Enterprise Risk Management Montana State Fund

Similar documents
Enterprise Risk Management

Aligning and Integrating ERM and Business Process. Federal ERM Summit September 9, :00-12:00

Sample Corporate Risk Management Policy

COSO ERM: Integrating with Strategy and Performance. Michael Parkinson

From Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance

Enterprise Risk Management Defined and Explained

IRM s Professional Standards in Risk Management PART 1 Consultation: Functional Standards

HCCA Audit & Compliance Committee Conference. February 29-March 1, Drivers of ERM. Enterprise Risk Management in Healthcare.

Risk Management at Statistics Canada

Risk Advisory Services Developing your organisation s governance for competitive advantage

Risk Management Guidelines of the CGIAR System

ISACA Systems Implementation Assurance February 2009

A Strategic Approach to Bank Fraud

Gleim CIA Review Updates to Part Edition, 1st Printing June 2018

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)

It s All About Strategy!

San Francisco Chapter. Presented by Scott Perry - Slalom Consulting

ERM: Risk Maps and Registers. Performing an ISO Risk Assessment

Citizens Property Insurance Corporation Business Continuity Framework

Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, :45 p.m. 4:45 p.m.

Performance Risk Management Jonathan Blackmore, May 2013

Strengthening Your Enterprise Risk Management Process

A Vision of an ISO Compliant Company by Bruce Hawkins, MRG, Inc.

Compliance Plan. Introduction to the Complince Plan of the Archdiocese of Indianapolis. John S. (Jay) Mercer

RISK MANAGEMENT STRATEGY AND POLICY

Sample Strategy and Value Oversight Policy

Risk Management in the 21 st Century Ameren Business Risk Management

Enhanced Risk Management Policy

Executive Teams and the Use of ISO in Decision Making. Scott Wightman, ARM-E National Director Gallagher ERM Practice

Enterprise Risk Management. Focus on the Future June 2017

Maximizing value from your lines of defense

Texas Tech University System

EY Center for Board Matters. Leading practices for audit committees

CGEIT Certification Job Practice

Gleim CPA Review Updates to Business Environment and Concepts 2018 Edition, 1st Printing March 2018

Deloitte Governance Framework and Maturity Model

Enterprise Risk Management Program Development Update. Finance & Audit Committee Meeting September 25, 2015

Successful ERM Program Standards. Definitions of Enterprise Risk Management (ERM)

Statement of Work Contract Management Advisory Project Submitted on May 29, 2018 for SPC on Finance on June 5, 2018

Executive Summary. Exhibit 1- Streamlined communication to the Board of Directors

Compliance Risk Management Powers Performance

IT Governance Overview

CGEIT QAE ITEM DEVELOPMENT GUIDE

Next-generation enterprise risk management

THE ENTERPRISE AND RISK MANAGEMENT POLICY

KING III CHECKLIST. In accordance with the Board Charter the board is the guardian of the values and ethics of the group.

IIA ERM Summit. August 22, 2010

Fear, Uncertainty, Doubt

Taking ERM to a. 6 GRC Today / October 2015

Generating value within the Risk Ecosystem Risk powers performance

ISACA. The recognized global leader in IT governance, control, security and assurance

Risk Management With an Enterprise (Wide) Focus

Emerging Trends in Auditing ERM COSO ERM 2017

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2016

29/11/2017. Risk Management Policy

Sub-section Content. 1 Preliminaries - Post title: Head of Group Risk - Reports to: CRO - Division: xxx - Department: xxx - Location: xxx

Asset Acceptance Capital Corp.

Risk Management Strategy

Strategic Asset Management Plan

CGMA Competency Framework

Introduction to ERM (Enterprise Risk Management)

Calgary Housing Company Asset Management Audit

CGMA Competency Framework

Managing Risk with PM 2

ICAAP. Engaging the business in risk management. A presentation to FIDE Forum by Penny Fosker. 10 January towerswatson.com

Australian Hardware. Risk Management Plan

Charter for Enterprise Risk Management

Dig Deeper. Supply Chain

ERM Retooled: Driving Performance by Revising and Enhancing Risk Management Governance Wipfli LLP

Control and testing transformation

ABERDEEN CITY COUNCIL

CGEIT ITEM DEVELOPMENT GUIDE

Road to Self Governance

The ERM Revolution: Advancing the Cause April 26, 2017

Lya Villasuso OECD Corporate Affairs Division Response ed to: RE: Corporate Governance and the Financial Crises

