Transforming risk to create strategic value Flevum Roundtable, May 2011  Why are some companies luckier than others? Frank...
Competing in the “new normal” Three focus areas: Value, cost and risk Increasing  market variation Pressure  on margins Gl...
Observations on risk management  Risk management survey results <ul><li>Fundamental need to enhance  the  GRC  functions o...
Observations on risk management  What we are seeing with our clients Companies are …  Risk management remains a concern Ga...
Balancing risk, cost and value Managing upside opportunity with the potential of downside threat Cost Risk Value Cost Risk...
There are significant opportunities to improve the current state risk management landscape
Realignment and refocused effort can reduce the risk spend, increasing value Board oversight Audit committee Compensation ...
Leading practices are emerging <ul><li>Changing attitudes : Risk is now everybody’s responsibility and plays a major role ...
Leading companies transform their risk landscape to achieve strategic advantage Strengthening risk governance Embedding ri...
Agenda/session overview Risk Transformation Workshop topics 1. Setting the stage 60 minutes <ul><li>Marketplace challenges...
Defining a practical path forward Conduct a visioning session
Upcoming SlideShare
Loading in …5
×

FRT - 110530 - BED - Why are some companies luckier than others - Frank Leenders

1,085 views

Published on

FRT - 110530 - BED - Why are some companies luckier than others - Frank Leenders

Published in: Business, Economy & Finance
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,085
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • There continues to be multiple reasons that risk management is top of mind. This slide highlights some common themes from various EY surveys on risk. It may be used to establish themes that are relevant to the client. The key point is that risk is taking on a higher profile in the public markets. Note: S&amp;P Proposed ERM Rating: The last bullet mentions S&amp;P’s proposed ERM evaluation in their debt rating scores. S&amp;P has a proposal out for comment and with an expected release date for the final framework of April 1, 2008, although timing of implementation would be spread over the remainder of 2008. If enacted, S&amp;P will provide a rating system similar to what they are doing with financial service entities. (Scores will be “weak, adequate, strong, excellent.”) The rating would evaluate four key areas: Analysis of risk-management culture and governance Analysis of risk controls including Policy, Infrastructure and Methods (PIM) Analysis of emerging risk preparation Analysis of strategic risk management S&amp;P has indicated that they will probably begin with industries that have been historically more heavily regulated – the intent is to lead with those industries that maintain, on average, more sophisticated approaches to ERM than others. The sequencing is expected to begin with Utilities, Oil and Gas, and Pharmaceuticals. Other industries would follow. Again, further evidence that risk is taking on a higher profile in the public markets. Sources: Ernst &amp; Young/Economist Intelligence Unit (2009). Business responses to the credit crisis [need to verify title on this one] Ernst &amp; Young (2008). Escalating the role of internal audit Ernst &amp; Young (2007 ). Strategic Business Risk 2008: The top 10 risks for business Ernst &amp; Young (2006) . Companies on Risk: The benefits of alignment Ernst &amp; Young (2005). Investors on Risk: The need for transparency
  • Book end – if this business case discussion embedded in another Risk Transformation presentation, it would start here, after the spaghetti chart
  • 1.) focus on priority areas: eliminate uncoordinated, overly complex or overlapping activities. Spend from low-value risk management activities, which may be routine and deliver comfort but are not business critical, needs to be redirected to other higher-risk priorities. 2.) Manage the performance of overall GRC capability: by adopting a holistic and cohesive risk transformation approach, companies can better align risk and strategic business processes. Governance - Risk governance strategy is driven by and better aligned to key strategic risks and business objectives. Effective risk management - Deeper and more robust risk insight is applied to enhance the design and effectiveness of the overall control environment. This optimizes risk and control mechanisms to enhance decision-making and, potentially, facilitate greater risk-taking. Integration - Rather than stand-alone functions, risk is managed on a business-wide footing to protect value and improve performance across the enterprise, delivering an appropriate ROI for the investment. Business performance - An effective and agile GRC capability contributes to the protection and enhancement of overall business performance.
