Risk management: Principles, methodologies and techniques

2,193 views

Published on

Presented by John Fitzsimon and Peter Getugi, Nairobi, 5 February 2009

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,193
On SlideShare
0
From Embeds
0
Number of Embeds
15
Actions
Shares
0
Downloads
127
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Risk management: Principles, methodologies and techniques

  1. 1. R isk Management: Principles, Methodologies and Techniques John Fitzsimon Director, CGIAR Internal Audit Unit Peter Getugi ILRI Internal Audit Manager NAIROBI FEBRUARY 5, 2009
  2. 2. Session Outline Day I. - 5 Feb 2009 (8.30 am to 1pm) ·         Recap on principles of risk management.   ·         Risk management methodologies and techniques   Day II. – 6 Feb 2009 (8.30 am to 1pm) ·         Institute risks identification, update and assessment. ·         Group feed back sessions. ·         ILRI Risk management -Going Forward
  3. 3. Risk Management: Not such a new subject.....
  4. 4. A Center’s achievement of its vision and mission is influenced by: RESEARCH STRATEGY AND PROJECT PORTFOLIO PEOPLE PHYSICAL INFRASTRUCTURE TECHNOLOGY INTELLECTUAL AND GERMPLASM ASSETS FINANCE INTERNAL PROCESSES EXTERNAL ENVIRONMENT
  5. 5. These factors present the Center with both opportunities and risks: OPERATIONAL EFFECTIVENESS FINANCIAL INTEGRITY AND COMPLIANCE LEGAL COMPLIANCE EFFICIENCY SAFETY AND SECURITY
  6. 6. Definitions <ul><li>Organizations pursue opportunities to </li></ul><ul><li>achieve their objectives. </li></ul><ul><li>Risks are those occurrences that will have an adverse impact on the organization’s achievements, resulting from inadequate or failed systems or processes, mistakes or external events </li></ul>
  7. 7. Definitions <ul><li>RISK MANAGEMENT: </li></ul><ul><li>A process </li></ul><ul><li>applied across the enterprise </li></ul><ul><li>designed to identify potential events that may affect the entity: positive as well as negative </li></ul><ul><li>manage risks (and opportunities) to be within its risk appetite </li></ul><ul><li>provide reasonable assurance regarding the achievement of the entity’s objectives </li></ul>
  8. 8. Why the attention on more formalized risk management? <ul><li>Makes good business sense </li></ul><ul><li>Fulfills stakeholder expectations for high standards of governance </li></ul><ul><li>Meets donor requirements for assurance </li></ul><ul><li>Helps avoid surprises! </li></ul>
  9. 9. Risk Management Framework: Key Principles <ul><li>Establish the context </li></ul><ul><ul><li>Consider risks across all activities </li></ul></ul><ul><ul><li>Consider both internal and external factors </li></ul></ul><ul><ul><li>Create an internal environment that supports proactive risk management at all levels </li></ul></ul><ul><ul><li>Establish clear business objectives so that risks can be more readily identified and assessed </li></ul></ul>
  10. 10. Risk Management Framework: Key Principles <ul><li>Identification of Risks </li></ul><ul><ul><li>Inventory risks as part of business processes </li></ul></ul><ul><ul><li>Identify shared risks </li></ul></ul><ul><li>Risk analysis and evaluation </li></ul><ul><ul><li>Consider impact of failure and likelihood of occurrence and damage </li></ul></ul><ul><ul><li>Evaluate organization-wide significance of risks identified at unit/activity/project level </li></ul></ul><ul><ul><li>Evaluate collaboratively shared risks </li></ul></ul>
  11. 11. A Risk Management Framework: Key Principles <ul><li>Risk Treatment </li></ul><ul><ul><li>Oversight process to ensure that there are clear management responses for all significant risks identified </li></ul></ul><ul><ul><li>Ensure all risk responses are implemented through relevant control activities </li></ul></ul><ul><ul><li>Integrate risk management results into policy and planning processes </li></ul></ul>
  12. 12. ILRI Risk Management Framework: <ul><li>Monitoring and review </li></ul><ul><ul><li>Document results of monitoring efforts including action taken in response to risk analyses </li></ul></ul><ul><ul><li>Implement an internal reporting process to capture unit/activity level risk analyses </li></ul></ul><ul><ul><li>Implement a reporting process for senior management and Boards </li></ul></ul>Center-wide risk management system Mana gement ana lysis and reporting B oar d re porti ng
  13. 13. Risk Management Framework: Concepts <ul><li>Opportunities v. Hazards </li></ul><ul><li>Impact </li></ul><ul><li>Likelihood </li></ul><ul><li>Preventive controls </li></ul><ul><li>Mitigating actions </li></ul><ul><li>Risk appetite </li></ul><ul><li>Risk response </li></ul>
  14. 14. What is your risk appetite?
  15. 15. Case Study: Enterprise Risks WHAT COULD BRING THE BUSINESS TO A GRINDING HALT: IN DAYS? IN WEEKS? IN MONTHS? IN 5 YEARS? CAN WE PREVENT IT? HOW PREPARED ARE WE TO RECOVER?
  16. 16. Top Risks for ILRI – Identified in current risk register
  17. 17. Other risks to consider?
  18. 18. Case Study: Project and Joint Venture Risks CENTER PARTNERS DONORS
  19. 19. Typical Project/Venture Risks <ul><li>Design Phase </li></ul><ul><li>Structure/design is not aligned to the objectives </li></ul><ul><li>Insufficient input from stakeholders </li></ul><ul><li>Unrealistic budgets and timelines </li></ul><ul><li>Implementation Phase </li></ul><ul><li>Insufficient skills on project/venture team </li></ul><ul><li>Overly complex to manage </li></ul><ul><li>Lack of clarity about sharing liabilities and credits </li></ul><ul><li>Monitoring and Evaluation Phase </li></ul><ul><li>Lack of clear indicators and benchmarking to assist M&E </li></ul>
  20. 20. Where to from here? <ul><ul><li>REPORTING TO THE BOARD </li></ul></ul><ul><ul><li>PUBLIC REPORTING </li></ul></ul>
  21. 21. Thank you!

×