11th Annual Public Private Partnership Conference    Risk Management and the       Seven Deadly Sins         Developed for...
Agenda    Introduction to Risk Management           Seven Deadly Sins          A Practical Approach                  Q&A2
Risk Management (RM)     Operational Risk                               Financial Risk              Bid Process           ...
Risk Management “speak”    To the Technician:     •A holistic risk management process.    To the Layman:     •A way of man...
RM: Both Negative & Positive Mindsets                                     Under        Uncontrolled Risk                  ...
Industries that have adopted RM                                    Health                                     Care        ...
RM Implementation Drivers                    Public                  Companies    Compliance                     Transpare...
7 Deadly Sins8
7 Deadly Sins                    Vanity / Pride    Common Themes:                   Potential Risks:     I know my risks ...
7 Deadly Sins                            Greed     Common Themes:               Potential Risks:      We will take all fu...
7 Deadly Sins                             Envy     Common Themes:                Potential Risks:      Others seem to do ...
7 Deadly Sins                              Anger     Common Themes:                       Potential Risks:      Low moral...
7 Deadly Sins                             Lust     Common Themes:              Potential Risks:      Significant short te...
7 Deadly Sins                            Gluttony     Common Themes:                Potential Risks:      Lack of content...
7 Deadly Sins                                 Sloth     Common Themes:                Potential Risks:      I trust my pe...
A Practical Approach      Why Risk Management?      Best Practices      Risk Management Principles      Risk Managemen...
RM Best Practice Approach     Keep it simple      Principles   Integrated approach     and practical –                   t...
RM Principals     Risk Management must:     1.    Create and protect value     2.    Be an integral part of all organizati...
Risk Management Framework                              Mandate and Commitment                           Design of framewor...
Risk Management ProcessRisk Factor Identification                      Risk AnalysisIdentify all potential risk           ...
Risk Management Heat Map                                                Management addresses these key risks and          ...
Risk Prioritization MapHigh                         Control NowImportance                   Control Soon             Contr...
Framework Design: Clarifying Who Does What           (Sample Federal Organization)                                        ...
CBIZ MHM 2011 Workshop Presenters                          Remonde Brangman,                         J. Scott             ...
11th Annual Public Private Partnership Conference     Risk Management and the        Seven Deadly Sins          Developed ...
Upcoming SlideShare
Loading in...5
×

Not-For-Profit Risk Management & The 7 Deadly Sins

1,156

Published on

This presentation discusses Not-For-Profit Risk Management & The 7 Deadly Sins.

This includes:

* Why Risk Management
* Risk Management Best Practices
* Risk Management Principles
* Recommended Risk Management Framework

For more information, visit www.cbiz.com/MidAtlantic

Published in: Business, Economy & Finance
1 Comment
3 Likes
Statistics
Notes
No Downloads
Views
Total Views
1,156
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
1
Likes
3
Embeds 0
No embeds

No notes for slide

Not-For-Profit Risk Management & The 7 Deadly Sins

  1. 1. 11th Annual Public Private Partnership Conference Risk Management and the Seven Deadly Sins Developed for PPPC Workshop by Remonde Brangman, CPA CBIZ MHM Mid-Atlantic Risk Advisory Practice Leader August 25, 20111
  2. 2. Agenda Introduction to Risk Management Seven Deadly Sins A Practical Approach Q&A2
  3. 3. Risk Management (RM) Operational Risk Financial Risk Bid Process Operating Reserves Communications Accounting Process Program Management Market Risk Information Technology Financial Reporting Four Quadrants of Business Risk Donor/Beneficiary Changes Federal Requirements Growth Strategy Restricted Funding Requirements Public Relations [Form 990] Oversight of Subrecipients Competition Program Reporting Strategic Risk Compliance Risk3
  4. 4. Risk Management “speak” To the Technician: •A holistic risk management process. To the Layman: •A way of managing my business.4
  5. 5. RM: Both Negative & Positive Mindsets Under Uncontrolled Risk Performance VS. Controlled Risk Maximum Performance5
  6. 6. Industries that have adopted RM Health Care Energy Transportation Sector Financial Education Services 65% of Public Firms Source: Excellence in Risk Management VI, Marsh | RIMS6
  7. 7. RM Implementation Drivers Public Companies Compliance Transparency Not for Profit Organizations Competition Technology7
  8. 8. 7 Deadly Sins8
  9. 9. 7 Deadly Sins Vanity / Pride Common Themes: Potential Risks:  I know my risks already  Inadequate disaster planning  I don’t need Risk Management  No succession planning  We have good people and pretty good controls  Lack of financial savvy  We have done well without it  Fraud risk9
  10. 10. 7 Deadly Sins Greed Common Themes: Potential Risks:  We will take all funding  Funding risk  Our donors trust us with  Concentration risk their Contributions  Insufficient working  To date, we have not had capital any major problems  Misallocation/misuse  Our controls are good of restricted funds enough10
  11. 11. 7 Deadly Sins Envy Common Themes: Potential Risks:  Others seem to do well  Lack of business discipline without risk management  Inadequate policies and  Taking on areas of risk Procedures beyond the organization’s expertise  Lack of attention to controls  In order to keep up we  Failure to execute on new must focus on growth not business on risk management11
  12. 12. 7 Deadly Sins Anger Common Themes: Potential Risks:  Low morale creates additional  Fraud risk risk (potential fraud risk)  Breakdowns in controls  We’re just not appreciated for what we do and how well we  Inadequate accountability do it  Our organization pushes its staff hard. This is the only way to get the results we need.12
  13. 13. 7 Deadly Sins Lust Common Themes: Potential Risks:  Significant short term-  Lack of change management growth without changing structure  Inadequate focus on updating risks internal  As more funding comes processes and controls in, we will expand our capacity to accommodate  Structure (people, processes this demand and systems) has not kept pace with growth13
  14. 14. 7 Deadly Sins Gluttony Common Themes: Potential Risks:  Lack of contentment  Lack of long term planning/stability  Rushing into the next big idea  Inadequate reserves for future deficits  Taking on too many initiatives  Taking unnecessary risks (e.g. investment exposures)14
  15. 15. 7 Deadly Sins Sloth Common Themes: Potential Risks:  I trust my people  Lack of formalized structure for Governance, Risk and  The “It won’t happen to Compliance me” sentiment  Lack of proper segregation  My processes/people work fine – I don’t need to review them15
  16. 16. A Practical Approach  Why Risk Management?  Best Practices  Risk Management Principles  Risk Management Framework16
  17. 17. RM Best Practice Approach Keep it simple Principles Integrated approach and practical – that includes risk complexity is not / opportunity an advantage management Framework Process Incorporates most of Requires strong and the key elements of Sustained the COSO management framework commitment20
  18. 18. RM Principals Risk Management must: 1. Create and protect value 2. Be an integral part of all organizational processes 3. Be part of decision making 4. Explicitly address uncertainty 5. Be systematic, structured and timely 6. Be based on the best available information 7. Be tailored to the organization 8. Take human and cultural factors into account 9. Be transparent and inclusive 10. Be dynamic, iterative and responsive to change 11. Facilitate the continual improvement of the organization21
  19. 19. Risk Management Framework Mandate and Commitment Design of framework for managing risk Understanding the organization and context Establishing policy Accountability Integration into processes Resources Establishing internal and external communication and reporting mechanisms Continual improvement Implementing risk management Framework and process Monitoring and review22
  20. 20. Risk Management ProcessRisk Factor Identification Risk AnalysisIdentify all potential risk Analyze presence of riskexposures - Assess the level of risk - Quantify the results - Report the findings - Recommend actionRisk Monitoring Risk ResponseObserve the completed Develop an action plan;implementation and determine what risks toreport the results control and assign Risk Control responsible individuals Implement a solution to reduce or transfer the risk23
  21. 21. Risk Management Heat Map Management addresses these key risks and Developed by opportunities in its plans and priorities Jay Mattingly Note: Some adjustment to current priorities may be required 3 3 O - 21 R - 11 Impact on ObjectivesImpact on Objectives 2 R-3 2 R - 72 1 O-8 1 O - 14 R - 34 1 2 3 3 2 1 Opportunities Likelihood Likelihood Risks24
  22. 22. Risk Prioritization MapHigh Control NowImportance Control Soon ControlLow High Likelihood
  23. 23. Framework Design: Clarifying Who Does What (Sample Federal Organization) (Based on the Institute of Internal Auditors Position Paper & revised by CSA)
  24. 24. CBIZ MHM 2011 Workshop Presenters Remonde Brangman, J. Scott CPA, the CBIZ MHM Denlinger, CPA, is the Mid-Atlantic Risk & Director in charge of the Advisory practice leader, CBIZ MHM Outsourced has 30 years experience Services practice and providing governance, has more than 20 years risk and internal controls experience in advisory. As a Risk Advisory consultant, Mr. Brangman has extensive accounting,designs and manages outsourced CFO Mr. Denlinger tax and knowledge of best practices in Risk Management and auditing. and accounting engagements serving both for-profit and Internal Control. Mr. Brangman is the firm’s resident expert nonprofit organizations. He also performs CFO duties for on the new International Risk Management Standard ISO several organizations, assisting in the preparation of 31000. He is also a seasoned Forensic Accountant with internal financial statements and presentation to their over 21 years of fraud investigation and forensic accounting Boards. With his extensive auditing experience, Mr. experience. Denlinger is able to assist our outsourcing clients in Mr. Brangman has been responsible for leading compliance preparing for their year-end audits. Combining his reviews (including Sarbanes-Oxley, section 404) for several communication skills and ability to translate difficult leading global businesses and has provided guidance to accounting concepts into laymen’s terms, as well as his overseas governments and regulators in risk management . penchant for teaching, Mr. Denlinger is frequently asked As a former leader in the E&Y Risk Advisory Practice, he to lead seminars and workshops by various was responsible for supporting and developing their D.C. organizations on a broad range of financial management operation with a focus on Government entities (e.g., Fannie and reporting topics. He is a member of the MACPA Mae and Freddie Mac). Mr. Brangman is the incoming Vice Government and Nonprofit Conference Committee and President of the D.C. Chapter of the Institute of Internal serves on the Board of Family and Children Services of Auditors where he has been a keynote speaker for Chief Central Maryland. Audit Executive events. – Bethesda, MD CBIZ MHM, LLC CBIZ MHM, LLC – Bethesda, MD (301) 951-3636 (301) 951-363627 rbrangman@cbiz.com sdenlinger@cbiz.com
  25. 25. 11th Annual Public Private Partnership Conference Risk Management and the Seven Deadly Sins Developed for PPPC Workshop by Remonde Brangman, CPA CBIZ MHM Mid-Atlantic Risk Advisory Practice Leader August 25, 201128

×