  • There continues to be multiple reasons that risk management is top of mind. This slide highlights some common themes from various EY surveys on risk. It may be used to establish themes that are relevant to the client. The key point is that risk is taking on a higher profile in the public markets. Note: S&amp;P Proposed ERM Rating: The last bullet mentions S&amp;P’s proposed ERM evaluation in their debt rating scores. S&amp;P has a proposal out for comment and with an expected release date for the final framework of April 1, 2008, although timing of implementation would be spread over the remainder of 2008. If enacted, S&amp;P will provide a rating system similar to what they are doing with financial service entities. (Scores will be “weak, adequate, strong, excellent.”) The rating would evaluate four key areas: Analysis of risk-management culture and governance Analysis of risk controls including Policy, Infrastructure and Methods (PIM) Analysis of emerging risk preparation Analysis of strategic risk management S&amp;P has indicated that they will probably begin with industries that have been historically more heavily regulated – the intent is to lead with those industries that maintain, on average, more sophisticated approaches to ERM than others. The sequencing is expected to begin with Utilities, Oil and Gas, and Pharmaceuticals. Other industries would follow. Again, further evidence that risk is taking on a higher profile in the public markets. Sources: Ernst &amp; Young/Economist Intelligence Unit (2009). Business responses to the credit crisis [need to verify title on this one] Ernst &amp; Young (2008). Escalating the role of internal audit Ernst &amp; Young (2007 ). Strategic Business Risk 2008: The top 10 risks for business Ernst &amp; Young (2006) . Companies on Risk: The benefits of alignment Ernst &amp; Young (2005). Investors on Risk: The need for transparency
  • Strengthening risk governance Defining oversight and accountability for risk management at the Board and Executive levels Embedding risk management principles Incorporating enterprise risk assessment and monitoring into business planning and performance management Integrating multiple risk functions Increasing leverage across multiple risk functions to expand coverage, reduce cost and enhance value to the business Enhancing business level performance Enabling the organization to better manage risk with optimized processes and rationalized controls at the business unit level Footnotes Aon, Global Enterprise Risk Management Survey, 2010 Ernst &amp; Young, Investors on Risk: The need for transparency, 2005 Marsh, Excellence in Risk Management VI: Strategic Risk Management in Practice, 2009 Standard &amp; Poor’s, Standard &amp; Poor’s to Apply Enterprise Risk Analysis to Corporate Ratings, RatingsDirect, 2008; Progress Report: Integrating Enterprise Risk Management Analysis into Corporate Credit Ratings, RatingsDirect 2009
  • Speaker’s Notes: Review this self-diagnostic with the client to assess where the company is along the spectrum of basic to leading. The objective is to identify areas where the client may require assistance that will lead to a discussion on the next page about next steps. In addition to understanding where the client currently is, ask about where they want to be in an ideal future state. It may not be the client’s intent to be leading practice on all aspects of its risk and controls functions – they may simply want to become established or advanced in some areas of their risk and control functions. We would like the client to recognize the benefits of moving along this continuum can be reflected in risk, cost and value, and – ultimately – improved performance of the business. If the meeting has gone well, you may be able to initiate the self-diagnostic based upon the issues the client has already raised earlier in the discussion. As appropriate, we should take the opportunity with that C-suite executive to get permission to expand the dialogue with other owners of the risk and control areas.
  • It is possible to apply this template to exiting presentations. Have the latest presentation template open Click on the View tab and select Normal Delete all unwanted slides Click on the Insert tab from the menu bar and select Slides from Files Click on Browse . Navigate to the presentation you wish to update with the new template. Highlight the presentation and click Open Wait for the slides from the presentation to load and click on Insert All . Then click Close Check the inserted slides to ensure that the most appropriate master slide has been used on each slide To change the master applied to a slide select the slide you wish to apply a different master to then click on the Format tab from the menu bar and select Slide Design From the Used in This Presentation section choose the master you wish to apply to the slide and hover over it to reveal a drop-down arrow. Click on the arrow and select Apply to Selected Slides It is important to thoroughly check the presentation to ensure that no further formatting is needed.
  • It is possible to apply this template to exiting presentations. Have the latest presentation template open Click on the View tab and select Normal Delete all unwanted slides Click on the Insert tab from the menu bar and select Slides from Files Click on Browse . Navigate to the presentation you wish to update with the new template. Highlight the presentation and click Open Wait for the slides from the presentation to load and click on Insert All . Then click Close Check the inserted slides to ensure that the most appropriate master slide has been used on each slide To change the master applied to a slide select the slide you wish to apply a different master to then click on the Format tab from the menu bar and select Slide Design From the Used in This Presentation section choose the master you wish to apply to the slide and hover over it to reveal a drop-down arrow. Click on the arrow and select Apply to Selected Slides It is important to thoroughly check the presentation to ensure that no further formatting is needed.
  • It is possible to apply this template to exiting presentations. Have the latest presentation template open Click on the View tab and select Normal Delete all unwanted slides Click on the Insert tab from the menu bar and select Slides from Files Click on Browse . Navigate to the presentation you wish to update with the new template. Highlight the presentation and click Open Wait for the slides from the presentation to load and click on Insert All . Then click Close Check the inserted slides to ensure that the most appropriate master slide has been used on each slide To change the master applied to a slide select the slide you wish to apply a different master to then click on the Format tab from the menu bar and select Slide Design From the Used in This Presentation section choose the master you wish to apply to the slide and hover over it to reveal a drop-down arrow. Click on the arrow and select Apply to Selected Slides It is important to thoroughly check the presentation to ensure that no further formatting is needed.
  • It is possible to apply this template to exiting presentations. Have the latest presentation template open Click on the View tab and select Normal Delete all unwanted slides Click on the Insert tab from the menu bar and select Slides from Files Click on Browse . Navigate to the presentation you wish to update with the new template. Highlight the presentation and click Open Wait for the slides from the presentation to load and click on Insert All . Then click Close Check the inserted slides to ensure that the most appropriate master slide has been used on each slide To change the master applied to a slide select the slide you wish to apply a different master to then click on the Format tab from the menu bar and select Slide Design From the Used in This Presentation section choose the master you wish to apply to the slide and hover over it to reveal a drop-down arrow. Click on the arrow and select Apply to Selected Slides It is important to thoroughly check the presentation to ensure that no further formatting is needed.
  • FRT - 110530 - BED - Why are some companies luckier than others - Frank Leenders

    1. 1. Transforming risk to create strategic value Flevum Roundtable, May 2011 Why are some companies luckier than others? Frank Leenders Senior Manager Advisory Services Ernst & Young Advisory - Risk Services Solution Manager GRC BeNe
    2. 2. Competing in the “new normal” Three focus areas: Value, cost and risk Increasing market variation Pressure on margins Globalization and increasing competition Changing business models Enhancing transparency Improving investor confidence Managing stakeholder expectations Improving shareholder value Securing requisite capital Increasing regulatory pressure Greater market volatility Greater stakeholder scrutiny Increasing executive accountability Addressing the risks that matter Avoiding risk/ security breaches
    3. 3. Observations on risk management Risk management survey results <ul><li>Fundamental need to enhance the GRC functions of the company </li></ul><ul><li>Companies recognize increasing external pressure on their GRC functions and experience that shareholders as well as investors keep an eye on companies’ GRC efforts. </li></ul><ul><li>There is a difference between leadership and operational levels in evaluating the value for money of the GRC functions. </li></ul><ul><li>In the light of increasing GRC needs and necessary improvements, 41% of the companies plan GRC investments : </li></ul><ul><li>Assessing GRC function, revising risk management and intensifying the internal audit efforts are the top three GRC initiatives in the upcoming 12 to 18 months. </li></ul><ul><li>A clear view on the “what” and “why,” but a lot of uncertainty about the “how”: </li></ul><ul><ul><li>The main investment focus is on risk management because GRC seems to be synonymous with companies’ risk management function. </li></ul></ul><ul><ul><li>Almost three out of four companies believe that they already have a fully integrated GRC function , which might not be the case when just 5% of the companies say that they have their GRC implementation completed when asked for more details. </li></ul></ul><ul><ul><li>Finally, three out of four companies believe that their GRC needs are aligned between the corporate and business unit levels but there are concerns due to the different reporting lines of GRC functions. </li></ul></ul>
    4. 4. Observations on risk management What we are seeing with our clients Companies are … Risk management remains a concern Gaps — CEO’s and CFO’s indicate their risk oversight processes are immature and insufficient to deal with the rapid change in risks in the near future Scrutiny — Boards and executives face greater scrutiny for risk management oversight from regulators and external stakeholders Value — 82% of institutional investors are willing to pay a premium for companies that are transparent and can demonstrate effective risk management Silos — 73% of companies have seven or more separate risk functions operating independently Efficiency — 62% of companies believe they can get more risk coverage for less spend through better aligned and coordinated efforts Overspending on risk by at least 30% <ul><li>Hidden costs in risk spend </li></ul><ul><li>Inefficient activities </li></ul><ul><li>Overlap and redundancy </li></ul>Not focused on the risks that matter and create value <ul><li>Capital structure and strategic </li></ul><ul><li>New market entry and product development </li></ul><ul><li>Merger and acquisition </li></ul>Failing to anticipate and respond to unforeseen risks <ul><li>Risk not integrated with planning and performance management </li></ul><ul><li>Risk exposure in major initiatives and programs </li></ul><ul><li>Lack of alignment and communication at all levels of the enterprise </li></ul>
    5. 5. Balancing risk, cost and value Managing upside opportunity with the potential of downside threat Cost Risk Value Cost Risk Value Value <ul><li>What are the risks that matter most? </li></ul><ul><li>How do we know we are accepting the right level of risk? </li></ul><ul><li>How effective is our risk reporting for executive management and the Board? </li></ul><ul><li>How do we know if our risks are being properly managed? </li></ul><ul><li>How comprehensive is our existing risk framework? </li></ul><ul><li>What is internal audit doing to understand the risks that our company faces? </li></ul><ul><li>What are we spending to manage our key risks? </li></ul><ul><li>Where are there possible duplicative or overlapping risk functions? </li></ul><ul><li>Where can we further leverage automated controls versus manual controls? </li></ul><ul><li>Do we have the right mix of skills at the right cost? </li></ul><ul><li>How effective are we in using technology to manage risk? </li></ul><ul><li>How effective are we in using alternative sourcing strategies to reduce costs? </li></ul><ul><li>How effective are we at aligning the risks we take to our business strategies and objectives? </li></ul><ul><li>What is the return on our risk investment? </li></ul><ul><li>What process improvement ideas are we obtaining? </li></ul><ul><li>What risks are we taking to achieve competitive advantage? </li></ul><ul><li>Is risk management slowing me down or helping me go faster? </li></ul>Risk Cost
    6. 6. There are significant opportunities to improve the current state risk management landscape
    7. 7. Realignment and refocused effort can reduce the risk spend, increasing value Board oversight Audit committee Compensation committee Risk committees Other committee Executive management CEO CFO CRO General Counsel Compliance Information te ch nology Intern al audit Risk management Internal control Legal and regulatory External audit Aligned mandate and scope Coordinated infrastructure and people Consistent methods and practices Common information and technology Business unit Business unit Business unit Business unit Increased value, reduced costs and improved business performance Future State Governance Effective, responsive, accountable risk oversight Risk management and integrated capabilities Reduce or eliminate redundancy, overlap and duplication in the identification and assessment, analysis, control, measurement, monitoring, mitigation, testing and reporting of risk Business-level Performance Valued- Added, improved operational risk performance
    8. 8. Leading practices are emerging <ul><li>Changing attitudes : Risk is now everybody’s responsibility and plays a major role in decision-making across the organization </li></ul><ul><li>Comprehensive : Organizations are taking a more holistic risk view to better understand risk interdependencies and aggregate impacts </li></ul><ul><li>Proactive : Companies are becoming more forward-looking and predictive, incorporating stress-testing and scenario analysis </li></ul><ul><li>Risk tolerance : Leading organizations are defining risk tolerances and building a consistent organizational risk management culture </li></ul><ul><li>Transparency : Sharing of data, open decision-making and enhanced reporting to executive management has become increasingly important </li></ul><ul><li>Board communications : A majority of organizations indicate they are changing the frequency and substance of their Board-level risk discussions </li></ul><ul><li>Risk committees : Companies have added committees focused on enterprise risk and / or crisis management </li></ul><ul><li>Specialty Skills : Leading companies are enhancing their risk and control functions and leveraging specialty skills to address business risk on a comprehensive basis </li></ul><ul><li>Monitoring : Ongoing monitoring and the escalation of risk has become more robust with greater clarity or information and enhanced consistency across risk functions </li></ul><ul><li>Governance : Overall, leading organizations are driving “Risk Governance” from a holistic business perspective </li></ul>
    9. 9. Leading companies transform their risk landscape to achieve strategic advantage Strengthening risk governance Embedding risk management principles Integrating multiple risk functions Enhancing business level performance by... to achieve... Improved visibility, accountability and transparency to stakeholders Cost efficiencies and business performance Risk management that supports strategic objectives EY Risk Performance Model EY Risk Performance Model Governance
    10. 10. Agenda/session overview Risk Transformation Workshop topics 1. Setting the stage 60 minutes <ul><li>Marketplace challenges </li></ul><ul><li>Strategic risk management issues </li></ul><ul><li>Achieving strategic advantage </li></ul><ul><li><Company> strategies and initiatives </li></ul>2. Understanding your risk philosophy 45 minutes <ul><li>Exercise 1: Desired risk outcomes </li></ul><ul><li>Exercise 2: Continuum </li></ul><ul><li>Exercise 3: Risk vision statements </li></ul>3. Risk performance model discussions 180 minutes <ul><li>Overview/Prioritize four levels </li></ul><ul><li>Drill-down discussions </li></ul><ul><ul><li>Leading practices </li></ul></ul><ul><ul><li>Current state observations </li></ul></ul><ul><ul><li>Maturity assessment </li></ul></ul><ul><ul><li>Improvement opportunities </li></ul></ul>4. Prioritization, roadmap and next steps 45 minutes <ul><li>Validation/prioritization of proposed efforts </li></ul><ul><li>Business case development </li></ul><ul><li>Action plan/next steps </li></ul>
    11. 11. Defining a practical path forward Conduct a visioning session
    12. 12. Ernst & Young Assurance | Tax | Transactions | Advisory About Ernst & Young Ernst & Young is a global leader in assurance, tax, transaction and advisory services. Worldwide, our 141,000 people are united by our shared values and an unwavering commitment to quality. We make a difference by helping our people, our clients and our wider communities achieve their potential. Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit www.ey.com © 2011 EYGM Limited. All Rights Reserved. This publication contains information in summary form and is therefore intended for general guidance only. It is not intended to be a substitute for detailed research or the exercise of professional judgment. Neither EYGM Limited nor any other member of the global Ernst & Young organization can accept any responsibility for loss occasioned to any person acting or refraining from action as a result of any material in this publication. On any specific matter, reference should be made to the appropriate advisor.
    13. 13. <ul><li>Appendix – Risk Transformation Performance model </li></ul>
    14. 14. The EY Risk Management Performance Model Business Level Performance Coordinated Risk Functions Integrated Risk Management Risk Governance Board and Management Committees Organizational Structure and Accountabilities Compliance and Business Practices Risk Reporting and Communications Risk Identification and Assessment Risk Monitoring and Mitigation Risk Tolerance and Analysis Risk Based Performance Management Self Assessment and Mitigation Process and Control Optimization Metrics and Measures Programs and Major Initiatives Integrating the identification, assessment, and analysis of risks across the breadth of the enterprise Defining the oversight roles and responsibilities for risk management to drive accountability across the enterprise Embedding consistent risk and compliance activities within existing processes that are performed within the ongoing rhythm of the business Coordinating the people, processes and technology necessary to sustain an effective, efficient and risk and compliance management program Scope and Coverage Infrastructure and People Methods and Practices Information and Technology
    15. 15. <ul><li>Risk Governance </li></ul>
    16. 16. Risk Governance - Overview <ul><li>Board and management committees </li></ul><ul><li>How are Board and Management committees structured to provide required oversight and management of risk? </li></ul><ul><li>What is the current degree of sponsorship or support of risk management objectives? </li></ul><ul><li>Are there defined accountabilities for risk within Board and Board Committee charters? </li></ul><ul><li>How does the executive team define their oversight role ? </li></ul><ul><li>In what forum or committee is risk routine discussed and evaluated? </li></ul><ul><li>Organizational Structure and Accountabilities </li></ul><ul><li>How are the risk, control and compliance functions organized currently? </li></ul><ul><li>How does the overall organizational structure support ownership and accountability for risk and compliance? </li></ul><ul><li>Compliance and Business Practices </li></ul><ul><li>How effective is the Company in maintaining compliance and enforcing its standards related to prudent business practices? </li></ul><ul><li>How effectively do policies and procedures support the Company? </li></ul><ul><li>How are controls embedded within procedures so that risk management and compliance objectives are achieved? </li></ul><ul><li>Risk Reporting and Communications </li></ul><ul><li>How does the Company report risk information to the Executive team and the Board? </li></ul><ul><li>What are the defined protocols for reporting risk information on a routine and exception basis. </li></ul><ul><li>What disclosures are made to the Board and to external stakeholders in terms of transparency of risk information? </li></ul>Risk governance Board and Management Committees Organizational Structure and Accountabilities Compliance and Business Practices Risk Reporting and Communication
    17. 17. Risk Governance – Performance Evaluation
    18. 18. <ul><li>Integrated Risk Management </li></ul>
    19. 19. Integrated Risk Management - Overview <ul><li>Risk Identification and Assessment </li></ul><ul><li>At what level is risk identification and assessment conducted? For example, lines of business or enterprise level? </li></ul><ul><li>How are outcomes of assessments integrated into strategic, business and financial planning processes? </li></ul><ul><li>What is the level of interaction across risk functions? </li></ul><ul><li>Risk Response and Monitoring </li></ul><ul><li>How does the Company maintain a strategic, proactive focus on risk across the enterprise? </li></ul><ul><li>Risk tolerance and Scenario Analysis </li></ul><ul><li>How has the Company defined the acceptable level or risk tolerance for each key area of risk? </li></ul><ul><li>How does the Company test the adequacy of its risk management practices? </li></ul><ul><li>Risk Based Performance Management </li></ul><ul><ul><li>How does the Company integrate considerations of risk and the effective management of risk and compliance into the evaluation of business and personal performance measures? </li></ul></ul>Risk Identification and Assessment Risk Response and Monitoring Risk Tolerance and Scenario Analysis Risk Based Performance Management Integrated risk management
    20. 20. Integrated Risk Management – Performance Evaluation
    21. 21. <ul><li>Coordinated Risk Functions </li></ul>
    22. 22. Coordinated Risk Functions - Overview <ul><li>Mandate and Scope </li></ul><ul><li>To what extent are management and key risk functions aligned to the business objectives of the organization? </li></ul><ul><li>What is the overall degree of risk coverage and how efficient are risk management activities? </li></ul><ul><li>Infrastructure and People </li></ul><ul><li>Does the organization have sufficient competencies, skills, experience, and training programs to support a risk management culture? </li></ul><ul><li>How does the Company identify and maintain sufficient competencies, skills, experience, and training programs to support a risk management culture? </li></ul><ul><li>How does the Company maintain consistency in the application and execution of assigned responsibilities for risk and control activities? </li></ul><ul><li>Methods and Practices </li></ul><ul><li>How do risk management and compliance functions provide validation and assurance across all key risk areas in the business? </li></ul><ul><li>How are the risks effectively monitored and tracked? </li></ul><ul><li>Information and Technology </li></ul><ul><li>To what extent is technology leveraged to support effective risk management objectives? </li></ul>Mandate and Scope Infrastructure and People Methods and Practices Information and Technology Coordinated risk functions
    23. 23. Coordinated Risk Functions – Performance Evaluation
    24. 24. <ul><li>Business Level Performance </li></ul>
    25. 25. Business Level Performance - Overview <ul><li>Self Assessment and Mitigation </li></ul><ul><li>How effective is self assessment and action planning at the business level? </li></ul><ul><li>How actions are taken after self assessment activities are completed and how these support business and risk management objectives? </li></ul><ul><li>Process and Control Optimization </li></ul><ul><li>How effective are controls in managing risk? </li></ul><ul><li>How are legal and regulatory obligations managed to facilitate compliance at the process level across the Company? </li></ul><ul><li>Metrics and Measures </li></ul><ul><li>How well do these metrics provide relevant and valuable information about the performance of risk management activities? </li></ul><ul><li>How effective or appropriate are rating scales i.e. representation of business risks? </li></ul><ul><li>How useful are reports including timing, frequency, level of detail, and applicability to business? </li></ul><ul><li>What is your experience with customer satisfaction/performance guarantees? </li></ul><ul><li>Have you had to make significant modifications to your goals/metrics due to unanticipated events? </li></ul><ul><li>Programs and Major Initiatives </li></ul><ul><li>To what extent is risk managed relative to major programs and initiatives? </li></ul>Business level performance Self Assessment and Mitigation Process and Control Optimization Metrics and Measures Programs and Major Initiatives
    26. 26. Business Level Performance – Performance Evaluation
    27. 27. Defining a practical path forward Execute plan for long-term sustainability

    ×