SlideShare a Scribd company logo

Enterprise risk management

A generic presentation on ERM

1 of 107
Download to read offline
Enterprise Risk Management
Andre Knipe
ACTIVITY 1.1
2
 Individual exercise (30 min)
 Risk in your work environment
 Participants volunteer to inform plenary
 Debrief
Operational … Risk … Management
3
ACTIVITY 1.2
4
 Group exercise (20 min)
 What risk?
 To the mouse (external factors)?
 To the cat (organisation)?
 To the environment (environmental influences)?
 To the people in the house (consumers / customers /
society)?
Risk Management?
5
ACTIVITY 1.3
6
 Group exercise (20 min)
 Risk to people, animal, goods?
 How to minimise risk?
Ad

Recommended

Internal Control & Risk Management Framework
Internal Control & Risk Management FrameworkInternal Control & Risk Management Framework
Internal Control & Risk Management FrameworkTreasury Consulting LLP
 
Risk Management Fundamentals
Risk Management FundamentalsRisk Management Fundamentals
Risk Management Fundamentalsmikaelastafrace
 
Enterprise risk & risk management - I
Enterprise risk & risk management - IEnterprise risk & risk management - I
Enterprise risk & risk management - IDr. Shiv S Tripathi
 
Operational risk ppt
Operational risk pptOperational risk ppt
Operational risk pptNehaKamboj10
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Processregio12
 
Risk Culture, Risk What?
Risk Culture, Risk What?Risk Culture, Risk What?
Risk Culture, Risk What?Ian Rich
 

More Related Content

What's hot

Enterprise Risk Management
Enterprise Risk Management Enterprise Risk Management
Enterprise Risk Management GAURAV SHARMA
 
Operation Risk Management in Banking Sector
Operation Risk Management in Banking SectorOperation Risk Management in Banking Sector
Operation Risk Management in Banking SectorSanjay Kumbhar
 
Chapter 4: Governance and Risk Management
Chapter 4: Governance and Risk ManagementChapter 4: Governance and Risk Management
Chapter 4: Governance and Risk ManagementNada G.Youssef
 
Corporate Risk Management
Corporate Risk ManagementCorporate Risk Management
Corporate Risk ManagementShravan Bhumkar
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides SlideTeam
 
Chapter 1 risk management (3)
Chapter 1  risk management (3)Chapter 1  risk management (3)
Chapter 1 risk management (3)rafeeqameen
 
Operational risk & business continuity management
Operational risk & business continuity managementOperational risk & business continuity management
Operational risk & business continuity managementUjjwal 'Shanu'
 
Risk mangement
Risk mangementRisk mangement
Risk mangementcollege
 
Risk Management Tools And Techniques PowerPoint Presentation Slides
Risk Management Tools And Techniques PowerPoint Presentation SlidesRisk Management Tools And Techniques PowerPoint Presentation Slides
Risk Management Tools And Techniques PowerPoint Presentation SlidesSlideTeam
 
RisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNT
RisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNTRisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNT
RisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNTSonu Sah
 
The importance of risk management in business
The importance of risk management in businessThe importance of risk management in business
The importance of risk management in businessr2financial
 
operations risk management power point presentation.
operations risk management power point presentation.operations risk management power point presentation.
operations risk management power point presentation.Miyelani Shibambo
 
Implementing Enterprise Risk Management with ISO 31000:2009
Implementing Enterprise Risk Management with ISO 31000:2009Implementing Enterprise Risk Management with ISO 31000:2009
Implementing Enterprise Risk Management with ISO 31000:2009Goutama Bachtiar
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityJeff B
 
Risk management ppt 111p (training module)
Risk management ppt 111p (training module)Risk management ppt 111p (training module)
Risk management ppt 111p (training module)Sadia Razzaq
 

What's hot (20)

Enterprise Risk Management
Enterprise Risk Management Enterprise Risk Management
Enterprise Risk Management
 
project risk analysis
project risk analysisproject risk analysis
project risk analysis
 
Operation Risk Management in Banking Sector
Operation Risk Management in Banking SectorOperation Risk Management in Banking Sector
Operation Risk Management in Banking Sector
 
Chapter 4: Governance and Risk Management
Chapter 4: Governance and Risk ManagementChapter 4: Governance and Risk Management
Chapter 4: Governance and Risk Management
 
Corporate Risk Management
Corporate Risk ManagementCorporate Risk Management
Corporate Risk Management
 
corporate risk management
 corporate risk management corporate risk management
corporate risk management
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides
 
Chapter 1 risk management (3)
Chapter 1  risk management (3)Chapter 1  risk management (3)
Chapter 1 risk management (3)
 
Operational risk & business continuity management
Operational risk & business continuity managementOperational risk & business continuity management
Operational risk & business continuity management
 
Risk mangement
Risk mangementRisk mangement
Risk mangement
 
Corporate governance
Corporate governanceCorporate governance
Corporate governance
 
Risk Management Tools And Techniques PowerPoint Presentation Slides
Risk Management Tools And Techniques PowerPoint Presentation SlidesRisk Management Tools And Techniques PowerPoint Presentation Slides
Risk Management Tools And Techniques PowerPoint Presentation Slides
 
RisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNT
RisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNTRisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNT
RisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNT
 
The importance of risk management in business
The importance of risk management in businessThe importance of risk management in business
The importance of risk management in business
 
operations risk management power point presentation.
operations risk management power point presentation.operations risk management power point presentation.
operations risk management power point presentation.
 
Implementing Enterprise Risk Management with ISO 31000:2009
Implementing Enterprise Risk Management with ISO 31000:2009Implementing Enterprise Risk Management with ISO 31000:2009
Implementing Enterprise Risk Management with ISO 31000:2009
 
Risk Management Framework
Risk Management FrameworkRisk Management Framework
Risk Management Framework
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
 
Risk management
Risk managementRisk management
Risk management
 
Risk management ppt 111p (training module)
Risk management ppt 111p (training module)Risk management ppt 111p (training module)
Risk management ppt 111p (training module)
 

Viewers also liked

Enterprise Risk Management Erm
Enterprise Risk Management ErmEnterprise Risk Management Erm
Enterprise Risk Management ErmNexus Aid
 
Enterprise Risk Management Framework
Enterprise Risk Management FrameworkEnterprise Risk Management Framework
Enterprise Risk Management FrameworkNigel Tebbutt
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentationalygale
 
How to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkHow to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkColleen Beck-Domanico
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk managementAnu Damodaran
 
Project Controls Expo 18th Nov 2014 - "Practical Applications of a Risk Manag...
Project Controls Expo 18th Nov 2014 - "Practical Applications of a Risk Manag...Project Controls Expo 18th Nov 2014 - "Practical Applications of a Risk Manag...
Project Controls Expo 18th Nov 2014 - "Practical Applications of a Risk Manag...Project Controls Expo
 
