Presentation to the 2013 SAP Inside Track and ASUG Ontario meetings June 19, 2013. Overview of five elements for enterprise risk management (ERM) using SAP RM10 as well as case study and best practices for audit management and supply chain risk management.
Often, the best way to help your child grow up is to kick him/her out of the house. However, there’s always that anxiety – will they thrive, get hurt, fail? Many internal audit and/or risk functions became volunteer parents of their organization’s ERM programs, bringing enthusiasm and commitment to the role. However, ERM (and ESRM) works best when it’s owned and embedded into the fabric of the business. Unfortunately, most ERM programs fail within three years or less after leaving the nest. Why? Explore common challenges and proven strategies for coaxing ERM safely and successfully from the nest.
Presentation by: Brian Link, CIA, VP – GRC Strategy & Partnerships, Resolver Inc.
An integrated end-to-end solution that enables incident management capabilities to record, manage, investigate, and analyze incidents. The solution helps to reduce costs, improve operational efficiency, maintain compliance, and support a proactive and preventive health, safety, and environmental culture.
This document discusses operational risk and key risk indicators (KRIs). It defines operational risk and provides examples of operational risk losses from past incidents. It explains that KRIs are metrics that provide information on an organization's current exposure level to a given operational risk. The document outlines the process for identifying KRIs, which involves risk and control self-assessments to identify inherent risks, controls, and residual risks and prioritize them. It also discusses setting thresholds for KRIs, collecting and reporting KRI data, and the roles involved in managing the KRI process. Examples of potential KRIs are provided for credit risk, financial markets activities, and other operational risks.
The Risk Paradox: Showcasing the Success of SecurityResolver Inc.
The Risk Paradox centers around the idea that, as the number of mitigated incidents increases, so does the perception that the Security department requires less budget and fewer resources due to the decreased impact of incidents on the organization. Marc DiGiorgio will delve into the concept of the Risk Paradox, while will showcase ways to track and report on your team’s success to help those outside of your department clearly see the true value of your efforts.
Presentation by:
Marc DiGiorgio, Chief Revenue Officer, Resolver Inc.
Mary Shiffer, Senior Customer Success Engineer, Resolver Inc.
Up to 5% of an organization’s assets disappear each year due to fraudulent activity. Using retail loss prevention as a case study, this presentation leads you through a discussion about the best practices protecting an organization’s assets.
Presentation by: Jamie Burr, Application Manager, Resolver Inc.
The document discusses leveraging enterprise risk management (ERM) and the Own Risk and Solvency Assessment (ORSA) process for strategic value. It notes that ERM can help reduce uncertainty, understand opportunities, and support integrated strategy and risk discipline. The maturity of an organization's ERM capabilities is presented as a journey, with more mature organizations better integrating ERM into strategic decision making. The ultimate value of ERM is linking it to capital planning, decision support, and transparency through the ORSA process.
M_o_R is a framework for managing risks. It involves identifying risks, assessing them, planning risk responses, and implementing those responses. The document discusses mapping M_o_R processes to various ITIL processes, including service strategy, service portfolio management, service transition, and service design. It provides examples of risks associated with specific ITIL processes and how M_o_R could be applied, such as identifying and assessing risks during service evaluation in service transition. The challenges of measuring risk and structuring risk management across an organization are also outlined.
Time Inc., the publisher of iconic magazines and related web platforms such as Time, Fortune, People, Sports Illustrated, and many others, spun out of Time Warner Inc. in 2014 to become a stand-alone publicly traded company. As part of that spin, Time Inc. established its own Internal Audit and Enterprise Risk Management (ERM) functions. This presentation covers first-hand information on the efforts, challenges, successes and pitfalls of Time Inc.’s ERM journey. You will take away valuable information including tools and templates that you can put to use in your own organization.
Presentation by: Russ Charlton, SVP – Internal Audit and Enterprise Risk Management, Time Inc.
Often, the best way to help your child grow up is to kick him/her out of the house. However, there’s always that anxiety – will they thrive, get hurt, fail? Many internal audit and/or risk functions became volunteer parents of their organization’s ERM programs, bringing enthusiasm and commitment to the role. However, ERM (and ESRM) works best when it’s owned and embedded into the fabric of the business. Unfortunately, most ERM programs fail within three years or less after leaving the nest. Why? Explore common challenges and proven strategies for coaxing ERM safely and successfully from the nest.
Presentation by: Brian Link, CIA, VP – GRC Strategy & Partnerships, Resolver Inc.
An integrated end-to-end solution that enables incident management capabilities to record, manage, investigate, and analyze incidents. The solution helps to reduce costs, improve operational efficiency, maintain compliance, and support a proactive and preventive health, safety, and environmental culture.
This document discusses operational risk and key risk indicators (KRIs). It defines operational risk and provides examples of operational risk losses from past incidents. It explains that KRIs are metrics that provide information on an organization's current exposure level to a given operational risk. The document outlines the process for identifying KRIs, which involves risk and control self-assessments to identify inherent risks, controls, and residual risks and prioritize them. It also discusses setting thresholds for KRIs, collecting and reporting KRI data, and the roles involved in managing the KRI process. Examples of potential KRIs are provided for credit risk, financial markets activities, and other operational risks.
The Risk Paradox: Showcasing the Success of SecurityResolver Inc.
The Risk Paradox centers around the idea that, as the number of mitigated incidents increases, so does the perception that the Security department requires less budget and fewer resources due to the decreased impact of incidents on the organization. Marc DiGiorgio will delve into the concept of the Risk Paradox, while will showcase ways to track and report on your team’s success to help those outside of your department clearly see the true value of your efforts.
Presentation by:
Marc DiGiorgio, Chief Revenue Officer, Resolver Inc.
Mary Shiffer, Senior Customer Success Engineer, Resolver Inc.
Up to 5% of an organization’s assets disappear each year due to fraudulent activity. Using retail loss prevention as a case study, this presentation leads you through a discussion about the best practices protecting an organization’s assets.
Presentation by: Jamie Burr, Application Manager, Resolver Inc.
The document discusses leveraging enterprise risk management (ERM) and the Own Risk and Solvency Assessment (ORSA) process for strategic value. It notes that ERM can help reduce uncertainty, understand opportunities, and support integrated strategy and risk discipline. The maturity of an organization's ERM capabilities is presented as a journey, with more mature organizations better integrating ERM into strategic decision making. The ultimate value of ERM is linking it to capital planning, decision support, and transparency through the ORSA process.
M_o_R is a framework for managing risks. It involves identifying risks, assessing them, planning risk responses, and implementing those responses. The document discusses mapping M_o_R processes to various ITIL processes, including service strategy, service portfolio management, service transition, and service design. It provides examples of risks associated with specific ITIL processes and how M_o_R could be applied, such as identifying and assessing risks during service evaluation in service transition. The challenges of measuring risk and structuring risk management across an organization are also outlined.
Time Inc., the publisher of iconic magazines and related web platforms such as Time, Fortune, People, Sports Illustrated, and many others, spun out of Time Warner Inc. in 2014 to become a stand-alone publicly traded company. As part of that spin, Time Inc. established its own Internal Audit and Enterprise Risk Management (ERM) functions. This presentation covers first-hand information on the efforts, challenges, successes and pitfalls of Time Inc.’s ERM journey. You will take away valuable information including tools and templates that you can put to use in your own organization.
Presentation by: Russ Charlton, SVP – Internal Audit and Enterprise Risk Management, Time Inc.
Iftikhar Ahmed has over 20 years of experience in business analysis, financial analysis, project management, and database design. He is a certified Project Management Professional with a background in business intelligence systems, financial systems analysis, and database technologies like SQL, Oracle, and IBM Cognos. Currently he works as a Senior Business Intelligence Analyst at Robert Half, where he leads teams in requirements gathering, system impact analysis, and project management.
The Path Forward: Getting started with Analytics QuotientJulie Severance
The document discusses strategies for achieving success with business analytics. It introduces the concept of an Analytics Quotient (AQ) which measures an organization's analytics maturity. It describes the four stages of AQ maturity - Novice, Builder, Leader, and Master. Higher AQ organizations are found to outperform others. The document recommends measuring an organization's current AQ, addressing key strategy perspectives like people, process, and technology, and implementing an Analytics Center of Excellence to organize strategies and raise the AQ to the next stage of maturity.
How to optimize IT for future business needsAxios Systems
To view this complimentary webcast in full, visit: http://forms.axiossystems.com/LP=281
Sharon Taylor, the Chief Architect of ITIL® V3 discusses how strategically focused IT service management can be used to drive value for the business. The focus is changing from IT powering the business to IT driving the business forward.
This video focuses on how IT and the business can move together as one. You will learn how ITSM can address the delivery of value-driven services through operational efficiency, service optimization and transformation with market time agility.
This document provides a summary of David G. Burna's professional experience and qualifications. He has over 10 years of experience in data analytics, risk management, and compliance roles within financial services organizations. Currently he is the Director of Risk Analytics at Fiserv, where he oversees machine learning risk models and client relationships to improve fraud prevention performance. Prior experience includes data quality and analytics leadership roles at Wells Fargo, Bank of the West, and BMO Harris, where he developed risk models, led analytics teams, and implemented strategic initiatives.
This document is a resume for David G. Burna. It summarizes his experience in data analytics, risk management, and compliance roles in the financial services industry. Over 15 years, he has implemented database, risk modeling, fraud prevention, and strategic initiatives at companies including Fiserv, Wells Fargo, Bank of the West, BMO Harris, and HSBC. He is seeking a role using big data to improve organizational effectiveness and performance.
ITIL foundations - Complete introduction to ITIL phases, lifecycle and processesRichard Grieman
ITIL V3 Foundations introduction for certification study, classroom and training. Includes terms, objectives, functions and resource requirements for all five ITIL phases: Service Strategy, Service Design, Service Transition, Service Operation and Continuous Service Improvement. Study guide for ITIL training and certification
The document provides an overview of the Stratex framework and how to use it to maintain compliance, manage risk, and execute strategy. It describes key concepts such as using the framework to align operational activities to strategic objectives through item alignment matrices. It also explains how to define and add different item types like entities, drivers, objectives, processes, and systems to the framework using cascading relationships. The document is intended to help users understand and properly maintain the Stratex framework.
Gain business insight with Continuous Controls MonitoringEmma Kelly
Audit, Risk and Compliance managers have both an obligation and an opportunity to help their companies manage the most critical risks the current environment has either created or magnified. Now more than ever, organizations need to transform internal controls testing process from a manual collection of evidence to fine-grained monitoring controls that track user access to sensitive functions / data, system configurations, master data and transactions in
business-critical systems.
Continuously monitoring your business in real-time with actionable insight visible on drill-down, modern, dynamic dashboards allows for completeness and accuracy as well as time-efficient, cost-effective risk management decisions.
In this session, you will learn how Continuous Monitoring together with effective controls can prevent business losses and reduce the cost of audits. We will share best practices and provide case studies of clients that have automated monitoring controls in business-critical applications such as Oracle E-Business Suite and Oracle Cloud ERP to prevent risks in significant business processes such as Procure-to-Pay, Order-to-Cash, Hire-to-Retire, and Financial Record-to-Report.
Join Oracle GRC pioneers Appssurance Founder and CEO Brian O’Neil and SafePaaS CEO Adil Khan.
The document discusses implementing an enterprise risk management (ERM) methodology and tools. It proposes assessing business risks, developing risk response strategies, and monitoring risk management processes. Key activities include identifying risks, measuring impact and likelihood, developing risk action plans, and monitoring risk responses. The goal is to gain consensus on an ERM approach that aligns enterprise and IT risks with the organization's strategy and risk appetite.
This document contains a resume for Kumar Swaminathan, who has over 22 years of experience as an IT project manager. He has expertise in areas such as application development, quality assurance, service portfolio management, and agile project management. Recent projects include managing Medicare product implementations and application refactoring engagements using agile methodologies.
This document is a resume for Kumar Swaminathan, who has over 22 years of experience as an IT project manager. Some key details include:
- He has experience managing projects in areas such as application development, service portfolio management, product implementations, and agile methodologies.
- Past roles include managing multi-million dollar projects for clients in industries such as banking, healthcare, and pharmaceuticals.
- Technical skills include languages like Java, C++, technologies like Oracle and WebLogic, and methodologies like ITIL and agile.
- Educational background includes a post-graduate degree in science and a computer diploma, along with over 12 years of programming experience.
- Seeks
This document provides an overview of Mann-India Technologies' SAP practice for governance, risk, and compliance (GRC). It discusses Mann-India's expertise in implementing SAP GRC solutions, the key challenges GRC aims to address, and the benefits of SAP GRC and Mann-India's preconfigured GRC solution package, which includes industry best practices to reduce project timelines. Mann-India provides GRC consulting, implementation, support and managed services to help customers improve risk management, regulatory compliance, and internal controls.
Learn how to reduce financial fraud and improve risks management. What are the most common risks for activities and business processes? How a SoD repository is commonly set up? Learn the top 3 SoD conflict types and how to implement a methodology in order to leverage your SAP governance.
Main points covered:
• How to reduce financial fraud and improve risks management
• What are the most common risks for activities and business processes?
• How a SoD repository is commonly set up?
• Learn the top 3 SoD conflict types
Presenter:
The webinar was presented by M. Roseau, director of business development for In Fidem, a Canadian company based in Montreal, Quebec.
Link of the recorded session published on YouTube: https://youtu.be/bRsiWx2NodA
Business Intelligence System and instrumental level multi dimensional database Rolta
The PDF gives a brief introduction of business intelligence system and instrumental level multi dimensional database. As most associations still experience an absence of Business Intelligence (BI) in their basic leadership forms while executing endeavor frameworks, for example, Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), and Supply Chain Management (SCM). Thusly, a model and strategies to assess and evaluate the insight level of big business frameworks can enhance choice backing.
HOW TO OVERCOME TECHNICAL LIMITATIONS TO SCALE UP AUTOMATIONMohit Sharma (GAICD)
As their Automation capabilities evolve, many organizations with successful Intelligent Automation initiatives look to identify and capture further benefits by extending their Automation programs across the enterprise.
Implementing Automation at scale can present various challenges due to technical considerations such as the architecture of the target environment, managing the myriad of tools involved, support and maintenance for automation development and IT change management, among other issues.
During the webinar, guest speakers Daniel Kennedy, St. John of God’s Health Care and Abhinav Sarna, Edith Cowan University will share their practical experiences with Mohit Sharma, Mindfields about how organisations can better overcome the technical issues that can hinder the scale-up of complex Automation programs.
Join this webinar to gain new insights on:
The common technical pitfalls in scaling up an Automation program
Overcoming technical challenges
Lessons learnt
A case-study
Q & A
This document provides a summary of Saikiran Konchada's qualifications and experience. It outlines his educational background which includes a post graduate degree in information security management and a bachelor's degree in computer science engineering. It also lists his professional certifications in information security, business continuity management, and other IT domains. Currently, Saikiran works as a consultant in operational risk management for a bank in Saudi Arabia, where he is responsible for developing and implementing their operational risk processes. He has previous work experience as a security engineer as well.
This document provides a summary of Saikiran Konchada's qualifications and experience. It outlines his educational background which includes a post graduate degree in information security management and a bachelor's degree in computer science engineering. It also lists his professional certifications in information security, business continuity management, and other IT domains. Currently, Saikiran works as a consultant in operational risk management at Banque Saudi Fransi in Riyadh, where he is responsible for developing and implementing their operational risk processes. He has previous work experience as a security engineer as well.
This document provides an overview of operational risk management frameworks and control self-assessment processes. It defines risk management and outlines common risk management frameworks. It then describes a control self-assessment framework that includes setting objectives, assessing risks and controls, analyzing results, and monitoring risks on an ongoing basis. The framework is intended to help managers assess risks and controls in a transparent way and provide regular reporting to senior management.
Iftikhar Ahmed has over 20 years of experience in business analysis, financial analysis, project management, and database design. He is a certified Project Management Professional with a background in business intelligence systems, financial systems analysis, and database technologies like SQL, Oracle, and IBM Cognos. Currently he works as a Senior Business Intelligence Analyst at Robert Half, where he leads teams in requirements gathering, system impact analysis, and project management.
The Path Forward: Getting started with Analytics QuotientJulie Severance
The document discusses strategies for achieving success with business analytics. It introduces the concept of an Analytics Quotient (AQ) which measures an organization's analytics maturity. It describes the four stages of AQ maturity - Novice, Builder, Leader, and Master. Higher AQ organizations are found to outperform others. The document recommends measuring an organization's current AQ, addressing key strategy perspectives like people, process, and technology, and implementing an Analytics Center of Excellence to organize strategies and raise the AQ to the next stage of maturity.
How to optimize IT for future business needsAxios Systems
To view this complimentary webcast in full, visit: http://forms.axiossystems.com/LP=281
Sharon Taylor, the Chief Architect of ITIL® V3 discusses how strategically focused IT service management can be used to drive value for the business. The focus is changing from IT powering the business to IT driving the business forward.
This video focuses on how IT and the business can move together as one. You will learn how ITSM can address the delivery of value-driven services through operational efficiency, service optimization and transformation with market time agility.
This document provides a summary of David G. Burna's professional experience and qualifications. He has over 10 years of experience in data analytics, risk management, and compliance roles within financial services organizations. Currently he is the Director of Risk Analytics at Fiserv, where he oversees machine learning risk models and client relationships to improve fraud prevention performance. Prior experience includes data quality and analytics leadership roles at Wells Fargo, Bank of the West, and BMO Harris, where he developed risk models, led analytics teams, and implemented strategic initiatives.
This document is a resume for David G. Burna. It summarizes his experience in data analytics, risk management, and compliance roles in the financial services industry. Over 15 years, he has implemented database, risk modeling, fraud prevention, and strategic initiatives at companies including Fiserv, Wells Fargo, Bank of the West, BMO Harris, and HSBC. He is seeking a role using big data to improve organizational effectiveness and performance.
ITIL foundations - Complete introduction to ITIL phases, lifecycle and processesRichard Grieman
ITIL V3 Foundations introduction for certification study, classroom and training. Includes terms, objectives, functions and resource requirements for all five ITIL phases: Service Strategy, Service Design, Service Transition, Service Operation and Continuous Service Improvement. Study guide for ITIL training and certification
The document provides an overview of the Stratex framework and how to use it to maintain compliance, manage risk, and execute strategy. It describes key concepts such as using the framework to align operational activities to strategic objectives through item alignment matrices. It also explains how to define and add different item types like entities, drivers, objectives, processes, and systems to the framework using cascading relationships. The document is intended to help users understand and properly maintain the Stratex framework.
Gain business insight with Continuous Controls MonitoringEmma Kelly
Audit, Risk and Compliance managers have both an obligation and an opportunity to help their companies manage the most critical risks the current environment has either created or magnified. Now more than ever, organizations need to transform internal controls testing process from a manual collection of evidence to fine-grained monitoring controls that track user access to sensitive functions / data, system configurations, master data and transactions in
business-critical systems.
Continuously monitoring your business in real-time with actionable insight visible on drill-down, modern, dynamic dashboards allows for completeness and accuracy as well as time-efficient, cost-effective risk management decisions.
In this session, you will learn how Continuous Monitoring together with effective controls can prevent business losses and reduce the cost of audits. We will share best practices and provide case studies of clients that have automated monitoring controls in business-critical applications such as Oracle E-Business Suite and Oracle Cloud ERP to prevent risks in significant business processes such as Procure-to-Pay, Order-to-Cash, Hire-to-Retire, and Financial Record-to-Report.
Join Oracle GRC pioneers Appssurance Founder and CEO Brian O’Neil and SafePaaS CEO Adil Khan.
The document discusses implementing an enterprise risk management (ERM) methodology and tools. It proposes assessing business risks, developing risk response strategies, and monitoring risk management processes. Key activities include identifying risks, measuring impact and likelihood, developing risk action plans, and monitoring risk responses. The goal is to gain consensus on an ERM approach that aligns enterprise and IT risks with the organization's strategy and risk appetite.
This document contains a resume for Kumar Swaminathan, who has over 22 years of experience as an IT project manager. He has expertise in areas such as application development, quality assurance, service portfolio management, and agile project management. Recent projects include managing Medicare product implementations and application refactoring engagements using agile methodologies.
This document is a resume for Kumar Swaminathan, who has over 22 years of experience as an IT project manager. Some key details include:
- He has experience managing projects in areas such as application development, service portfolio management, product implementations, and agile methodologies.
- Past roles include managing multi-million dollar projects for clients in industries such as banking, healthcare, and pharmaceuticals.
- Technical skills include languages like Java, C++, technologies like Oracle and WebLogic, and methodologies like ITIL and agile.
- Educational background includes a post-graduate degree in science and a computer diploma, along with over 12 years of programming experience.
- Seeks
This document provides an overview of Mann-India Technologies' SAP practice for governance, risk, and compliance (GRC). It discusses Mann-India's expertise in implementing SAP GRC solutions, the key challenges GRC aims to address, and the benefits of SAP GRC and Mann-India's preconfigured GRC solution package, which includes industry best practices to reduce project timelines. Mann-India provides GRC consulting, implementation, support and managed services to help customers improve risk management, regulatory compliance, and internal controls.
Learn how to reduce financial fraud and improve risks management. What are the most common risks for activities and business processes? How a SoD repository is commonly set up? Learn the top 3 SoD conflict types and how to implement a methodology in order to leverage your SAP governance.
Main points covered:
• How to reduce financial fraud and improve risks management
• What are the most common risks for activities and business processes?
• How a SoD repository is commonly set up?
• Learn the top 3 SoD conflict types
Presenter:
The webinar was presented by M. Roseau, director of business development for In Fidem, a Canadian company based in Montreal, Quebec.
Link of the recorded session published on YouTube: https://youtu.be/bRsiWx2NodA
Business Intelligence System and instrumental level multi dimensional database Rolta
The PDF gives a brief introduction of business intelligence system and instrumental level multi dimensional database. As most associations still experience an absence of Business Intelligence (BI) in their basic leadership forms while executing endeavor frameworks, for example, Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), and Supply Chain Management (SCM). Thusly, a model and strategies to assess and evaluate the insight level of big business frameworks can enhance choice backing.
HOW TO OVERCOME TECHNICAL LIMITATIONS TO SCALE UP AUTOMATIONMohit Sharma (GAICD)
As their Automation capabilities evolve, many organizations with successful Intelligent Automation initiatives look to identify and capture further benefits by extending their Automation programs across the enterprise.
Implementing Automation at scale can present various challenges due to technical considerations such as the architecture of the target environment, managing the myriad of tools involved, support and maintenance for automation development and IT change management, among other issues.
During the webinar, guest speakers Daniel Kennedy, St. John of God’s Health Care and Abhinav Sarna, Edith Cowan University will share their practical experiences with Mohit Sharma, Mindfields about how organisations can better overcome the technical issues that can hinder the scale-up of complex Automation programs.
Join this webinar to gain new insights on:
The common technical pitfalls in scaling up an Automation program
Overcoming technical challenges
Lessons learnt
A case-study
Q & A
This document provides a summary of Saikiran Konchada's qualifications and experience. It outlines his educational background which includes a post graduate degree in information security management and a bachelor's degree in computer science engineering. It also lists his professional certifications in information security, business continuity management, and other IT domains. Currently, Saikiran works as a consultant in operational risk management for a bank in Saudi Arabia, where he is responsible for developing and implementing their operational risk processes. He has previous work experience as a security engineer as well.
This document provides a summary of Saikiran Konchada's qualifications and experience. It outlines his educational background which includes a post graduate degree in information security management and a bachelor's degree in computer science engineering. It also lists his professional certifications in information security, business continuity management, and other IT domains. Currently, Saikiran works as a consultant in operational risk management at Banque Saudi Fransi in Riyadh, where he is responsible for developing and implementing their operational risk processes. He has previous work experience as a security engineer as well.
This document provides an overview of operational risk management frameworks and control self-assessment processes. It defines risk management and outlines common risk management frameworks. It then describes a control self-assessment framework that includes setting objectives, assessing risks and controls, analyzing results, and monitoring risks on an ongoing basis. The framework is intended to help managers assess risks and controls in a transparent way and provide regular reporting to senior management.
Similar to SAP Inside Track Toronto ASUG Ontario 2013 Enterprise Risk Management: Align Goals with Actions (20)
Company Valuation webinar series - Tuesday, 4 June 2024FelixPerez547899
This session provided an update as to the latest valuation data in the UK and then delved into a discussion on the upcoming election and the impacts on valuation. We finished, as always with a Q&A
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraAvirahi City Dholera
The Tata Group, a titan of Indian industry, is making waves with its advanced talks with Taiwanese chipmakers Powerchip Semiconductor Manufacturing Corporation (PSMC) and UMC Group. The goal? Establishing a cutting-edge semiconductor fabrication unit (fab) in Dholera, Gujarat. This isn’t just any project; it’s a potential game changer for India’s chipmaking aspirations and a boon for investors seeking promising residential projects in dholera sir.
Visit : https://www.avirahi.com/blog/tata-group-dials-taiwan-for-its-chipmaking-ambition-in-gujarats-dholera/
IMPACT Silver is a pure silver zinc producer with over $260 million in revenue since 2008 and a large 100% owned 210km Mexico land package - 2024 catalysts includes new 14% grade zinc Plomosas mine and 20,000m of fully funded exploration drilling.
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...my Pandit
Explore the fascinating world of the Gemini Zodiac Sign. Discover the unique personality traits, key dates, and horoscope insights of Gemini individuals. Learn how their sociable, communicative nature and boundless curiosity make them the dynamic explorers of the zodiac. Dive into the duality of the Gemini sign and understand their intellectual and adventurous spirit.
