July 22, 2010
Risk is any issue that impacts an organization’s ability to meet its goals and objectives Enterprise Risk Management (ERM) – ◦ Establishes a systematic process of understanding, evaluating and fostering action on significant risks ◦ Promotes an environment of ownership and accountability of significant risks and the response to those risks ◦ Considers internal, external and cross-entity risks ◦ Provides a foundation for superior planning and budgeting 2
Vision: Create a risk-aware culture that educates its members on risk management, allowing the University to identify risks and make plans to avoid material impact on finances and operations while encouraging the acceptance of manageable risks A portfolio approach to managing risks that may span multiple University units Strategic risk support & oversight Aligns strategy and appetite for risk Structures identification of risk mitigation options 3
Risk Intelligent Integrated Top Down Fragmented Initial • Ad hoc/chaotic • Risk defined • Identify risk • Risk • Risk discussion differently in universe management embedded in • Depends on different parts of activities strategic individual the organization • Common risk coordinated planning, capital heroics, assessment / across business allocation, etc. capabilities • Risk managed in response areas and verbal silos • Early warning wisdom • Organization- • Risk analysis system to notify • Limited focus on wide risk tools developed board and the linkage assessment, and management of between risks action plans communicated risks above implemented in established • Limited alignment response to • Enterprise risk thresholds of risk to high priority monitoring, strategies risks measuring and • Linkage to reporting performance • Disparate • Communication measures and monitoring & of top strategic • Scenario incentives reporting risks to senior planning functions leadership • Risk modeling • Opportunity risks identified and exploited • On-going risk Deloi oitte e Develop opmen ent LLC, , 2010 assessment processes 4
Report on Process Effectiveness BOT President Executive Risk Advise Management Consult Committee * Senior Advisory Group * Enterprise Risk Management Process Risk Areas * To be formed. 5
• Set tone / environment for risk management Board of Trustees • Approve risk process, risk policies and risk appetite levels • Provide risk direction Senior Management • Ensure strategic, operational, financial and compliance risks are effectively managed Executive Risk • Maintain oversight of the risk management process Management Committee • Approve risk strategies (ERMC) Senior Advisory Group • Act collectively, but as subject matter experts (SAG) • Advise Executive Risk Management Committee • Coordinate risk assessment, development of mitigation Office of Enterprise Risk strategies and risk reporting Management • Coordinate activities of ERMC and SAG • Provide independent advice and consulting University Audits • Evaluate effectiveness and contribute to improvement of risk management processes 6
Executive tive Risk Managemen ent t Committee ee * Risk Policy cy & Stra rateg egy y * V Voting Respon onsi sibility CFO – Chair Provost – UIUC Provost – UIC Provost – UIS University Counsel Senior r Adviso sory ry Group * Advises ses Execu cutive e Commi mmitt ttee ee * N Non-vot oting respon onsi sibility y * M May y be expanded ed as necessa essary y to reflect ect specific c risk area eas UIUC Campus Team UIC Campus Team UIS Campus Team Campus: Each campus determines its appropriate mix of academic, administrative and other stakeholders as team members. UIC Hospital Chief Medical Officer Medical Center: CFO – College of Medicine Sr. Assoc. VP Bus & Finance Associate VP Capital Programs and Real Estate Services University-Wide: Assoc VP Planning & Budgeting Assist VP Treasury Operations Chair University Technology Management Team 7
Univ ivers rsity ty of Illi lino nois s Board rd of Trust stees es Preside sident Vice Preside ident / Chief f Financial ial Officer icer Risk Inform ormat ation ion ERM Proce cess ss Sr. Assoc. Vice Preside dent t - OBFS Adminis istr trative ative Reporting Execut cutive e Risk sk Manageme ement nt Comm mmittee ee Polic icy Council il Seni nior Adviso sory y Group up Advis isin ing Key y Unit Risk sk Executiv ive Director or Liai aiso sons ns Off ffice e of Enterpr prise se of Unive versity ity Consultin lting Audit its (Embed mbedded ded in Risk sk Risk sk Manageme ement nt Areas as) 8
ERM at the University is based on the widely employed framework • developed by the Committee Of Sponsoring Organizations of the Treadway Commission (COSO) This COSO ERM framework defines essential components, suggests a • common language, and provides clear direction and guidance for enterprise risk management A key elem ement ent is Internal Environment arti ticul ulati ting ng the Treasury Objective Setting Operations University’s goals & Medical objec ecti tives Event Identification Energy Academics Indiv ividua ual risks sks may be Risk Assessment inter terrel relate ted Risk Response Control Activities Communication Monitoring 9
BOT / Leadership Measure Risk Determine Risk Develop Risk Prioritize Top Views of Goals, Impacts and Drivers & Inventory Tier Risks Objectives & Likelihood Relationships Risks Determine Determine Risk- Overall Risk Specific Appetite Tolerances · Research & Accept · Recommend Avoid · Risk Response Reduce · Strategies Share Inputs to Monitor Risk Oversee Risk Budgeting/ and Mitigation Mitigation Planning Strategies Implementation Process 10
Completed: ◦ Office of Enterprise Risk Management formed November 2009 ◦ Process design and implementation well underway ◦ 20 one-on-one interviews with the President Ikenberry and Policy Council conducted April – July 2010 / preliminary report to Policy Council in August ◦ Championed Derivatives Use Policy Next Steps: ◦ Conduct interviews with members of the Board of Trustees to determine views on key risks and risk appetite ◦ Implement Executive Risk Management Committee and Senior Advisory Group ◦ Finalize summary of highest risk issues (in terms of impact and likelihood) based on the collective view of the Board and senior leadership ◦ Assign ownership of top risks 11
Recommend
More recommend