Privacy issues and internet privacy
Privacy issues and internet privacyPrivacy issues and internet privacy
Privacy issues and internet privacyvinyas87
 
Risk Management
Risk ManagementRisk Management
Risk Managementcgeorgeo
 
Risk minimisation activities associated with risk management plans
Risk minimisation activities associated with risk management plansRisk minimisation activities associated with risk management plans
Risk minimisation activities associated with risk management plansTGA Australia
 
Risikokommunikasjon v/ Professor Jørn Vatn, NTNU
Risikokommunikasjon  v/ Professor Jørn Vatn, NTNURisikokommunikasjon  v/ Professor Jørn Vatn, NTNU
Risikokommunikasjon v/ Professor Jørn Vatn, NTNULloyd's Register
 
Sikkerheten rundt anlegg som håndterer farlig stoff v/ Jan Røed, DSB
Sikkerheten rundt anlegg som håndterer farlig stoff v/ Jan Røed, DSBSikkerheten rundt anlegg som håndterer farlig stoff v/ Jan Røed, DSB
Sikkerheten rundt anlegg som håndterer farlig stoff v/ Jan Røed, DSBLloyd's Register
 
Risk manager performance appraisal
Risk manager performance appraisalRisk manager performance appraisal
Risk manager performance appraisalcollinseva08
 
Public Speaking and Presentation Skills - Putting it Together and Putting it ...
Public Speaking and Presentation Skills - Putting it Together and Putting it ...Public Speaking and Presentation Skills - Putting it Together and Putting it ...
Public Speaking and Presentation Skills - Putting it Together and Putting it ...Charles Cotter, PhD
 
Bcu msc cg week 5 rm framework
Bcu msc cg week 5 rm frameworkBcu msc cg week 5 rm framework
Bcu msc cg week 5 rm frameworkStephen Ong
 

Viewers also liked (20)

Enterprise Risk Management Erm
Enterprise Risk Management ErmEnterprise Risk Management Erm
Enterprise Risk Management Erm
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
 
Enterprise Risk Management Framework
Enterprise Risk Management FrameworkEnterprise Risk Management Framework
Enterprise Risk Management Framework
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentation
 
ERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementERM-Enterprise Risk Management
ERM-Enterprise Risk Management
 
How to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management FrameworkHow to Build an Enterprise Risk Management Framework
How to Build an Enterprise Risk Management Framework
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
 
Enterprise Risk Management 2015 PDF
Enterprise Risk Management 2015 PDFEnterprise Risk Management 2015 PDF
Enterprise Risk Management 2015 PDF
 
Project Controls Expo 18th Nov 2014 - "Practical Applications of a Risk Manag...
Project Controls Expo 18th Nov 2014 - "Practical Applications of a Risk Manag...Project Controls Expo 18th Nov 2014 - "Practical Applications of a Risk Manag...
Project Controls Expo 18th Nov 2014 - "Practical Applications of a Risk Manag...
 
Recent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management DevelopmentsRecent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management Developments
 
COSO ERM
COSO ERMCOSO ERM
COSO ERM
 
Privacy issues and internet privacy
Privacy issues and internet privacyPrivacy issues and internet privacy
Privacy issues and internet privacy
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Risk minimisation activities associated with risk management plans
Risk minimisation activities associated with risk management plansRisk minimisation activities associated with risk management plans
Risk minimisation activities associated with risk management plans
 
Risikokommunikasjon v/ Professor Jørn Vatn, NTNU
Risikokommunikasjon  v/ Professor Jørn Vatn, NTNURisikokommunikasjon  v/ Professor Jørn Vatn, NTNU
Risikokommunikasjon v/ Professor Jørn Vatn, NTNU
 
Sikkerheten rundt anlegg som håndterer farlig stoff v/ Jan Røed, DSB
Sikkerheten rundt anlegg som håndterer farlig stoff v/ Jan Røed, DSBSikkerheten rundt anlegg som håndterer farlig stoff v/ Jan Røed, DSB
Sikkerheten rundt anlegg som håndterer farlig stoff v/ Jan Røed, DSB
 
Risk manager performance appraisal
Risk manager performance appraisalRisk manager performance appraisal
Risk manager performance appraisal
 
Public Speaking and Presentation Skills - Putting it Together and Putting it ...
Public Speaking and Presentation Skills - Putting it Together and Putting it ...Public Speaking and Presentation Skills - Putting it Together and Putting it ...
Public Speaking and Presentation Skills - Putting it Together and Putting it ...
 
Bcu msc cg week 5 rm framework
Bcu msc cg week 5 rm frameworkBcu msc cg week 5 rm framework
Bcu msc cg week 5 rm framework
 
Key Slides
Key SlidesKey Slides
Key Slides
 

Similar to Enterprise risk management

project risk management
project risk managementproject risk management
project risk managementAshima Thakur
 
ISO Internal Auditors Workshop_Final Version
ISO Internal Auditors Workshop_Final VersionISO Internal Auditors Workshop_Final Version
ISO Internal Auditors Workshop_Final VersionDuncan O. Ogutu; CPA, CFE
 
Implementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdfImplementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdfRobert Serena, FSA, CFA, CPCU
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...PECB
 
Super Strategies 2014 Risk Strategy Presentation
Super Strategies 2014  Risk Strategy PresentationSuper Strategies 2014  Risk Strategy Presentation
Super Strategies 2014 Risk Strategy PresentationDavid Fernandes
 
Risk Management.docx
Risk Management.docxRisk Management.docx
Risk Management.docxCPA Australia
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
Anti fraud program
Anti fraud programAnti fraud program
Anti fraud programchris75308
 
ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOPiTech
 
Risk Management and Risk Transfer
Risk Management and Risk TransferRisk Management and Risk Transfer
Risk Management and Risk TransferCBIZ, Inc.
 
Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Adnan Naseem
 
The IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India
 
Audit, control and enterprise wide risk management
Audit, control and enterprise wide risk managementAudit, control and enterprise wide risk management
Audit, control and enterprise wide risk managementpeterObakozuwa
 
Bec doms ppt on risk management
Bec doms ppt on risk managementBec doms ppt on risk management
Bec doms ppt on risk managementBabasab Patil
 

Similar to Enterprise risk management (20)

project risk management
project risk managementproject risk management
project risk management
 
ISO Internal Auditors Workshop_Final Version
ISO Internal Auditors Workshop_Final VersionISO Internal Auditors Workshop_Final Version
ISO Internal Auditors Workshop_Final Version
 
Risk Governance, Culture and CPS 220
Risk Governance, Culture and CPS 220Risk Governance, Culture and CPS 220
Risk Governance, Culture and CPS 220
 
Implementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdfImplementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdf
 
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organizationPECB Webinar: ISO 31000 – Risk Management and how it can help an organization
PECB Webinar: ISO 31000 – Risk Management and how it can help an organization
 
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
Implementation of Enterprise Risk Management with ISO 31000 Risk Management S...
 
Super Strategies 2014 Risk Strategy Presentation
Super Strategies 2014  Risk Strategy PresentationSuper Strategies 2014  Risk Strategy Presentation
Super Strategies 2014 Risk Strategy Presentation
 
Risk Management.docx
Risk Management.docxRisk Management.docx
Risk Management.docx
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling Techniques
 
Anti fraud program
Anti fraud programAnti fraud program
Anti fraud program
 
ToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_enToTCOOP+i O3 o4 unit-9_final_version_en
ToTCOOP+i O3 o4 unit-9_final_version_en
 
Risk Management and Risk Transfer
Risk Management and Risk TransferRisk Management and Risk Transfer
Risk Management and Risk Transfer
 
Risk Management 1 (2)
Risk Management 1 (2)Risk Management 1 (2)
Risk Management 1 (2)
 
Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)
 
The IRM India- A Risk Management Standard
The IRM India- A Risk Management StandardThe IRM India- A Risk Management Standard
The IRM India- A Risk Management Standard
 
Audit, control and enterprise wide risk management
Audit, control and enterprise wide risk managementAudit, control and enterprise wide risk management
Audit, control and enterprise wide risk management
 
Risk
RiskRisk
Risk
 
Risk
RiskRisk
Risk
 
Risk management
Risk managementRisk management
Risk management
 
Bec doms ppt on risk management
Bec doms ppt on risk managementBec doms ppt on risk management
Bec doms ppt on risk management
 

More from Andre Knipe

Management&Leadership_LTDC_Oct2016_short
Management&Leadership_LTDC_Oct2016_shortManagement&Leadership_LTDC_Oct2016_short
Management&Leadership_LTDC_Oct2016_shortAndre Knipe
 
Stakeholder engagement and management
Stakeholder engagement and managementStakeholder engagement and management
Stakeholder engagement and managementAndre Knipe
 
Stakeholder engagement and management
Stakeholder engagement and managementStakeholder engagement and management
Stakeholder engagement and managementAndre Knipe
 
Enhancing capacity & skills development
Enhancing capacity & skills developmentEnhancing capacity & skills development
Enhancing capacity & skills developmentAndre Knipe
 
Going for gold - a Project Management approach for school principals - May2009
Going for gold - a Project Management approach for school principals - May2009Going for gold - a Project Management approach for school principals - May2009
Going for gold - a Project Management approach for school principals - May2009Andre Knipe
 
Fleet & transport policy - Envision International (Conf 2010)
Fleet & transport policy - Envision International (Conf 2010)Fleet & transport policy - Envision International (Conf 2010)
Fleet & transport policy - Envision International (Conf 2010)Andre Knipe
 
Strategic People Management - AK2013
Strategic People Management - AK2013Strategic People Management - AK2013
Strategic People Management - AK2013Andre Knipe
 
Strategic Management - AK2013
Strategic Management - AK2013Strategic Management - AK2013
Strategic Management - AK2013Andre Knipe
 
Public Participation - AK2013
Public Participation - AK2013Public Participation - AK2013
Public Participation - AK2013Andre Knipe
 
Event Management - AK2012
Event Management - AK2012Event Management - AK2012
Event Management - AK2012Andre Knipe
 
Basic Transport & Fleet Mngt - AK2015
Basic Transport & Fleet Mngt - AK2015Basic Transport & Fleet Mngt - AK2015
Basic Transport & Fleet Mngt - AK2015Andre Knipe
 

More from Andre Knipe (11)

Management&Leadership_LTDC_Oct2016_short
Management&Leadership_LTDC_Oct2016_shortManagement&Leadership_LTDC_Oct2016_short
Management&Leadership_LTDC_Oct2016_short
 
Stakeholder engagement and management
Stakeholder engagement and managementStakeholder engagement and management
Stakeholder engagement and management
 
Stakeholder engagement and management
Stakeholder engagement and managementStakeholder engagement and management
Stakeholder engagement and management
 
Enhancing capacity & skills development
Enhancing capacity & skills developmentEnhancing capacity & skills development
Enhancing capacity & skills development
 
Going for gold - a Project Management approach for school principals - May2009
Going for gold - a Project Management approach for school principals - May2009Going for gold - a Project Management approach for school principals - May2009
Going for gold - a Project Management approach for school principals - May2009
 
Fleet & transport policy - Envision International (Conf 2010)
Fleet & transport policy - Envision International (Conf 2010)Fleet & transport policy - Envision International (Conf 2010)
Fleet & transport policy - Envision International (Conf 2010)
 
Strategic People Management - AK2013
Strategic People Management - AK2013Strategic People Management - AK2013
Strategic People Management - AK2013
 
Strategic Management - AK2013
Strategic Management - AK2013Strategic Management - AK2013
Strategic Management - AK2013
 
Public Participation - AK2013
Public Participation - AK2013Public Participation - AK2013
Public Participation - AK2013
 
Event Management - AK2012
Event Management - AK2012Event Management - AK2012
Event Management - AK2012
 
Basic Transport & Fleet Mngt - AK2015
Basic Transport & Fleet Mngt - AK2015Basic Transport & Fleet Mngt - AK2015
Basic Transport & Fleet Mngt - AK2015
 

Recently uploaded

West Africa Scene Setting African Continental Master Plan (CMP) for electrici...
West Africa Scene Setting African Continental Master Plan (CMP) for electrici...West Africa Scene Setting African Continental Master Plan (CMP) for electrici...
West Africa Scene Setting African Continental Master Plan (CMP) for electrici...Francois Stepman
 
DAY 05 Book of Revelation 2-18-24 PPT.pptx
DAY 05 Book of Revelation 2-18-24 PPT.pptxDAY 05 Book of Revelation 2-18-24 PPT.pptx
DAY 05 Book of Revelation 2-18-24 PPT.pptxFamilyWorshipCenterD
 
Space expansion: cultural considerations, long term perspectives, and spiritu...
Space expansion: cultural considerations, long term perspectives, and spiritu...Space expansion: cultural considerations, long term perspectives, and spiritu...
Space expansion: cultural considerations, long term perspectives, and spiritu...Giulio Prisco
 
Partnerships for Resilient Prosperity in the Caribbean
Partnerships for Resilient Prosperity in the CaribbeanPartnerships for Resilient Prosperity in the Caribbean
Partnerships for Resilient Prosperity in the CaribbeanCaribbean Development Bank
 
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptxONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptxDivyaPatel621561
 
Supporting Resilient Prosperity in the Caribbean
Supporting Resilient Prosperity in the CaribbeanSupporting Resilient Prosperity in the Caribbean
Supporting Resilient Prosperity in the CaribbeanCaribbean Development Bank
 
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptxNinia
 
AWS RDS Data API and CloudTrail. Who drop the table_.pdf
AWS RDS Data API and CloudTrail. Who drop the table_.pdfAWS RDS Data API and CloudTrail. Who drop the table_.pdf
AWS RDS Data API and CloudTrail. Who drop the table_.pdfVladimir Samoylov
 
Present and Future Requisites for Prosperity in the Caribbean
Present and Future Requisites for Prosperity in the CaribbeanPresent and Future Requisites for Prosperity in the Caribbean
Present and Future Requisites for Prosperity in the CaribbeanCaribbean Development Bank
 
Scaling up renewable energy investments in West Africa
Scaling up renewable energy investments in West AfricaScaling up renewable energy investments in West Africa
Scaling up renewable energy investments in West AfricaFrancois Stepman
 
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptx
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptxTeams Nation 2024 - #Copilot & Teams or Just Premium.pptx
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptxKai Stenberg
 
VAWC-RA-9262 Anti Violence Against Women and THeir Children
VAWC-RA-9262 Anti Violence Against Women and THeir ChildrenVAWC-RA-9262 Anti Violence Against Women and THeir Children
VAWC-RA-9262 Anti Violence Against Women and THeir Childrendilgpitogo2023
 
KKrish - DOVE Leadership Program Concept
KKrish - DOVE Leadership Program ConceptKKrish - DOVE Leadership Program Concept
KKrish - DOVE Leadership Program ConceptKarthik Krishna
 

Recently uploaded (13)

West Africa Scene Setting African Continental Master Plan (CMP) for electrici...
West Africa Scene Setting African Continental Master Plan (CMP) for electrici...West Africa Scene Setting African Continental Master Plan (CMP) for electrici...
West Africa Scene Setting African Continental Master Plan (CMP) for electrici...
 
DAY 05 Book of Revelation 2-18-24 PPT.pptx
DAY 05 Book of Revelation 2-18-24 PPT.pptxDAY 05 Book of Revelation 2-18-24 PPT.pptx
DAY 05 Book of Revelation 2-18-24 PPT.pptx
 
Space expansion: cultural considerations, long term perspectives, and spiritu...
Space expansion: cultural considerations, long term perspectives, and spiritu...Space expansion: cultural considerations, long term perspectives, and spiritu...
Space expansion: cultural considerations, long term perspectives, and spiritu...
 
Partnerships for Resilient Prosperity in the Caribbean
Partnerships for Resilient Prosperity in the CaribbeanPartnerships for Resilient Prosperity in the Caribbean
Partnerships for Resilient Prosperity in the Caribbean
 
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptxONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
ONLINE RESORT BOOKING SYSTEM WEBSITE 1.pptx
 
Supporting Resilient Prosperity in the Caribbean
Supporting Resilient Prosperity in the CaribbeanSupporting Resilient Prosperity in the Caribbean
Supporting Resilient Prosperity in the Caribbean
 
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
1.2 Ingredients Used for Sandwiches 1.3 Culinary Terms.pptx
 
AWS RDS Data API and CloudTrail. Who drop the table_.pdf
AWS RDS Data API and CloudTrail. Who drop the table_.pdfAWS RDS Data API and CloudTrail. Who drop the table_.pdf
AWS RDS Data API and CloudTrail. Who drop the table_.pdf
 
Present and Future Requisites for Prosperity in the Caribbean
Present and Future Requisites for Prosperity in the CaribbeanPresent and Future Requisites for Prosperity in the Caribbean
Present and Future Requisites for Prosperity in the Caribbean
 
Scaling up renewable energy investments in West Africa
Scaling up renewable energy investments in West AfricaScaling up renewable energy investments in West Africa
Scaling up renewable energy investments in West Africa
 
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptx
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptxTeams Nation 2024 - #Copilot & Teams or Just Premium.pptx
Teams Nation 2024 - #Copilot & Teams or Just Premium.pptx
 
VAWC-RA-9262 Anti Violence Against Women and THeir Children
VAWC-RA-9262 Anti Violence Against Women and THeir ChildrenVAWC-RA-9262 Anti Violence Against Women and THeir Children
VAWC-RA-9262 Anti Violence Against Women and THeir Children
 
KKrish - DOVE Leadership Program Concept
KKrish - DOVE Leadership Program ConceptKKrish - DOVE Leadership Program Concept
KKrish - DOVE Leadership Program Concept
 