KING III CHECKLIST. We do it better

Toyota Financial Services (South Africa) Limited: King III Principles

Enterprise Risk Management (ERM) - Impact of 2017 COSO ERM Model

DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015

PRINCIPLES FOR E-PROCUREMENT INTEGRATION SUCCESS

Enterprise Risk Management Handbook. June, 2010

Miles CPA Review: BEC Q Updates for 2017 Edition

Beginning a Business Sustainability Plan

RISK MANAGEMENT FRAMEWORK OF THE CGIAR SYSTEM

PMO In A Box. Prepared for UBS

More than 2000 organizations use our ERM solution

Sustainably Managing Risk: The Business Official s Role beyond Internal Controls

HEALTH PURCHASING VICTORIA STRATEGY. December 2017

Internal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation

IoDSA Director Competency Framework

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Enterprise risk management Protecting and enhancing value Advisory

Enterprise Risk Management Framework

Governance Institute of Australia Ltd

U.S. Census Bureau Enterprise Risk Management Program Operationalizing ERM A Top-down, Bottom-Up Approach

A robust and systematic review.

INTERNAL AUDITING THAT MATTERS. Norman Marks April 2017

2017 Celebra,ng 10 Years of Shaping the Future of Corporate Communica,on in Norway.

Training Fees 4,250 US$ per participant for Public Training includes Materials/Handouts, tea/coffee breaks, refreshments & Buffet Lunch

Evolving Risk Management: Risk-Enabled Performance Management. GHBER July 17, 2014

Transcription:

Enterprise Risk Management Montana State Fund Report to the Board January 28, 2011 Presented by: Mary Peter, Director of Enterprise Risk Management

Enterprise Risk Management (ERM) Defined An integrated approach to addressing all forms of risk to an organization A top-down assessment of risk and opportunity for the organization as a whole A process to align risk strategies to support further growth and protect existing assets A proactive approach to the increased visibility of how risk is managed in an organization ERM leads to informed decision-making and helps preserve and enhance value It is different to every organization and industry

ERM Has Evolved Historical View Hazard Risk Management Insurable financial risks Focus on preservation of tangible assets Silo Approach Each department/function manages its risks independently Risk management = separate function Risks are threats - Focused on avoidance of negative events Today Enterprise Risk Management Operational, strategic, financial reputation and insurable risks Recognition of the value of tangible and intangible assets Holistic approach Coordinated at the highest level within the organization Risk management is a corporate wide daily concern and is embedded in the operations Risks can be threats and opportunities

Drivers of ERM Board of Directors Demand increased financial disclosure and transparency Stakeholders Demand evidence that management understands and manages risks Regulators/Rating Agencies Seek assurance around compliance and risk assessment processes Credit and Rating Analysts Asking organizations to report risks in a forward-looking context Activists Demand social awareness, safety & environmental consciousness Customers Make decisions based on differentiating factors Peers Comparison with others drives industry-wide practice Competitors Push innovation, drive leadership

Sample Rating Agency Classifications Excellent Strong Adequate Weak Advanced capabilities to identify, measure & manage all risks within tolerances Advanced implementation, development & execution of ERM parameters Consistently optimizes risk adjusted returns throughout organization Clear vision of risk tolerance and overall risk profile Risk Control exceeds adequate for most major risks Has robust processes to identify and prepare for emerging risks Incorporates risk management & decision making to optimize risk adjusted returns Has fully functioning control systems in place for all major risks May lack a robust process for identifying and preparing for emerging risks Not fully developed process to optimize risk adjusted returns Incomplete control process for one or more major risks Inconsistent or limited capabilities to identify, measure or manage major risk exposures Note: These are classifications S&P uses in their ERM evaluations for insurance companies and may or may not be used for nonfinancial companies.

