CURIE 13 SEPTEMBER 2014 Mark Aiello Senior Vice President Practice - - PowerPoint PPT Presentation

curie
SMART_READER_LITE
LIVE PREVIEW

CURIE 13 SEPTEMBER 2014 Mark Aiello Senior Vice President Practice - - PowerPoint PPT Presentation

Jan 21, 2024 685 likes •1.28k views

KEY LEARNINGS IN ERM CURIE 13 SEPTEMBER 2014 Mark Aiello Senior Vice President Practice Leader Organizational Risk and Resilience Session Objectives Discuss key lessons learned Discuss / share common problems Marsh / CURIE

slide-1
SLIDE 1
slide-2
SLIDE 2
slide-3
SLIDE 3
slide-4
SLIDE 4
slide-5
SLIDE 5
slide-6
SLIDE 6
slide-7
SLIDE 7
slide-8
SLIDE 8
slide-9
SLIDE 9
slide-10
SLIDE 10
slide-11
SLIDE 11
slide-12
SLIDE 12
slide-13
SLIDE 13
slide-14
SLIDE 14
slide-15
SLIDE 15
slide-16
SLIDE 16
slide-17
SLIDE 17
slide-18
SLIDE 18
slide-19
SLIDE 19
slide-20
SLIDE 20
slide-21
SLIDE 21
slide-22
SLIDE 22
slide-23
SLIDE 23
slide-24
SLIDE 24
slide-25
SLIDE 25
slide-26
SLIDE 26
slide-27
SLIDE 27
slide-28
SLIDE 28
slide-29
SLIDE 29
slide-30
SLIDE 30
slide-31
SLIDE 31

KEY LEARNINGS IN ERM CURIE

13 SEPTEMBER 2014

Mark Aiello Senior Vice President Practice Leader – Organizational Risk and Resilience

slide-32
SLIDE 32

MARSH RISK CONSULTING

1

20 October 2014

Session Objectives

  • Discuss key lessons learned
  • Discuss / share common problems
  • Marsh / CURIE Partnership
slide-33
SLIDE 33

2

20 October 2014

Section #1

WHAT I HAVE LEARNED

slide-34
SLIDE 34

MARSH RISK CONSULTING

3

20 October 2014

slide-35
SLIDE 35

4

20 October 2014

QUESTIONS

slide-36
SLIDE 36

5

20 October 2014

(The real) Section #1

WHAT I HAVE LEARNED

slide-37
SLIDE 37

MARSH RISK CONSULTING

Key Lessons

1. Building the Proper Foundation 2. Risk Measurement & Prioritization 3. Risk Appetite 4. Risk Management Communication and adoption 5. Integration of Risk Management – The Quest for Resiliency

6

20 October 2014

slide-38
SLIDE 38

MARSH RISK CONSULTING

Building the Proper Foundation Many programs are developed without the thoughtful foundations

7

20 October 2014

Risk Management Process

The appropriate starting point Common starting point

slide-39
SLIDE 39

MARSH RISK CONSULTING

Building the Proper Foundation Lack of foundation creates instability in a risk management program

Challenges

  • Program inefficiencies
  • Conflicts
  • Lack of direction
  • Unsustainable process
  • Ineffective risk management program

8

20 October 2014

slide-40
SLIDE 40

MARSH RISK CONSULTING

Building the Proper Foundation Some very basic planning can help strengthen program foundations

Strategies

  • Preliminary planning session
  • Alignment of senior administration
  • Development of governance structure
  • Accountability and delegation of authority

9

20 October 2014

slide-41
SLIDE 41

MARSH RISK CONSULTING

Risk Measurement & Prioritization Programs often evaluate macro risk on qualitative scales

10

20 October 2014

  • Qualitative snapshot of the

perceived likelihood and impact

  • Often based on 3, 5, 10 point

scales

  • Risks evaluated at macro level
  • Assessment values are often

consensus driven

  • Prioritization often based on a

number of key assessment criteria

slide-42
SLIDE 42

MARSH RISK CONSULTING

  • Evaluate macro risks, ignore risk drivers

– Risk Management strategies based at top level

  • Consensus evaluation

– Subject matter experts (SME) vs. non-experts

  • Focus on the ‘vote’

