ERM_Presentation_SuretyCredit_111413

488 views

Published on

Direct Surety’s roots are in the construction industry. Through the use of technology, Direct Surety underwriters show contractors exactly how their bonding limits are determined. Working with a proprietary risk analysis system and Enterprise Risk Management (ERM) methodology, Direct Surety determines operational strengths and weaknesses, and then suggests strategic improvement options to help contractors raise profitability, earn more credit and obtain better pricing.

Direct Surety is the only company that enables contractors to:

• Go direct to the decision maker to establish surety credit
• See exactly how credit limits are determined
• Obtain a clear plan to improve credit limits and lower price
• Work under a signed non-disclosure agreement
• Establish a backup line of surety credit
• Switch from a broker when ready

Direct Surety – Surety bonds for the Digital Age. Push your limits.

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
488
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
15
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

ERM_Presentation_SuretyCredit_111413

  1. 1. 2013 WWW.DIRECTSURETY.COM CONSTRUCTION ENTERPRISE RISK MANAGEMENT
  2. 2. 01. DEFINITIONS In business terms . . . R I S K WWW.DIRECTSURETY.COM A Risk Factor is something that can cause harm. It is a poor business condition or practice that can negatively impact a company.
  3. 3. CHARACTERISTICS OF RISK FACTORS Vary by industry and importance . . . FOOD WWW.DIRECTSURETY.COM CONSTRUCTION
  4. 4. CHARACTERISTICS OF RISK FACTORS Applicable by type of contractor . . . WWW.DIRECTSURETY.COM
  5. 5. 02. DEFINITIONS Again, in business terms . . . R I S K WWW.DIRECTSURETY.COM Risk is the likelihood of harm. The likelihood that profitability and shareholder value will be negatively impacted.
  6. 6. ENTERPRISE RISK MANAGEMENT (ERM) WHAT IS IT? ERM is a business management process . . . WWW.DIRECTSURETY.COM
  7. 7. ENTERPRISE RISK MANAGEMENT (ERM) 01. ERM Is not a project, but a process that develops within an organization, driven and supported by senior management 02. ERM Becomes part of the operational culture of the organization with process owners and drivers 03. ERM Is not an off-the-shelf product that works for everyone WWW.DIRECTSURETY.COM ERM begins with the development of a risk strategy that is linked to and supportive of the overall business imperatives of the corporation.
  8. 8. ERM SPEAK TO THE TECHNICIAN • A holistic risk management process • An integrated risk management process TO THE LAYMAN • A way of managing my business WWW.DIRECTSURETY.COM
  9. 9. ERM: WHAT KIND OF RISK IS ADDRESSED? Quantitative Risk Data Actuarial Analysis + = Risk Profile The Complete Qualitative Risk Data Observational Analysis RISK ASSOCIATED WITH CONDITIONS AND PRACTICES WWW.DIRECTSURETY.COM
  10. 10. ERM WHAT’S ITS PURPOSE? WWW.DIRECTSURETY.COM
  11. 11. To raise profitability by controlling business risk. WWW.DIRECTSURETY.COM
  12. 12. ENTERPRISE RISK MANAGEMENT (ERM) How is profitability maximized? BY BY WWW.DIRECTSURETY.COM Removing business conditions and practices that negatively impact profitability Installing business conditions and practices that positively impact profitability
  13. 13. HISTORY OF ERM DEVELOPMENT 1960s 1970s Hazard Risk Management Hazard Risk and Financial Risk Management WWW.DIRECTSURETY.COM 1980s Hazard Risk Management, Financial Risk Management, Operational Risk Management 1990s - Present Management of Hazard Risk, Financial Risk, Operational Risk, Strategic Risk
  14. 14. TRADITIONAL RISK MANAGEMENT 1 WWW.DIRECTSURETY.COM
  15. 15. ENTERPRISE RISK MANAGEMENT (ERM) 4 WWW.DIRECTSURETY.COM
  16. 16. RISK MANAGEMENT THINKING HAS EVOLVED • • • • Analysis in silos • Inspect, detect, react • Correlation among risks not understood • Continuous, systematic process with integration Risks not owned • OLD THINKING Limited to certain areas Risk culture created throughout the enterprise No strategy • Risk strategy linked to business strategy Responsibilities clearly defined • Anticipate, manage, optimize, monitor • Quantified, aggregated, studied for interrelationships • WWW.DIRECTSURETY.COM • Risk is a key consideration for financial decision making NEW THINKING
  17. 17. INDUSTRIES THAT HAVE ADOPTED ERM Newcomers: Construction & Mining 65% of Public Firms Financial Services Energy Sector Health Care Source: Excellence in Risk Management VI, Marsh | RIMS WWW.DIRECTSURETY.COM Transportation Education
  18. 18. ERM IMPLEMENTATION DRIVERS Public Companies 01 COMPLIANCE 02 TRANSPARENCY 04 TECHNOLOGY Public and Private Companies 03 COMPETITION WWW.DIRECTSURETY.COM
  19. 19. SUPPORTING ORGANIZATIONS OF THE ERM FRAMEWORK COSO: PRMIA: Committee of Sponsoring Organizations Professional Risk Manager’s International Association IRMI: International Risk Management Institute CAS: Casualty Actuarial Society ERM-II: WWW.DIRECTSURETY.COM Enterprise Risk Management International Institute
  20. 20. BENEFITS OF CONTROLLING STRATEGIC RISKS ENSURES SOUND DECISION MAKING How: By adjusting managerial business approach and policies WWW.DIRECTSURETY.COM
  21. 21. BENEFITS OF CONTROLLING OPERATIONAL RISKS IMPROVES OPERATIONAL EFFICIENCIES How: By installing more cost effective and accurate internal systems WWW.DIRECTSURETY.COM
  22. 22. BENEFITS OF CONTROLLING FINANCIAL RISKS MAINTAINS AVAILABILITY OF CREDIT & MANAGES COST OF FUNDS How: By improving outside relationships and considering all “what if” scenarios WWW.DIRECTSURETY.COM
  23. 23. BENEFITS OF CONTROLLING HAZARD RISKS REDUCES THE CONSEQUENCES OF UNCONTROLLABLE LOSSES How: By increasing safety and obtaining adequate coverage for potential losses WWW.DIRECTSURETY.COM
  24. 24. THE ERM PROCESS 01. RISK FACTOR IDENTIFICATION 02. RISK ANALYSIS Analyze presence of risk Identify all potential risk exposures 03. RISK RESPONSE 05. RISK MONITORING Observe the completed implementation and report the results 04. RISK CONTROL Implement a solution to reduce or transfer the risk WWW.DIRECTSURETY.COM Develop an action plan, plus determine what risks to control and assign responsible individuals
  25. 25. THE ERM PROCESS 01. RISK FACTOR IDENTIFICATION 02. RISK ANALYSIS Analyze presence of risk Identify all potential risk exposures 03. RISK RESPONSE 05. RISK MONITORING Observe the completed implementation and report the results 04. RISK CONTROL Implement a solution to reduce or transfer the risk WWW.DIRECTSURETY.COM Develop an action plan, plus determine what risks to control and assign responsible individuals
  26. 26. IDENTIFYING RISK FACTORS 01 UNCONTROLLED RISK 02 UNDER PERFORMANCE 04 MAXIMUM PERFORMANCE VS. 03 CONTROLLED RISK WWW.DIRECTSURETY.COM
  27. 27. CATEGORIZING RISKS MAKES IT SIMPLE Business Approach Credit Status Bid Process Sales Methodology WWW.DIRECTSURETY.COM Information Transfer Construction Management Accounting Procedures Insurance Coverage Safety Practices
  28. 28. WWW.DIRECTSURETY.COM
  29. 29. THE ERM PROCESS 02. RISK ANALYSIS Analyze presence of risk: 01. RISK FACTOR IDENTIFICATION • • • • Identify all potential risk exposures Assess the level of risk Quantify the results Report the findings Recommend action 03. RISK RESPONSE 05. RISK MONITORING Observe the completed implementation and report the results WWW.DIRECTSURETY.COM 04. RISK CONTROL Implement a solution to reduce or transfer the risk Develop an action plan, plus determine what risks to control and assign responsible individuals
  30. 30. RISK ANALYSIS IS THE KEY PURPOSE: ANALYZE PRESENCE OF RISK HOW: 1) Assess the level of risk 2) Quantify the results 3) Report the findings 4) Recommend action WWW.DIRECTSURETY.COM
  31. 31. RISK ASSESSOR IS THE KEY HOLDER PURPOSE: ANALYZE PRESENCE OF RISK HOW: 1) Assess the level of risk 2) Quantify the results 3) Report the findings 4) Recommend action WWW.DIRECTSURETY.COM
  32. 32. KEYHOLDER’S RESPONSIBILITY PURPOSE: ASSESS THE PROBABILITY OF HARM HOW: 1) Develop an understanding of the in-place Risk Controls associated with a specific Risk Factor 2) Determine the likelihood (probability) that the status of the existing risk controls will cause harm WWW.DIRECTSURETY.COM
  33. 33. MAKING THE RISK ASSESSMENT + Choices: Option A – Use Best Judgment Invites subjectivity and threatens accuracy WWW.DIRECTSURETY.COM
  34. 34. MAKING THE RISK ASSESSMENT + Choices: Option B – Use a Measurement Guide Removes subjectivity and promotes accuracy WWW.DIRECTSURETY.COM
  35. 35. WHAT SCALE SHOULD BE USED? 1) MANY LEVELS • Lower probability of a match 2) A FEW LEVELS • Higher probability of a match WWW.DIRECTSURETY.COM
  36. 36. DETERMINING CONTROLS PRESENT ASK QUESTIONS WWW.DIRECTSURETY.COM LOOK AT EVIDENCE VERIFY FUNCTIONALITY
  37. 37. HOW IS A GOOD ASSESSMENT PERFORMED? Simple 01. Meet the Right People WWW.DIRECTSURETY.COM 02. Ask the Right Questions 03. Collect Pertinent Evidence
  38. 38. TYPES OF ASSESSMENT 1) IN-HOUSE PERSONNEL 2) OUTSIDE INDEPENDENT WWW.DIRECTSURETY.COM
  39. 39. RISK ANALYSIS IS THE KEY PURPOSE: ANALYZE PRESENCE OF RISK HOW: 1) Assess the level of risk 2) Quantify the results 3) Report the findings 4) Recommend action WWW.DIRECTSURETY.COM
  40. 40. QUANTIFYING THE RESULTS Severity of Impact x Likelihood of Harm (Consequence x Risk) = Risk Score A Measure of Risk Exposure WWW.DIRECTSURETY.COM
  41. 41. RISK ANALYSIS IS THE KEY PURPOSE: ANALYZE PRESENCE OF RISK HOW: 1) Assess the level of risk 2) Quantify the results 3) Report the findings 4) Recommend action WWW.DIRECTSURETY.COM
  42. 42. REPORTING THE FINDINGS Typical Report Contents: Overview of Risk Analysis Performed Summary of Risk Factors Reviewed Explanation of Risk Assessment Technique Results of the Risk Assessment • Risk Map • Scoring Summary High Risk Categories, Conditions & Practices WWW.DIRECTSURETY.COM
  43. 43. RISK ANALYSIS IS THE KEY PURPOSE: ANALYZE PRESENCE OF RISK HOW: 1) Assess the level of risk 2) Quantify the results 3) Report the findings 4) Recommend action WWW.DIRECTSURETY.COM
  44. 44. RECOMMEND CONTROLS CONTROLS NECESSARY TO MITIGATE RISK Practices: • Change or install policies • Implement new procedures • Improve existing procedures Conditions: • Change the environment • Revise decision making WWW.DIRECTSURETY.COM
  45. 45. THE ERM PROCESS 01. RISK FACTOR IDENTIFICATION 02. RISK ANALYSIS Analyze presence of risk Identify all potential risk exposures 03. RISK RESPONSE Develop an action plan: determine what risks to control and assign responsible individuals 05. RISK MONITORING Observe the completed implementation and report the results 04. RISK CONTROL Implement a solution to reduce or transfer the risk WWW.DIRECTSURETY.COM
  46. 46. RISK PRIORITIZATION MAP High Severity Control Now Control Soon Control Low High Likelihood WWW.DIRECTSURETY.COM