Enterprise risk management

  • 2. ACTIVITY 1.1 2  Individual exercise (30 min)  Risk in your work environment  Participants volunteer to inform plenary  Debrief
  • 3. Operational … Risk … Management 3
  • 4. ACTIVITY 1.2 4  Group exercise (20 min)  What risk?  To the mouse (external factors)?  To the cat (organisation)?  To the environment (environmental influences)?  To the people in the house (consumers / customers / society)?
  • 6. ACTIVITY 1.3 6  Group exercise (20 min)  Risk to people, animal, goods?  How to minimise risk?
  • 7. ACTIVITY 1.4 7  Group exercise (20 min)  Availability of vehicles: organisation of your choice  What is the risk?  How to minimize?  How to assess success / failure?
  • 8. Total Risk Management Focus  Financial - Risk of capital  Operational – Operational failure  Programme – Managing change  Strategic – Market changes 8
  • 9. Why Risk Management? 9  Cost  Schedule  Technical performance
  • 10. Evolution of Risk Management 10 Ancient Risk Management 20th Century Risk Mgt 21th Century Risk Mgt
  • 11. Comprehensive Risk Management 11  PFMA  MFMA  TRs Planning and Organizing RMP Risk Mgt Plan Risk Board Process Policy and Guidance Tools & Training Risk Identification Risk Mitigation Plan Implementation Risk Mitigation Planning Risk Analysis Risk Tracking • Integrated and Stand- Alone Risk Mgt Tools Likelihood Consequence 1 2 3 4 5 1 2 3 4 5
  • 12. Risk & Risk Management Defined 12  Risk  =  Uncertain future events that could influence the achievement of the objectives of a public institution
  • 13. Risk Management Fundamentals 13  What is Risk?  The impact of uncertain future events that could influence the achievement of an organisation’s objectives  Risk creates uncertainty and makes planning difficult
  • 14. Risk Management Fundamentals 14  What is Risk?  Risk directly impacts on the service delivery objective of public and private entities, because it manifests as the chance of a loss due to adverse events:  Interruptions to service delivery and loss of revenue (income statement, liquidity)  Consequences of loss of revenue on sustainability (balance sheet, performance against budget, funding position)  Perceptions of stakeholders (reputation)
  • 15. Risk & Risk Management Defined 15  RISK MANAGEMENT – page 11  A continuous, pro-active and systematic process, effected by a department’s executive authority, accounting officer, management and other personnel, applied in strategic planning and across the department, designed to identify potential events that may affect the department, and manage risks to be within its risk tolerance, to provide reasonable assurance regarding the achievement of department objectives.
  • 16. Definition of Risk Management 16  A comprehensive and systematic  approach aimed at identifying,  measuring and controlling  an entity’s exposure to accidental loss,  theft and liability involving human,  financial, physical and  natural resources
  • 17. Risk Management Fundamentals 17  What is Risk Management?  Risk Management focuses on the ability of the organisation to meet objectives in the future by identifying risk and making decisions to manage these risks  Risk Management starts with the strategic planning process
  • 18. ACTIVITY 1.5: 18  Group exercise (30 min): feedback to plenary  Interrogate the definition: what do you see?
  • 19. Risk Management Fundamentals 19  What is Risk Management?  Risk Management is a dynamic, ongoing assessment, decision-making and implementation process that is integrated with management activities  Risk Management uses instruments such as financial market transactions, insurance, control processes, strategy/product changes, research/intelligence, risk shifting to control, eliminate or reduce risk.
  • 20. Risk Management Process 20  Structured approach for incorporating risk management into daily, broader management process  More than just an exercise of risk avoidance  Rather about identifying opportunities for avoiding or mitigating losses
  • 21. Risk Management Process 21  Phases in Risk Management Process:  Risk Identification  Risk Assessment  Risk Response  Risk Control  Risk Financing Context + Philosophy Identify Risks Measure Risks Desired Results Develop Solutions Choose Strategy Execute Strategy Monitor Evaluate Adjust
  • 22. Components of Risk Management 22  Control environment  Objective setting  Risk identification  Risk assessment  Risk management strategy  Information & communication  Control Activities  Monitoring
  • 23. 23 A Framework for Risk Management Source: Enterprise Risk Management — Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission. Governance structure Risk Management Philosophy + Risk Appetite Oversight Values, ethics Human Capital-Skills, experience, training Delegation of authority Internal: Infrastructure Personnel Process Technology External: Political Economic Social Technological Environment Techniques Qualitative + Quantitative Likelihood + Impact Linkage between risks – Portfolio View Avoidance Reduction Sharing Acceptance Policies and Procedures Operational Review and Audit Approval framework Reporting Verification and reconciliations Segregation of duties Internal and External Formal and Informal Communication Methods Accurate, Timely, Relevant Share learning and insight Ongoing, continuous process Self-Assessments Independent monitoring and evaluation Adapt to changes Improve practices Align with best practice Strategic Plan, Business Plan, Budgets
  • 24. ACTIVITY 1.7: 24  Group exercise: feedback to plenary  Divide 8 topics between groups
  • 25. Relevance of Risk Management 25  Align with objectives  Introduce into existing strategic planning & operational practices  Communicate departmental directions  Include as part of performance appraisals  Continue to improve control & accountability systems & processes
  • 26. Relevance of Risk Management 26  Why focus on risk management? Is it not common sense? We know how to run our business!  Focus has traditionally been on historic measures with some forecasting of the future:  Annual budgets, actual and variance  Mainly audit/financial risk focus
  • 27. Relevance of Risk Management 27  High levels of uncertainty in the internal and external environment warrant greater effort in managing risk:  PESTLE - Political, Economic, Social, Technological, Legal Environmental  Effect of external factors becoming more pronounced  Not only budget (financial), but all business and operational risks - integrated  Requires more structured approach with frequent reviews of risk  Need to be more forward looking and proactive
  • 28. Relevance of Risk Management 28  Legislative/regulatory/stakeholder pressure  Constitution  PFMA & MFMA  King II/King III  Best Practise
  • 29. Benefits of Risk Management 29  Identify & manage of risks  Identify & implement cost-effective, integrated responses  Minimise operational surprises, costly & time- consuming litigation and unexpected losses
  • 30. Benefits of Risk Management 30  Rationalise capital & financial resources  Continuity of service delivery  Enhance accountability & corporate governance processes  Achieve greater openness/transparency in decision- making & ongoing management processes
  • 31. Benefits of Risk Management 31  Enhance accountability & corporate governance processes  Achieve continuity of service delivery  Avoid unnecessary wastage  Achieve openness/transparency in decision-making & ongoing management processes
  • 32. Delivering what we should? 32
  • 33. Regulatory Framework: International Instruments: Basel II Accord 33  Second of the Basel Accords  “Basel Committee on Banking Supervision”  Reps from central banks & regulatory authorities of several EU countries  Recommends to member states for adoption in local law
  • 34. Basel II Accord (cont) 34  How much money must banks keep aside to guard against financial & operational risks?  Banks hold capital reserves appropriate to lending / investment risks (protect solvency) NB!! Liquidity??  The higher risk, the higher amount to hold
  • 35. Case Study: Barings Bank (1762–1995) 35  Oldest merchant bank in London  1995: Nick Leeson lost 827 million Pounds through speculation  Leeson held 2 positions: reported to himself  Internal auditing at fault: absence of oversight  “How could this happen?”
  • 36. Regulatory Framework – Legislative Requirements 36  Policy should include:  “the accounting officer for Volta River Authority … has and maintains :  Effective, efficient & transparency systems of financial and risk management and internal control; and  A system of internal audit under the control & direction of an audit committee…”
  • 37. Legislative Requirements (Cont.) 37  “An employee in VRA, … :  Must ensure that the system of … and internal control … is carried out within the area of responsibility of that employee”
  • 38. Legislative Requirements (Cont.) 38  “The accounting officer must ensure that a risk assessment is conducted regularly to identify emerging risks of VRA. A risk management strategy, which must include a fraud prevention plan, must be used to direct internal audit effort and priority, and to determine the skills required of managers and staff to improve controls and to manage these risks. The strategy must be clearly communicated to all employees to ensure that the risk management strategy is incorporated into the language and culture of VRA.”
  • 39. Legislative Requirements (Cont.) 39  “The Board as a whole (collectively), as well as each of its directors individually, carries the ultimate responsibility for the company’s risk management strategy and for whatever goes wrong in it.” (Romani Naidoo, 2002, Corporate Governance)
  • 40. Regulatory Framework: Other sources 40  Protocol Against Corruption: SADEC, 2001  Legislation/policy that deals with unlawful activities  “Financial Services Board”: controls financial services industry  Revenue Services Legislation/policy
  • 41. 41 Key Risks associated with In- effective Risk Management  Inappropriate internal controls  Risk management not incorporated in organisation’s culture  Reactive responses, not pro-active  Inadequate plans  Inappropriate controls  Changing/new risks not considered & managed
  • 42. ACTIVITY 2.1 42  Examples from practice: 4 Groups (30 minutes)  Each group chooses any two below  Inappropriate internal controls  Risk management not incorporated in organisation’s culture  Reactive responses, not pro-active  Inadequate plans  Inappropriate controls  Changing/new risks not considered & managed
  • 43. Creative risk taking is essential to success in any goal where the stakes are high. Thoughtless risks are destructive, of course, but perhaps even more wasteful is thoughtless caution which prompts inaction and promotes failure to seize opportunity. - Gary Ryan Blair
  • 44. Behind the regulatory framework: Importance of Risk Management 44  Creation of optimal working environment  Fewer accidents  Greater productivity  Higher staff morale  Costs of losses reduced  Decisions taken under differing conditions of certainty: legal framework gives some stability
  • 45. Risk Management Process 45  Phases in Risk Management Process:  Risk Identification  Risk Assessment  Risk Response  Risk Control  Risk Financing Context + Philosophy Identify Risks Measure Risks Desired Results Develop Solutions Choose Strategy Execute Strategy Monitor Evaluate Adjust
  • 46. 46 A Framework for Risk Management Source: Enterprise Risk Management — Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission. Governance structure Risk Management Philosophy + Risk Appetite Oversight Values, ethics Human Capital-Skills, experience, training Delegation of authority Internal: Infrastructure Personnel Process Technology External: Political Economic Social Technological Environment Techniques Qualitative + Quantitative Likelihood + Impact Linkage between risks – Portfolio View Avoidance Reduction Sharing Acceptance Policies and Procedures Operational Review and Audit Approval framework Reporting Verification and reconciliations Segregation of duties Internal and External Formal and Informal Communication Methods Accurate, Timely, Relevant Share learning and insight Ongoing, continuous process Self-Assessments Independent monitoring and evaluation Adapt to changes Improve practices Align with best practice Strategic Plan, Business Plan, Budgets
  • 47. 47 Objective setting; Organizational context; Risk management context Risk identification; What can happen? How can it happen? Risk assessment; Measuring likelihood; Measuring impact; Establish the level of risk; Assess risks Risk management strategy; Identify treatment options (strategy); Evaluate treatment options; Implement recommendations Information/communication Control activities Monitoring and evaluation CONTROLENVIROMENT
  • 48. ACTIVITY 2.2 48  Components of risk management  Component 1: Internal environment  The purpose is to establish the current context of risk management in your organisation  Prepare an overview/summary of the components of risk management as applicable in your organisation  Present to the group
  • 49. Formulating a Risk Management Strategy 49 R – Results Are we achieving the desired results for the risks we take? I – Immunisation Do we have the controls in place to minimise the risk losses? K – Knowledge Do we have the right people, skills, culture and values for effective risk management? S – Systems Do we have the systems to measure and manage risks? Also see p72-78 in the manual.
  • 50. Formulating a Risk Management Strategy 50  Step 1: Establish the context  Step 2: Identify the risks  Step 3: Analyse the risks  Step 4: Evaluate and prioritise the risks / Assess the risks  Step 5: Address the risks  Step 6: Monitor and review  Step 7: Documentation of the process
  • 51. Operational Planning 51  Planning is “deciding in advance what to do, how to do it, when to do it and who is to do it Operational plans Tactical plans Strategic plans The organisation’s mission * Purpose * Premises * Values * Directions Strategic objectives Tactical objectives Operational objectives
  • 52. Operational Planning Process 52  Planning to plan  Formulating a vision & mission statement  Scanning the external environment  Doing a market analysis  Determining all external opportunities and threats  Determining all internal strengths and weaknesses  Identifying strategic issues  Making choices  Establish priorities  Operational plans  Budgeting  Monitoring and evaluation
  • 53. Main issues of operational plan before execution 53  Determine responsibilities, time frames, cost  Practical execution often neglected as people engage in academic debate
  • 54. Link between Strategic & Operational Planning 54 Vision Mission Statement Corporate Organisational Objectives Functional (Operational) Objectives Functional (Operational) Strategies Long Term Operational Plan Short Term Operational Plan
  • 55. Formulating Strategies & Action Plans 55  Review: SWOT provide insight into efficiency of existing strategies  Strategy should convert weaknesses into strengths; threats into challenges  Identify 5 types of strategies:  Offensive: exploit opportunities from a premise of strength  Developmental: convert weaknesses into strengths  Diversification: harness strengths to minimise impact of threats  Defensive: organisation is vulnerable; may require professional help for business re-engineering  Combination: harness advantages of each; circumstances will dictate
  • 56. 56 Objective setting; Organizational context; Risk management context Risk identification; What can happen? How can it happen? Risk assessment; Measuring likelihood; Measuring impact; Establish the level of risk; Assess risks Risk management strategy; Identify treatment options (strategy); Evaluate treatment options; Implement recommendations Information/communication Control activities Monitoring and evaluation CONTROLENVIROMENT
  • 57. Formulating Strategies & Action Plans 57  Environmental scan  5 types of strategies:  Offensive: exploit opportunities from a premise of strength  Developmental: convert weaknesses into strengths  Diversification: harness strengths to minimise impact of threats  Defensive: organisation is vulnerable; may require professional help for business re-engineering  Combination: harness advantages of each; circumstances will dictate  Decide on (propose) an overall strategy
  • 58. Objective Setting 58  Break each strategy down into strategic objectives (narrowly defined area of achievement)  Objectives should include:  service delivery indicators;  indicate what is to be accomplished;  measures to quantify results  What to do:  Identify 5-10 objectives  Determine actions with responsibilities and time-frames to achieve each objective
  • 59. ACTIVITY 2.3 59  Component 2: Objective setting  Consider the process of objective setting in your organisation (strategic planning, operational planning, budgeting)  Also consider objectives in the following 5 categories:  Strategic  Operations  Reporting  Compliance  Safeguarding  Compile a 1-page document on how risk management should be integrated into objective setting (planning)
  • 60. Risk Management Fundamentals 60  Risk Identification  Start with Risk Register – listing of all risks  Examine all sources of risk  External – PEST  Internal – e.g. governance, ethics & values, infrastructure, HR  Techniques include:  Trends/Patterns  Surveys/Questionnaires  Brainstorming  Scenario analysis  Networking  Value at Risk (VAR) model  Boston Squares  “Bottom-up” risk assessment
  • 61. ACTIVITY 2.4 61  4 Groups (30 minutes)  Component 3: Risk Identification  Compile a basic risk register, i.e. develop a template  Populate the risk register with some examples, i.e. identify and list possible risks for the organisation  Classify the risks to make it easier  (This should eventually be done for each Division & Business unit within the organisation)
  • 62. REMEMBER 62  Risk Register = a “list of prioritised risks”
  • 63. Risk Management Fundamentals 63  Risk Assessment (analysis)  Start with Risk Register  Consider possible areas of risk impact  Risk ranking provides direction and focus – costs, resources, time  Consistent measurement techniques – quantitative  Lots of good judgement – qualitative  4 steps:  Quantify parameters (scoring system)  Apply parameters  Determine risk acceptance criteria (tolerance)  Determine risk acceptability & action to reduce risk  Identify the root cause of the risk
  • 64. RISK REGISTER 64  This is a list of prioritised risks  See next slide: likelyhood & consequence?
  • 65. Risk Assessment tool: Consequence vs. Likelihood 65 Likelihood Consequence 1 2 3 4 5 1 2 3 4 5
  • 66. Step 1: Quantify the parameters 66 Example: Impact on cost Score Impact Consequence 5 Catastrophic Leads to termination of the project 4 Critical Cost increase > 20% 3 Major Cost increase > 10% 2 Significant Cost increase < 10% 1 Negligible Minimal or no impact on cost Example: Certainty of occurrence Score Likelihood Occurrence 5 Maximum Certain to occur, almost every time 4 High Will occur frequently, 1 out of 10 times 3 Medium Will occur sometimes, 1 out of 100 times 2 Low Will seldom occur, 1 out of 1000 times 1 Minimum Will almost never occur, 1 out of 10 000 times
  • 67. Step 2: Applying the parameters 67  Risk index = impact x likelihood IMPACT 5 5 10 15 20 25 Risk index Risk Magnitude 4 4 8 12 16 20 20 - 25 Maximum 3 3 6 9 12 15 15 - 19 High risk 2 2 4 6 8 10 10 - 14 Medium risk 1 1 2 3 4 5 5 - 9 Low risk 1 2 3 4 5 1 - 4 Minimum risk LIKELIHOOD
  • 68. Step 3: Determine risk acceptance 68  Risk tolerance… IMPACT 5 5 10 15 20 25 4 4 8 12 16 20 3 3 6 9 12 15 2 2 4 6 8 10 1 1 2 3 4 5 1 2 3 4 5 LIKELIHOOD 4 8 3 6 9 2 4 6 8 1 2 3 4 5 15 20 25 12 16 20 12 15 10 Unacceptable risks Acceptable risks 5 10
  • 69. Step 4: Determine risk acceptability & what action 69 Risk index Risk magnitude Risk acceptability Proposed actions 20 – 25 Maximum risk Unacceptable Take action to reduce risk with highest priority, accounting officer and executive authority attention. 15 – 19 High risk Unacceptable 10 – 14 Medium risk Unacceptable Take action to reduce risk, inform senior management. 5 – 9 Low risk Acceptable No risk reduction - control, monitor, inform management. 1 - 4 Minimum risk Acceptable No risk reduction - control, monitor, inform management.
  • 70. ACTIVITY 2.5 70  4 Groups (30 minutes)  Component 4: Risk Assessment (plotting risks on the matrix)  Consider the risk assessment tool that could be used in your organisation  Develop/Refine the risk assessment tool  Use the risks identified & plot the risks by using the assessment tool (as an example)
  • 71. Risk Management Evaluation 71  Estimate the chance of occurrence or frequency for each potential risk – probability that a loss will occur  Estimate the severity of the loss which is the highest possible degree of injury or damage to a person / property item
  • 72. Risk Management Evaluation 72  The measurement of risk  is not an easy step;  it is the most difficult and  least precise step  in the art of risk management
  • 73. Risk Management Fundamentals 73  Risk Management Strategy (response)  Addressing the risk  Management select a response that is expected to bring risk likelihood & impact within the organisation’s risk tolerance level  Categories of avoidance, reduction, sharing, acceptance  Refer back to risk assessment tool
  • 74. Risk Management Model to Evaluate/Prioritise risk 74 Low (CI<50%) Medium (50%>CI<80%) High (CI>80%) Significant Must monitor impact and likelihood. Manage if likelyhood increases beyond threshold. Must manage and monitor risks Extensive management essential Moderate Risks may be worth accepting with monitoring Management effort worthwile Management effort required Minor Accept risks Accept, but monitor risks Monitor. Manage risk if size of risk is above acceptable threshold Risk Management Actions Likelihood Impact/Materiality RiskManagementActions
  • 75. Address the risks 75  Tolerate, Treat, Terminate, Transfer  …or… Impact Reduce Terminate Accept Transfer Likelihood
  • 76. ACTIVITY 2.6 76  4 Groups (30 minutes)  Component 5: Risk Strategy (response development)  Consider the existing (if it does exist) risk management model  Review the effectiveness & appropriateness of risk responses (strategies)  (This model will be used by each Division & Business unit within the organisation; units have to develop their own specific responses to their specific identified risks)
  • 77. Risk Management Fundamentals 77  Control Activities  Policies and procedures that help ensure that the risk responses, as well as other entity directives, are carried out  Occur throughout the organisation, at all levels and in all functions  Include application and general (internal) controls
  • 78. Control Procedures 78  Policy & procedure  Reporting, reviewing & approving  Checking accuracy of records  Maintaining & reviewing control accounts  Comparing internal data with external sources of information  Comparing & analysing financial results  Limiting direct physical access to assets
  • 79. Context of Control 79  Should be capable of responding immediately to evolving risks  Cost of controls must be balanced against benefits  System of control must include procedures for reporting  System of internal control must be embedded in operations (“inculcated”)
  • 80. Internal Control Focus Areas 80  Segregation of duties  Accountability for resources  Reconciliations  Prompt & proper recording & classification of transactions  Authorisation & execution of transactions  Documentation (policy & procedure)  Management supervision & review
  • 81. Types of Controls 81  Access  Information  Management  Administrative  Application  …
  • 82. Risk Management Fundamentals 82  Information & Communication  Management identifies, captures, and communicates pertinent information in a form and timeframe that enables people to carry out their responsibilities  Communication occurs in a broader sense, flowing down, across, and up the organization  Document the process  Always document risk management  Accountability … reporting  Continuous improvement
  • 83. ACTIVITY 2.7 83  4 Groups (30 minutes)  Component 6: Information and Communication  Use all the steps that you followed and document (map) the risk management process  Develop a basic action plan for a risk management awareness campaign in your organisation
  • 84. Risk Management Fundamentals 84  Risk Management Monitoring & Review  Continuous monitoring of RMF & process  Updating of risk register  Collection, capturing & communication of pertinent information  Employees need information to identify, assess & respond to risk  Early warning (dashboard for Executive)  Effective communication – raise awareness  Risk responses are based on (internal) control activities  Appropriate & effective controls  Ongoing monitoring of risk & risk management  (Ex-post facto) Separate evaluations
  • 85. Risk Management Monitoring 85  Evaluate on an ongoing basis  Determine loss prevention goals at the beginning of each financial year, as well as programmes to achieve those goals  Effectiveness of programmes to be expressed in terms of:  estimated frequency and  severity of losses
  • 86. Risk Management, Internal Control & Performance Management 86  Mechanisms for controlling or minimising risks  Good controls can reduce  Poor controls can increase  Never completely eliminated:  Accepted as low, not worth further considering  Reduced to acceptable level
  • 87. Relationship between Risk Management and Internal Audit 87  Risk management and assurance is a collaborative effort between risk management and internal audit that includes the correct balance of responsibility and independent oversight  Internal audit should never assume the functions, processes or systems of risk management
  • 88. Relationship between Risk Management and Internal Audit 88 Risk Management Internal Audit Risk Management Department Internal Audit Department Business Areas, Shared Services External Auditors, Shared Services Consultants and Advisors Consultants and Advisors Establishing risk management policies and controls Independent monitoring of risks, risk management practices and controls Implement risk measurement and reporting systems Validation of risk identification and management tools and techniques Assist business managers with the development of risk capabilities and to development mitigation strategies Promoting a risk management culture and developing common risk language Generate, validate and circulate risk management reporting Review risk management reporting as part of independent risk oversight CRO chairs risk management committee(s) Risk manager(s) lead and participate in working groups and teams Resources Oversight of risk management activities Review and report on the effectiveness of risk management practices - Risk based audit Responsibilities Participation in Risk Management Activities
  • 89. Measuring Performance of Risk Management Function 89  Measure against risk plan  Performance measurement of staff in Risk Management Unit  Regular reporting – In-year  Annual reporting based on plan  Accuracy of risk identification and assessment – one of indicators  Existence of policies and procedures  Accessibility of risk records
  • 90. Performance on risks? 90  KPA’s of all managers to include risk management  KPI’s to detail risk management performance by managers  Obviously core business of Risk Management Unit/Committee in organisational structure  To be reflected as such
  • 91. ACTIVITY 2.8 91  Develop risk management KPA’s for managers  At least 2 KPI’s for each KPA  Discussion
  • 92. Good Governance 92  Role of good governance in RM  Compliance emphasized (remember regulatory framework)  King I (1994) & II (2002): Organisations should be good corporate citizens  Prevent loss, safeguard stakeholder interests  King III (2013)
  • 93. Institutional Governance 93  Definition of Institutional Governance:  Embodies process and systems by which public institutions are directed, controlled and held accountable  Describe systems/practices to manage information, resources and processes of public institution
  • 94. Institutional Governance 94  Elements of Institutional Governance:  Risk Management  Internal controls and internal control system  Performance management  Internal and external auditing  Reporting  Ethical conduct – Code of conduct  Accountability
  • 95. Institutional Governance 95  Principles of good institutional governance:  Discipline – ethical conduct  Transparency  Independence  Accountability  Responsibility  Fairness  Social responsibility
  • 96. Institutional Governance 96  Components of Institutional Governance:  Clear planning and direction  Appropriate and timely information  Sound resource management  Adequate controls
  • 97. Institutional Governance 97  Management’s Institutional Governance Responsibilities:  Effective evaluation of institution’s performance  Ensure that institution/staff act lawfully and comply with government policies  Managing institution’s risk exposure  Ensure that stakeholder rights are not infringed
  • 98. Institutional Governance 98  Test for weaknesses in Institutional Governance:  Checklist to be developed  Planning and direction  Appropriate and timely information  Sound resource management  Adequate controls
  • 99. Institutional Governance 99  Checklist:  Planning and direction  Planning context  Strategic and Operational planning  Decision-making  Institutional culture  Appropriate and timely information  Ministerial direction and Government policy  External and internal reporting  Client interaction
  • 100. Institutional Governance 100  Checklist:  Resource Management  Assets and liabilities  Human Resources  Information Resources (system)  Finances  Adequate controls  Internal controls  Risk management  Fraud prevention  Contract control
  • 101. Institutional Governance 101  Accountability process in Public Sector:  Political Accountability  Statutory Accountability  Managerial Accountability
  • 102. Practical Implications for Risk Management 102  Pressure to meet risk management standards of corporate sector  Responsibility to protects assets, utilise effectively  Implement risk based audit, risk management practise  Move from historic focus to forward looking focus  Skills/experience/resource shortage  Outsourcing of audit function is common  Cannot outsource risk management responsibility, can only seek help  Often cannot set up dedicated risk department – embedded in line function responsibilities  Internal audit capability to monitor and review risk management practise – risk based audit  Sheer range of challenges  How to prioritise and deploy limited resources? - Risk Assessment!  Cost/benefit realities facing internal audit and risk management
  • 103. Factors Governing the Risk Management Decision 103 Governance & Planning Business Plan Risk Philosophy Risk Management Policy Regulatory Environment Risk Profiling Exposures and Sensitivity Organisational Risk and Competitive Environment Market/Business Conditions Fundamental and Technical Context + Philosophy Context + Philosophy Context + Philosophy Identify Risks Identify Risks Measure Risks Measure Risks Desired Results Desired Results Develop Solutions Develop Solutions Develop Solutions Choose Strategy Choose Strategy Choose Strategy Execute Strategy Execute Strategy Monitor Evaluate Adjust Monitor Evaluate Adjust Monitor Evaluate Adjust • Risk Management Framework Risk Management Decision Manage/Mitigate/ Accept/Transfer
  • 104. Risk Management Best Practise 104  Drivers of successful risk management  Values and Culture should be aligned throughout the organisation  Organisational philosophy should be that everybody is a risk manager  Intellectual Capital a vital component  No substitute for technical knowledge, experience and knowledge of the business  Can be internally or externally sourced  Senior management and governing bodies must champion risk management  Open communication channels  Team effort – Working groups and committeesA silo mentality hides and multiplies risk !
  • 105. Risk Management Best Practise 105  Drivers of successful risk management (cont)  Use a common, simple language for risk across the organisation  Clear risk management function/responsibilities and coordination of overall risk management activities  Measuring and reporting on risk management performance  Formal documentation/frameworks  Policies and procedures, Processes, Tools, Templates, Reporting  Role of Internal Audit  Involvement of Internal Audit in risk governance structures/committees  Independent review of risk and risk management activities by Internal Audit  Training, mentoring, collaboration deserves a lot of attention
  • 106. Key Implementation Factors 106  Organizational design of business  Establishing an ERM organization  Determine a risk philosophy  Survey risk culture  Consider organizational integrity and ethical values  Decide roles and responsibilities  Performing risk assessments  Determining overall risk appetite  Identifying risk responses  Communication of risk results  Monitoring  Oversight & periodic review by management