– Lack of focus on the issues

11

20 October 2014

Risk Measurement & Prioritization Key Challenges

slide-43
SLIDE 43

MARSH RISK CONSULTING

  • Evaluate macro risks, ignore risk drivers

– Identify risk drivers – Evaluate material risk drivers / causal factors – Focus risk management activities at the driver level

  • Consensus evaluation

– Conduct evaluation at SME level – Small group exercises

  • Focus on the ‘vote’

– Focus on the conversation – Validate the evaluation

12

20 October 2014

Risk Measurement & Prioritization Strategies to deal with challenges

slide-44
SLIDE 44

MARSH RISK CONSULTING

Risk Measurement & Prioritization Risk must be measured against success / plans to be most impactful

13

20 October 2014

Many institutions fail to effectively link risk measurement to success measurement Challenge

Board / Senior Admin

Role

Deans Functional Leaders Department Heads Faculty Mid-level managers Operational staff

  • What are the KPIs / success

metrics that resonate with different stakeholders in the institution?

  • How does risk impact their ability

to achieve objectives?

  • What types of risk are material to

different levels of stakeholders?

slide-45
SLIDE 45

MARSH RISK CONSULTING

Measuring Risk Creating effective metrics

  • Risks metrics should align with deviations in desired performance metrics
  • Risk measurements should be different at each level of the institution
  • Materiality should relate to the ability and willingness to accept risk at each

level of the institution

14

20 October 2014

How this can help

  • Helps to create a clear understanding of the actual relevance of risk at

different levels

  • Fosters better engagement / buy-in at different levels
  • Creates the foundations to make more effective / objective / consistent

risk management decisions and allocate resources (people, time, $) in the most appropriate manner

slide-46
SLIDE 46

MARSH RISK CONSULTING

Risk Appetite An effective Risk Appetite framework is a critical part of risk management planning

15

20 October 2014

  • An organization’s framework of tolerances towards risk taking and

decision making – Includes financial metrics critical to support business strategy and planning – Also includes non-financial criteria for establishing agreed ‘risk capacity’ What is risk/

  • pportunity

appetite? Why define a risk/ opportunity appetite?

  • Align management risk-taking activities with risk perception and tolerances
  • f stakeholders
  • Clarify risk-return views of key stakeholders
  • Facilitate / create freedom for “on-strategy” decision making and risk taking

How is it linked to the strategy?

  • Derive maximum tolerable risk levels, both quantitative and qualitative,

based on stakeholder expectations/constraints and strategic objectives

  • Define a set of limits for strategic key performance indicators and compare

them with the group risk exposure

slide-47
SLIDE 47

MARSH RISK CONSULTING

Risk Appetite Asking the right questions

  • How well do we identify, document and evaluate the risks we face as a business?
  • From your perspective, does our risk framework effectively relate to our

performance metrics allowing us to objectively incorporate risk into key decisions?

  • Are there certain types of risk or specific risk for which we have zero tolerance (e.g.

Health & Safety, Environmental, Reputation impact)?

  • How do we understand the risk expectations of our stakeholders?
  • How could our ability to evaluate key decision improve with a better understanding
  • f risk and the organization’s ability and willingness to accept risk?
  • What is the current risk appetite of the institution?
  • What are the key areas that we should consider in our risk appetite framework

(Enrolment, Reputation, Employee Health & Safety, Environment, Regulatory, etc.)

16

20 October 2014

Risk Appetite is not a single statement, but rather a framework to align better decision making

slide-48
SLIDE 48

MARSH RISK CONSULTING

Risk Management Communication Ineffective communication is the largest hurdle facing effective ERM programs

17

20 October 2014

“ THE SINGLE BIGGEST PROBLEM ABOUT COMMUNICATION IS THE ILLUSION THAT IT HAS TAKEN PLACE.” – GEORGE BERNARD SHAW

Key Challenges

  • Stakeholder engagement
  • Alignment of Enterprise / Operational risk management
  • Reaching the target audience
  • Perspectives - upside vs. downside
slide-49
SLIDE 49

MARSH RISK CONSULTING

Risk Management Communication Ineffective communication is the largest hurdle facing effective ERM programs

18

20 October 2014

Board / Senior Admin Functional / Departmental Intra- Departmental Task

Holistic institution wide review of risks (macro) Focused review of processes and tasks (micro)

Institutional Focus

How does language / communication need to change as you move down this path?

slide-50
SLIDE 50

MARSH RISK CONSULTING

Risk Management Communication - Speaking the Right Language Risk needs to be defined against relevant objectives to properly resonate

19

20 October 2014

Board / Senior Admin

Role Objectives

Deans Functional Leaders Department Heads Faculty Mid-level managers Operational staff

Strategic Plan Faculty Strategic Plan Functional Strategic Plans Departmental Tactical Plans Performance evaluations, scorecards, etc.

  • Objectives at each level should be accretive and aligned with institutional

strategy

  • Risk does not fundamentally change, however the context must change
slide-51
SLIDE 51

MARSH RISK CONSULTING

Creating a Common Language? Programs should focus less on a single set of terms and more on a single, consistent message

20

20 October 2014

  • Common universal themes
  • Fundamental definitions
  • Tailored language for relevant stakeholders

How this can help

  • Fosters better engagement / buy-in at different levels
  • Creates a consistent baseline to identify (and eventually evaluate) risk
  • Fosters integration of the various layers of the risk management program
  • Creates the foundations to make more effective / objective / consistent

risk management decisions and allocate resources (people, time, $) in the most appropriate manner

slide-52
SLIDE 52

MARSH RISK CONSULTING

Using Effective Communication to Enable Risk Management

  • Make risk management part of the conversation about institutional

management (it’s all one song) – Stakeholders inherently manage risk on a daily basis – why strip it out and make it more confusing?

  • Change the conversation from the ‘negative’ (adverse events, losses,

costs, etc.) to the ‘positive’ – Effective risk management will increase the likelihood of achieving strategic and operational objectives

21

20 October 2014

slide-53
SLIDE 53

MARSH RISK CONSULTING

Integration of Risk Management – The Quest for Resilience ERM is the tie that binds, risk management strategy

22

20 October 2014

Health & Safety Environment Capital Projects Insurance Enterprise Business Continuity

Entity Individual programs developed for specific purposes with no centralized strategy

slide-54
SLIDE 54

MARSH RISK CONSULTING

Integration of Risk Management – The Quest for Resilience ERM is a very simple concept

23

20 October 2014

Risk Enterprise Management

slide-55
SLIDE 55

MARSH RISK CONSULTING

Integration of Risk Management – The Quest for Resilience All risk management efforts should support organizational resilience

24

20 October 2014

A d v e r s e E v e n t !

Awareness

Prevention / Mitigation Planning Implementation / Training

Adapt / Operate Recovery Response Preparation

A d v e r s e E v e n t

slide-56
SLIDE 56

25

20 October 2014

Section #2

KEY ISSUES IN HIGHER EDUCATION RISK MANAGEMENT

slide-57
SLIDE 57

MARSH RISK CONSULTING

Key Issues & Concerns

  • What are you experiencing?
  • What are the key challenges that you have faced?

– Past – Present

  • What challenges do you foresee in the future?

26

20 October 2014

slide-58
SLIDE 58

The information contained in this document provides only a general overview of subjects covered, is not intended to be taken as advice regarding any individual situation, and should not be relied upon as such. Insureds should consult their insurance and legal advisors regarding specific coverage issues. All insurance coverage is subject to the terms, conditions, and exclusions of the applicable individual policies. Marsh cannot provide any assurance that insurance can be obtained for any particular client or for any particular risk.