ERM, Risk-Focused Exam, & MAR ERM 1. Establish the Foundation 2. Identify the Risks 3. Assess the Risks 4. Evaluate the Risks 5. Execute Risk Response 6. Monitor & Review as necessary Risk-Focused Exam 1. Understand the Company 2. Inherent Risk Review 3. Risk Control Review 4. Determine Residual Risk & Perform Gap Analysis 5. Communicate Findings 6. Monitor Findings Model Audit Rule 1. Tone at the Top 2. Identify Key Statement Accounts 3. Document Processes, Data Sources, Perform Walkthrough 4. Identify and Test Key Controls, Evaluate Effectiveness 5. Recommendation & Remediation; Repeat Until Effective 6. Reporting & Management Attestation 6

Benefits and Value of ERM More Effective Strategic Planning More accurate financial forecasts and projections More informed and accurate budgetary planning More accurate resource planning Increased Understanding of Exposure to Risk Improved Decision Making Enhanced Market Perception Reduced exposure to controllable events Response time improves when risks are anticipated Reduced disruptions to on-going operations More informed and fact based decision making Improved future resource requirements planning Reduced wasteful spending on unnecessary expenditures Improved credit agency ratings Enhanced perception of shareholder value by minimizing losses and maximizing opportunities Enhanced Internal Culture and Operations Improved productivity with awareness of risk exposure Increase strength of culture with adoption across the organization Increased awareness of business operations for management

Integration of ERM & Strategic Planning Montana State Fund Strategic Business Plan for 2011 Enterprise Risk Management applies directly to: Enterprise-wide initiatives, specifically Infrastructure Key Performance Indicator Establish an enterprise-wide definition and common understanding of Montana State Fund s risk tolerance, how it impacts what we do and what creative and cost-effective opportunities exist to minimize our exposure to potentially catastrophic actions or events. Success Measures No. 3 Train and educate leadership by October 2010 Success Measure No. 4 - Establish the ERM framework by May 2011 with specific steps Guiding Principles enter into strategic partnerships; continuous improvement Key Success Measures No. 6. Achieve Enterprise-Wide Initiatives

Role of Eide Bailly ERM Team Hands-On Team Approach: Our team facilitates the full six step ERM process along with MSF s designated leaders MSF makes all management, risk, control, and any risk-related decisions with respect to the ERM process and plan Communication is the key

MSF ERM Roles & Responsibilities Role ERM Sponsors ERM Executive Oversight Team ERM Project Team Leadership ERM Project Team Executive sponsors of the ERM program Responsibilities Communication of the ERM program sets the tone at the top Reviews recommendations for MSF ERM Reviews ERM related information for alignment with culture and mission Knowledgeable in their industry and how ERM will benefit the company and its constituents Assists in facilitating workshops and interviews to obtain inter related risk discussions Able to identify ERM risks, including emerging risks with project team Cross-functional Working Team will do risk identification, risk assessment and risk response planning Assists in designing customized ERM program and outcomes; aligning them with company s goals & objectives Assists in developing the ERM process, communications, and monitoring Reviews data and makes recommendations

Simplified ERM Approach Six Steps Step 1: Establish the ERM Foundation Align your risk appetite with your strategic plan. Develop long term objectives and short term milestones. Step 2: Identify Risks Determine where, when and how events could prevent, degrade or delay the success of your organization. Utilize interviews, surveys, documentation review and facilitated workshops. Step 3: Assess Risks Review the residual risk that remains. Consider interdependencies of risks. Step 4: Evaluate Risks Maximize the opportunity of well-managed risks to create value for your organization. Amend risk response to better manage or mitigate risks and prioritize. Create a risk response strategy. Step 5: Execute Risk Response Plans Define risk owners and consider a practical risk/reward approach. Finalize a communication plan and customize reporting. Step 6: Monitor ERM Review the ERM program at regular intervals. Keep communication alive with a customized communication plan.

SAMPLE Risk Matrix (fictional risks)

SAMPLE Risk Matrix (fictional risks)

Impact Risk Reports Sample Heat Map 10 Risk Two 7.5 Risk Five Risk Six 5 Risk One 2.5 Risk Four Risk Three 0 0 2.5 5 7.5 10 Likelihood 14

Montana State Fund - Project Calendar Today October 2010 November 2010 December 2010 January 2011 February 2011 March 2011 April 2011 May 2011 June 2011 Step 1 Establish the Foundation Step 2 Risk Identification Step 3 Risk Assessment Note: This calendar represents the current timeline. All timelines and dates are subject to change based on the meeting availability, onsite scheduling and information gathering.

Questions? Mary Peter, Director of Enterprise Risk Management mpeter@eidebailly.com 866-585-9050

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback