enterprise risk management
play

Enterprise Risk Management: Achieving and Sustaining Success Paul - PDF document

Jul 05, 2023 •378 likes •913 views

Enterprise Risk Management: Achieving and Sustaining Success Paul J. Sobel and Kurt F. Reding February 7, 2013 Seminar Outline Foundational ERM concepts. Achieving ERM success. - Getting started. - Determining risk criteria. - Assessing

  1. Enterprise Risk Management: Achieving and Sustaining Success Paul J. Sobel and Kurt F. Reding February 7, 2013 Seminar Outline  Foundational ERM concepts.  Achieving ERM success. - Getting started. - Determining risk criteria. - Assessing risks. - Treating risks. - Monitoring the ERM system. - Reporting on risks.  Sustaining ERM success. 2 2 1

  2. The Foundation 3 3 Risk Risk is the aggregate effect of uncertain events and outcomes on the achievement of objectives. Objectives Uncertain Uncertain Effects Events Uncertain Outcomes 4 4 2

  3. Objectives  Business objectives: - Encompass the organization’s vision and mission. - Reflect the organization’s values.  Performance objectives: - Strategic. - Operations. - Reporting. - Compliance. 5 5 Case Scenario: How Much “Moore” Is Enough? Part 1 6 6 3

  4. Uncertainty  Risks are fraught with uncertainty due largely to their prospective nature.  Each facet of risk – events, outcomes, and effects – involves uncertainty. Objectives Uncertain Uncertain Effects Events Uncertain Outcomes 7 7 Events  An event is a happening. - Events occur inside and outside the organization. - They may occur naturally or be manmade. - Events include decisions (or non-decisions) and actions (or inactions). - An event may have happened already or may happen in the future. - Some future events are easier to anticipate than others. - Events may happen quickly or slowly. - Events may be good or bad. 8 8 4

  5. Events  Events do not always happen one at a time; nor do they always happen independently. - Events often happen in groups and interact with each other. - Two or more events may cluster together to form a larger event. - Events may cascade like dominos… - Bad events may partially offset good events or vice versa. 9 9 Outcomes  Outcomes are results of, and contingent upon, events. - They may be financial or nonfinancial; tangible or intangible. - They may result from a single event or a combination of events. - Multiple, interrelated outcomes are common; individual, isolated outcomes are less common. - Multiple outcomes may take place simultaneously or in succession. - Outcomes may take place immediately or over time. - Outcomes may be desirable or undesirable, depending on the events that caused them. 10 10 5

  6. Effects  Effects are the consequences of outcomes on the achievement of objectives. - They may be favorable or unfavorable. - Favorable effects involve new value creation. - Unfavorable effects involve value destruction, i.e., impairment of new value creation or damage to existing value. 11 11 Case Scenario: How Much “Moore” Is Enough? Part 2 12 12 6

  7. Governance, ERM, and Internal Control Governance ERM Internal Control 13 13 Governance, ERM, and Internal Control  Governance – an overarching system implemented by the board to direct and oversee the activities of the organization toward the achievement of its objectives.  Enterprise risk management (ERM) – an integrated, entity- wide system that addresses the organization’s portfolio of risks in a manner that creates and protects value and provides assurance that objectives will be achieved.  Internal control – a system employed by management at all levels of the organization to carry out the prescribed risk treatment methods and, accordingly, address the risks that affect the achievement of the organization’s objectives. 14 14 7

  8. ERM Principles  ERM is an integrated, entity-wide system.  ERM is an integral component of governance.  ERM is an integral component of management and day-to-day operations.  ERM addresses the organization’s portfolio of risks.  ERM is a journey, not a destination.  ERM is not a one-size-fits-all solution.  ERM creates and protects value.  Risk implications are considered in every important decision.  ERM provides assurance that objectives will be achieved. 15 15 Internal Audit’s Role in ERM  The core role of internal auditors with regard to ERM is to provide independent and objective assurance to the board regarding the organization’s ERM system.  ERM consulting services provided by internal auditors comprise objective advisory, facilitative, and training activities specifically intended to improve the organization’s ERM and internal control systems. 16 16 8

  9. Getting Started 17 17 The ERM Framework The ERM Framework is the organizational construct that enables the design, operation, and improvement of the ERM system. 18 18 9

  10. The ERM Framework Obtain ERM Mandate and Commitment Design ERM Framework Continuously Improve Implement ERM System ERM System Monitor and Review ERM System 19 19 Obtain ERM Mandate and Commitment  Support from the board and senior management: - Define and endorse the risk management policy. - Align the organization’s culture and risk management policy. - Align risk management objectives with the organization’s objectives and strategies. - Align risk management performance indicators with the organization’s performance indicators. - Assign accountabilities and responsibilities at appropriate levels. - Allocate the necessary resources to risk management. - Ensure legal and regulatory compliance. - Communicate the benefits of risk management to all stakeholders. - Ensure that the risk management framework continues to be appropriate. 20 20 10

  11. Obtain ERM Mandate and Commitment  Practical considerations: - Why are we choosing to implement ERM at this time? - Where do we start? - What is our scope for implementation? - What outcomes do we expect, i.e., what does success look like? - How will we roll out ERM throughout the organization? 21 21 Design ERM Framework  Fundamental components: - Understand the organization, its business, and the context for ERM. - Determine the organizational positioning of ERM. - Develop a risk management policy. - Assign accountability and authority. - Allocate resources. - Establish internal and external reporting mechanisms. - Link ERM to the performance appraisal process. 22 22 11

  12. Remaining Steps in the ERM Framework Obtain ERM Mandate and Commitment Design ERM Framework Continuously Improve Implement ERM System ERM System Monitor and Review ERM System 23 23 Internal Audit’s Role in Getting Started  Options to consider, depending on the circumstances: - Lead the ERM implementation with safeguards in place that prevent long- term impairment of internal audit’s objectivity. - Provide consulting (advisory, facilitative, or instructive) in a manner that does not impair internal audit’s objectivity. - Provide assurance that the implementation is proceeding as planned. 24 24 12

  13. Determining Risk Criteria 25 What are Risk Criteria? ISO 31000 defines risk criteria as “terms of reference against which the significance of a risk is evaluated.”  Governance Risk Criteria  Assessment Risk Criteria 26 13

  14. Governance Risk Criteria  Governance risk criteria define and support the success and operation of the organization. – Help define the direction for risk management. – Established by the board and senior management (i.e., top-down). – Consider real-life context affecting long-term survival. • Mitigation of downside risks • Pursuit of upside risks 27 Risk Capacity  Organization’s total capability to absorb negative outcomes.  Defines the boundaries for survival.  Could be individual event outcomes or aggregate outcomes of multiple events.  Common examples: – Inadequate capital – Inadequate cash flow – Violations of laws and regulation – Damage to reputation 28 14

  15. Risk Attitude  An organization’s propensity to take on risk, which can be thought of along a spectrum: Risk Averse Risk Embracing  Blends elements of COSO’s and ISO’s definitions: – Risk Management Philosophy (COSO) – “Set of shared beliefs and attitudes characterizing how the entity considers risk in everything it does, from strategy development and implementation to its day-to- day activities.” – Risk Attitude (ISO 31000) – “Organization’s approach to assess and eventually pursue, retain, take or turn away from risk.” 29 Risk Appetite  Type and total amount of risk an organization is willing to take on in pursuit of its business objectives.  This also blends elements of COSO’s and ISO’s definitions: – COSO – “ Amount of risk, on a broad level, an entity is willing to accept in pursuit of value.” – ISO 31000 – “ Amount and type of risk that an organization is willing to pursue or retain .” 30 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Enterprise Risk Management Program Overview 1 Enterprise Risk Management: An Overview ERM

Enterprise Risk Management Program Overview 1 Enterprise Risk Management: An Overview ERM

Enterprise Risk Management Program Overview 1 Enterprise Risk Management: An Overview ERM connects existing risk Strategic Risks management efforts being carried out by individual Reputational IT Risks Risks divisions/units by providing

81 views • 7 slides
Market Risk Management Gen Ins. Risk Management Life Ins. Risk Management Op.

Market Risk Management Gen Ins. Risk Management Life Ins. Risk Management Op.

Market Risk Management Gen Ins. Risk Management Life Ins. Risk Management Op. Risk Management Board of Enterprise Risk Senior Management Committees Directors Management Credit Risk Cross-Border Exposure Country Rating

453 views • 6 slides
State University of New York Enterprise Risk Management Overview of Current Risk Management

State University of New York Enterprise Risk Management Overview of Current Risk Management

Attachment B State University of New York Enterprise Risk Management Overview of Current Risk Management Activities & Proposed ERM Framework Prepared by the Office of the University Auditor March 6, 2014 ENTERPRISE RISK MANAGEMENT Table

652 views • 20 slides
Why Risk Assessment? Enterprise Risk Management is a process, effected by an entitys board

Why Risk Assessment? Enterprise Risk Management is a process, effected by an entitys board

Why Risk Assessment? Enterprise Risk Management is a process, effected by an entitys board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may

312 views • 4 slides
Leveraging Operational Risk Management (ORM) in Operational Risk Management AIG Enterprise Risk

Leveraging Operational Risk Management (ORM) in Operational Risk Management AIG Enterprise Risk

Kimberly Fix, Director Leveraging Operational Risk Management (ORM) in Operational Risk Management AIG Enterprise Risk Management Third Party Risk Management (TPRM) 212.770.6752 kimberly.fix@aig.com 175 Water St., NY, NY Operational Risk

116 views • 10 slides
Enterprise Risk Management and Culture Jai Ramaswamy Managing Vice President Enterprise Risk

Enterprise Risk Management and Culture Jai Ramaswamy Managing Vice President Enterprise Risk

Enterprise Risk Management and Culture Jai Ramaswamy Managing Vice President Enterprise Risk Management May 14, 2019 Agenda 1. Who am I? 2. How did we get here? 3. What is Enterprise Risk Management? 4. What is the

482 views • 20 slides
Enterprise Risk Management in (Re)Insurance Saskia Goedhart CRO, Munich Re North America (Life)

Enterprise Risk Management in (Re)Insurance Saskia Goedhart CRO, Munich Re North America (Life)

Enterprise Risk Management in (Re)Insurance Saskia Goedhart CRO, Munich Re North America (Life) Topics of Discussion Enterprise Risk Management Risk management structure and tasks in a global insurance company Emerging risks and

634 views • 40 slides
Anthony J. Padilla, MBA,CFE Managing Partner, Risk Advisory Group ENTERPRISE RISK MANAGEMENT and

Anthony J. Padilla, MBA,CFE Managing Partner, Risk Advisory Group ENTERPRISE RISK MANAGEMENT and

Supporting Effective Boardroom Leadership Identifying Unique Opportunities to Improve Board Governance Risk Management and CSR Anthony J. Padilla, MBA,CFE Managing Partner, Risk Advisory Group ENTERPRISE RISK MANAGEMENT and CSR SECTION 1

457 views • 21 slides
Texas Tech University System Enterprise Risk Management Workshop October 31, 2017 ERM Overview

Texas Tech University System Enterprise Risk Management Workshop October 31, 2017 ERM Overview

Texas Tech University System Enterprise Risk Management Workshop October 31, 2017 ERM Overview Evolution of Risk Management Enterprise Risk Management Workshop Risk Traditional Definition The possibility Minimizing the that something

557 views • 36 slides
Enterprise Risk Management: A Practical Approach Presented by: Ellen M. Labita, CPA, Partner,

Enterprise Risk Management: A Practical Approach Presented by: Ellen M. Labita, CPA, Partner,

Enterprise Risk Management: A Practical Approach Presented by: Ellen M. Labita, CPA, Partner, Not-for-Profit Services Baker Tilly Virchow Krause, LLP Ellen.Labita@bakertilly.com 631-719-3232 Agenda Overview of Enterprise Risk Management

522 views • 21 slides
Establishing Enterprise g p Risk Management in Management Practices Management Practices

Establishing Enterprise g p Risk Management in Management Practices Management Practices

Establishing Enterprise g p Risk Management in Management Practices Management Practices Introductions/Opening Remarks Introductions/Opening Remarks Speakers: Cynthia Vitters, Chief Risk Officer, Federal Student Aid Mike Wetklow, Branch Chief,

712 views • 28 slides
Risk Culture: The Heart and Soul of Enterprise Risk Management Philadelphia AFP Conference May

Risk Culture: The Heart and Soul of Enterprise Risk Management Philadelphia AFP Conference May

Risk Culture: The Heart and Soul of Enterprise Risk Management Philadelphia AFP Conference May 4, 2017 Edmund Green, Managing Director Risk Consulting KPMG, LLP Agenda Introductions What is Culture The Culture Iceberg

1.54k views • 24 slides
ERM Practices, Risk Quantification and Risk Maturity FEI NE Wisconsin Chapter Meeting April 18,

ERM Practices, Risk Quantification and Risk Maturity FEI NE Wisconsin Chapter Meeting April 18,

ERM Practices, Risk Quantification and Risk Maturity FEI NE Wisconsin Chapter Meeting April 18, 2018 Prepared by Aon Risk Solutions Global Risk Consulting | Risk Advisory Services Enterprise Risk Management Defined Defining Enterprise Risk

745 views • 35 slides
Risk Management Workshop 1 Risk management workshop Why do we Risk Risk and need risk

Risk Management Workshop 1 Risk management workshop Why do we Risk Risk and need risk

FREE Lifelong Learning Event for Fasset Members Risk Management Workshop 1 Risk management workshop Why do we Risk Risk and need risk assessment control matrix management process Governance Risk appetite Agenda for and risk Risk

1.28k views • 105 slides
Risk Management, Compliance and CRA October 25, 2018 Hosted By: Michael Gallagher Chief Risk

Risk Management, Compliance and CRA October 25, 2018 Hosted By: Michael Gallagher Chief Risk

Risk Management, Compliance and CRA October 25, 2018 Hosted By: Michael Gallagher Chief Risk Officer, EVP 1 Todays Agenda Risk Management Risk governance Enterprise Risk Management Community Reinvestment Act Operational Risk

366 views • 23 slides
Ensuring Portfolio Management as a Core Moodys Analytics Competence within Enterprise Risk

Ensuring Portfolio Management as a Core Moodys Analytics Competence within Enterprise Risk

Ensuring Portfolio Management as a Core Moodys Analytics Competence within Enterprise Risk Risk Practitioner Conference Management October 15-17, 2012 Chicago Marcia Banks Associate Director, IACPM Charles Stewart Senior Director,

588 views • 17 slides
Embedding ERM into Company Strategy and Process W W W . C H I C A G O L A N D R I S K F O R U M .

Embedding ERM into Company Strategy and Process W W W . C H I C A G O L A N D R I S K F O R U M .

Embedding ERM into Company Strategy and Process W W W . C H I C A G O L A N D R I S K F O R U M . O R G Session Description Many companies have implemented Enterprise Risk Management programs, but ERM truly being used strategically? This

263 views • 12 slides
Managing and Monitoring Subrecipients 2019 CDBG-DR Problem Solving Clinic Kansas City

Managing and Monitoring Subrecipients 2019 CDBG-DR Problem Solving Clinic Kansas City

Managing and Monitoring Subrecipients 2019 CDBG-DR Problem Solving Clinic Kansas City Overland Park | J u l y 3 0 A u g u s t 1 , 2 0 1 9 2019 CDBG-DR Problem Solving Clinic 1 Welcome & Speakers Session Objectives Define

732 views • 39 slides
Weather Training for Emergency Managers: A Perspec8ve from the EM Community

Weather Training for Emergency Managers: A Perspec8ve from the EM Community

Weather Training for Emergency Managers: A Perspec8ve from the EM Community Kenneth Galluppi, Arizona State University Liza C. Kurtz, Arizona State University Burrell

419 views • 20 slides
Enterprise Transformation & the Evolution of BPM Paul Harmon Executive Editor Business

Enterprise Transformation & the Evolution of BPM Paul Harmon Executive Editor Business

Enterprise Transformation & the Evolution of BPM Paul Harmon Executive Editor Business Process Trends Business Process Management (BPM) A comprehensive, strategic approach to organizing company change At the high-level, a

638 views • 49 slides
Data Gove r nanc e and Manage me nt of Cr owd Sour c e d Data Applic ations for Be tte r T

Data Gove r nanc e and Manage me nt of Cr owd Sour c e d Data Applic ations for Be tte r T

Data Gove r nanc e and Manage me nt of Cr owd Sour c e d Data Applic ations for Be tte r T r anspor tation De c isions Adve nture s in Cro wdso urc ing : Da ta Ma na g e me nt a nd Go ve rna nc e fo r Be tte r Cro wdso urc e d Da ta

558 views • 22 slides
JBoss Enterprise BRMS Building highly scalable process and rule-driven applications Eric D.

JBoss Enterprise BRMS Building highly scalable process and rule-driven applications Eric D.

JBoss Enterprise BRMS Building highly scalable process and rule-driven applications Eric D. Schabell JBoss Technology Evangelist Developing BRMS Applications that Scale Overview BRMS Adoption Goals Under the Hood Best Practices

538 views • 35 slides
The Future of Banking April 26, 2018 How to Utilize ERM to Invoke a Positive Change Within Your

The Future of Banking April 26, 2018 How to Utilize ERM to Invoke a Positive Change Within Your

WELCOME The Future of Banking April 26, 2018 How to Utilize ERM to Invoke a Positive Change Within Your Institution Steven Bank and Jessica Miller April 26, 2018 1 Agenda Current Risk Landscape Key Risk Areas for Financial

795 views • 45 slides
Managing Superfund Field Data Joe Schaefer Environmental Response Team 24 th NARPM Training

Managing Superfund Field Data Joe Schaefer Environmental Response Team 24 th NARPM Training

Managing Superfund Field Data Joe Schaefer Environmental Response Team 24 th NARPM Training Program Objective: Improve the Information Currency of Superfund u Translate the work that happens on your site to readily accessible information u Move

992 views • 55 slides

More recommend