  47. 47. RESPONDING TO RISK – OPTIONS Possible responses to risk Options available: • Accept = monitor • Avoid = eliminate (get out of the situation) • Reduce = institute controls • Transfer = move risk elsewhere (e.g., insurance) WWW.DIRECTSURETY.COM
  48. 48. RESPONDING TO RISK PRIORITIES KEY QUESTIONS 1) What risks will the organization not accept? (e.g., fraud, errors, quality comprises) 2) What risks will the organization take on as new initiatives? (e.g., new types of work, geographies or difficulties) 3) What risks will the organization accept for competing objectives? (e.g., light on working capital, exhausted resources) WWW.DIRECTSURETY.COM
  49. 49. RESPONDING TO RISK – APPETITE Risk appetite: The amount of risk – on a broad level – an entity is willing to accept in pursuit of value. Projected Earnings at Risk versus Financial Gains to be Realized WWW.DIRECTSURETY.COM
  50. 50. RESPONDING TO RISK – EVALUATE OPTIONS Evaluate options in relation to risk appetite. 1. Consider the degree to which a response will reduce likelihood of harm 2. Examine cost versus benefit of potential risk responses 3. Select response based on evaluation 4. Fully understand residual risk (unmitigated risk) WWW.DIRECTSURETY.COM
  51. 51. THE ERM PROCESS 01. RISK FACTOR IDENTIFICATION 02. RISK ANALYSIS Analyze presence of risk Identify all potential risk exposures 03. RISK RESPONSE 05. RISK MONITORING Observe the completed implementation and report the results 04. RISK CONTROL Implement a solution to reduce or transfer the risk WWW.DIRECTSURETY.COM Develop an action plan, plus determine what risks to control and assign responsible individuals
  52. 52. Implementing Risk Controls Implementation is driven by ERM policies and procedures that help ensure that the risk responses are carried out Occurs throughout the organization Occurs at all levels in all functions Typically assignable to risk owners, not risk managers WWW.DIRECTSURETY.COM
  53. 53. STEPS TO SUCCESSFUL IMPLEMENTATION • • • • • • WWW.DIRECTSURETY.COM Identify objectives Assign responsibilities Set deadlines Track progress Complete installation Test the control
  54. 54. THE ERM PROCESS 01. RISK FACTOR IDENTIFICATION 02. RISK ANALYSIS Analyze presence of risk Identify all potential risk exposures 03. RISK RESPONSE 05. RISK MONITORING Observe the completed implementation and report the results 04. RISK CONTROL Implement a solution to reduce or transfer the risk WWW.DIRECTSURETY.COM Develop an action plan, plus determine what risks to control and assign responsible individuals
  55. 55. TRACKING AND VERIFYING CONTROLS TRACKING TO BE DONE: • Track the performance of new or improved controls VERIFICATIONS TO OBTAIN: • Verify that the controls remain intact and functional WWW.DIRECTSURETY.COM
  56. 56. ERM FINAL RESULT WWW.DIRECTSURETY.COM
  57. 57. ERM IMPROVEMENT CYCLE WWW.DIRECTSURETY.COM
  58. 58. IMPLEMENTATION – NO FREE LUNCH TIME WWW.DIRECTSURETY.COM RESOURCES COMMITMENT
  59. 59. IMPLEMENTATION – ROI A simple calculation Cost of Labor for Running ERM vs Savings from Avoidance, Transfer, or Mitigation of Risk WWW.DIRECTSURETY.COM
  60. 60. ERM IMPLEMENTATION – HOW TO A path to success . . . 1) Embrace risk awareness 2) Assign a risk management leader 3) Install a risk-minded culture 4) Grow to understand your own risk exposures 5) Begin the search for risk factors 6) Learn how to effectively assess risk 7) Perform a complete risk analysis 8) Establish a routine risk assessment schedule 9) Set ERM in motion WWW.DIRECTSURETY.COM
  61. 61. ERM THANK YOU FOR YOUR TIME WWW.DIRECTSURETY.COM

×