture and risk management capacity; c. Add value as a key component of decision-making, business planning, resource allocation and operational management; d. Strike a balance between established controls and flexibility and innovation to support improving performance and outcomes; e. Be transparent, inclusive, systematic and integrated with strategic planning; and f. Assist in the continuous improvement of the risk management culture across the organization. In managing risk, the Gallery will recognize, and mitigate, to an acceptable level, significant risks in the course of achieving its strategic and operational goals. Throughout the management practices, risk management decisions, including emergency response measures, will be guided by the priority of: 1. People, 2. Collection, 3. Information, and 4. Material property. The Gallery will minimize, contain costs and limit impact of harmful events or damaging incidents arising from risks. In case of risks that materialize, as appropriate, the Gallery will provide for adequate and timely compensation, restoration and recovery. The assessment of risk forms an integral part of the risk management approach, which, at the Gallery, is based on risk awareness and prevention rather than reaction and remedy. Corporate-wide risks that may impede the achievement of the mandate and/or Gallery strategiclevel objectives will be included in the Corporate Risk Register and, when appropriate, identified in the Gallery s Corporate Plan. The Gallery will have in place a Business Continuity Plan to respond effectively to threats, protect life, reduce exposure of critical assets, control loss if assets are exposed, and restore normal operations as quickly as possible. NGC Policy on Risk Management Page 2

5. ROLES AND RESPONSIBILITIES The following sections describe roles in effective risk management at the Gallery. 5.1 Board of Trustees Under the Museums Act, the Board of Trustees (the Board) is responsible for the fulfilment of the purposes and management of the business, activities and affairs of the museum. In this role, the Board exercises its oversight to ensure that risks are adequately and effectively managed at the Gallery. The approval of the Corporate Risk Profile and the Risk Based Internal Audit Plan, and ensuring that strategic level risks and their risk-mitigating strategies are identified in the Gallery s Corporate Plan, are key components of this responsibility. 5.2 Director and CEO The Gallery s Director and Chief Executive Officer (CEO) ensures that risk management principles and practices (whether formal or informal) are understood and integrated into the Gallery s management processes, programs and activities. To that end, the Director and CEO takes, and encourages others to take, a risk-informed approach to decisions. The Director and CEO is also responsible for considering and monitoring risks that may arise when partnering with organizations within and external to the public sector. This includes ensuring that issues affecting the Gallery, whether identified through risk assessments or internal and external monitoring, are examined, reviewed and addressed effectively. In addition, the Director and CEO plays an important role in creating a learning environment that promotes continuous improvement in risk management competencies and capacity within the Gallery. Through his/her leadership, the Director and CEO fosters a risk-informed organizational culture that enables dialogue on risk tolerance, focuses on results and facilitates the consideration of both opportunity and innovation. 5.3 Senior Management Committee The Senior Management Committee (SMC): a. Supports the Director and CEO in communicating and promoting an organizational culture that embraces the management of risk as an integral part of all activities; b. Ensures that risks to achieving planned objectives and initiatives are identified and assessed, and that appropriate risk-mitigating responses/strategies are articulated as those initiatives/ projects are considered; c. Ensures that strategic level risks are monitored and regularly discussed at the SMC meetings; d. Provides clear direction on acceptable levels of risk and on expected risk-mitigating actions; and e. Ensures that the Gallery has in place the resources to identify, assess, eliminate, minimize or contain risks across the organization. 5.4 Chief, Strategic Planning and Risk Management Under the direction of the Director, Corporate Secretariat and Ministerial Liaison, the Chief, NGC Policy on Risk Management Page 3

Strategic Planning and Risk Management supports the Board of Trustees and SMC in their risk management efforts. The Chief oversees implementation of risk management principles at the Gallery by coordinating activities such as periodic risk assessments and the development of Corporate Risk Profiles and Risk Based Internal Audit Plans. With respect to internal audit, the Director, Corporate Secretariat and Ministerial Liaison and Chief, Strategic Planning and Risk Management report directly to the Board s Audit and Finance Committee, acting independently of management in reviewing internal controls, governance and management practices. 5.5 Senior Curators and Chiefs Senior Curators and Chiefs are responsible for identifying operational-level risks associated with programs, services, projects and other activities within their purview, and for integrating risk management practices into their planning, organizing, monitoring and reporting activities. 5.6 All Staff The Gallery Staff, Interns, Fellows and Volunteers have a significant role in the management of risk, particularly within their own areas of control. Each person will identify and communicate to their supervisor any risks - real or perceived - which they observe or that were brought to their attention. 6. INQUIRIES Questions related to interpretation of this Policy should be directed to Chief, Strategic Planning and Risk Management. REFERENCES: Museums Act NGC Corporate Risk Profile NGC Risk Based Internal Audit Pan TBS Risk Management Framework NGC Policy on Risk Management Page 4

APPENDIX: DEFINITIONS Impact potential effect that the event would have on the organization if it occurred. Integrated risk management - a continuous, proactive and systematic process to understand, manage and communicate risk from an organization-wide perspective. Integrated risk management supports strategic decision-making and contributes to the achievement of an organization's overall objectives. Likelihood - probability of the event occurring. Opportunity - a time, condition, event, or set of circumstances permitting, or favourable, to a particular action or purpose. Risk - refers to the effect of uncertainty on objectives. It can be characterized as one having a positive or a negative aspect. A positive aspect of risk is commonly referred to as an opportunity, which if not embarked on, could potentially slow down/impede the achievement of strategic objectives. A negative aspect of risk is usually referred to as threat, which, if materialized, may adversely affect the organization or its major activities and processes. Risk culture - refers to the attitudes and behaviours found within an organization that are associated with risk management. This includes elements such as whether an organization views risk management as an inherent part of good decision-making, or simply as a reporting requirement; whether an organization tends to be risk averse, or views risks as including potential opportunities; and whether risk management is embedded at all levels of an organization, or is a top-down process only. Risk-informed approach to management - builds risk management into existing governance and organizational structures, including business planning, decision-making and operational processes. It also ensures that the workplace has the capacity and tools to be innovative while protecting the public interest and maintaining public trust. Risk management - a systematic approach to setting the best course of action under uncertainty by identifying, assessing, understanding, making decisions on and communicating risk issues. Risk response - refers to the continuum of measures of risk mitigation or control that are developed and implemented to address an identified risk. Risk tolerance - the willingness of an organization to accept or reject a given level of residual risk (exposure). Risk tolerance may differ across the organization, but must be clearly understood by the individuals making risk-related decisions on a given issue. Clarity on risk tolerance at all levels of the organization is necessary to support risk-informed decision-making and foster risk-informed approaches. Uncertainty - the state, even partial, of deficiency of information related to understanding or knowledge of an event, its consequence, or likelihood. NGC Policy on Risk Management Page 5

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback