Organization Audit, Risk and Compliance ( ARC ) Working Session - - PowerPoint PPT Presentation

Organization Audit, Risk and Compliance (ARC)

Working Session November 21, 2017

Reporting Framework

(using existing information and reports you already have)

ARC

Policy Group Brings Policies forward for review and approval AUDIT RESULTS & MANAGEMENT RESPONSES ERM & EH&S report on Cost

• f Risk, Complex Claims,

Trends MEMORANDUM OF UNDERSTANDING (MOU) & OTHER CONTRACTS/AGREEMENTS Financial report on significant budget risks and presentation

• f financial statements

STRATEGIC PLAN - KPI monitoring Key Stakeholders with KPIs that are not met present at ARC Meeting Legal, Investigations and Whistle Blower matters and trends Risk Registry Key Stakeholders report in on mitigation efforts on top Residual Risks SERMP IT Security Management Program present dashboard on progress

Bimonthly Quarterly Semiannual

Let’s Understand Risk Enterprise Risk Management

? ? ? ? ? ? ? ? ?

RISK AWARE RISK EVENT AT RISK RISK IMPACT RISK CONSEQUENCE RISK IDENTIFICATION RISK MITIGATION RISK RESPONSE RESIDUAL RISK

Possible NEXT STEPS

• December - ARC Charter Document available for review
• January - First ARC meeting wherein Audit, Risk Management, and

Compliance issues and findings are presented (these will be issues that have arisen through the routine processes already in place)

• February - March – Development of Risk Assessment and Risk

Registry that is aligned with Strategic Plan and KPIs based on review

• f existing documents, data, and input from ARC Members and
• thers
• June – presentation of Risk Registry to ARC Committee and

2nd report in on routine audit, risk and compliance issues and findings

• July – December ARC activities to be developed based on Risk

reports