Discover timeless style with the 2022 Vintage Roman Numerals Men's Ring. Crafted from premium stainless steel, this 6mm wide ring embodies elegance and durability. Perfect as a gift, it seamlessly blends classic Roman numeral detailing with modern sophistication, making it an ideal accessory for any occasion.
https://rb.gy/usj1a2
Anny Serafina Love - Letter of Recommendation by Kellen Harkins, MS.AnnySerafinaLove
This letter, written by Kellen Harkins, Course Director at Full Sail University, commends Anny Love's exemplary performance in the Video Sharing Platforms class. It highlights her dedication, willingness to challenge herself, and exceptional skills in production, editing, and marketing across various video platforms like YouTube, TikTok, and Instagram.
The 10 Most Influential Leaders Guiding Corporate Evolution, 2024.pdfthesiliconleaders
In the recent edition, The 10 Most Influential Leaders Guiding Corporate Evolution, 2024, The Silicon Leaders magazine gladly features Dejan Štancer, President of the Global Chamber of Business Leaders (GCBL), along with other leaders.
B2B payments are rapidly changing. Find out the 5 key questions you need to be asking yourself to be sure you are mastering B2B payments today. Learn more at www.BlueSnap.com.
Part 2 Deep Dive: Navigating the 2024 Slowdownjeffkluth1
Introduction
The global retail industry has weathered numerous storms, with the financial crisis of 2008 serving as a poignant reminder of the sector's resilience and adaptability. However, as we navigate the complex landscape of 2024, retailers face a unique set of challenges that demand innovative strategies and a fundamental shift in mindset. This white paper contrasts the impact of the 2008 recession on the retail sector with the current headwinds retailers are grappling with, while offering a comprehensive roadmap for success in this new paradigm.
SAP Inside Track Toronto ASUG Ontario 2013 Enterprise Risk Management: Align Goals with Actions
1. Enterprise Risk Management using RM10 –
Align to Your Goals and Actions
William Newman, CMC, MBA
Managing Principal, Newport Consulting Group
Communications Chair, ASUG Michigan Chapter
2. We are the ASUG Michigan Chapter. With
over 2,500 ASUG members and home to the
Automotive SIG and key working groups.
We offer three meetings annually:
• March - Joint Meeting with Automotive
SIG (Detroit)
• June – Joint Meeting with West
Michigan CWG (Grand Rapids)
June 27, 2013 sponsored by GVSU
• September / October – UA Partner
meeting (Mount Pleasant)
October 3, 2013 sponsored by CMU
Join us, we are just a lake away!
Great Lakes, Great Times.
GREETINGS FROM MICHIGAN – Your Great Lakes Friends! Twitter: @asug_michigan
3. • Managing Principal, Newport Consulting Group
• Member, SAP Sustainability Executive Advisory Council, Business
Influencer Program, Office of CFO Marketing
• Certified Management Consultant (since 1995)
• Adjunct faculty - Northwood University (International Management,
Sustainability Management, member UA program), University of Oregon
Sustainable Leadership Program (Sustainable Supply Chain)
• Professional Speaker (ASUG, SAP Insider, TEDx, Sustainable Business
Forum, MACPA, SAI, Supply Chain Council, SAP Experts), Writer, SAP
Press author “Understanding BusinessObjects Enterprise Performance
Management (EPM)”
• SCN Blog it Forward post:
http://scn.sap.com/community/about/blog/2012/10/24/blog-it-
forward--william-newman
Hello. Call me “Bill” please…
Introductions @william_newman
4. Understanding the basis for Enterprise Risk
Management (ERM)
Executive Challenges Aligning to Goals and Actions
SAP Risk Management 10 Platform for ERM
Considerations for Audit Practices
Considerations for Supply Chain Risk Activities
A Case Review – How One Organization Got Started
Links and References
Key Take-away Points
Summary and Discussion
Today’s Agenda
Agenda @william_newman
5. Understanding Enterprise Risk Management @william_newman
Enterprise Risk Management represents a company-wide
approach to risk management activities in a holistic,
pragmatic, and managed approach across multiple company
operations, functions, and activities.
- As abstracted from the Global Accenture Risk Management
Report, 2011
6. Understanding Enterprise Risk Management @william_newman
• Aligning Risk Appetite and Strategy
• Enhancing Risk Response Decisions
• Reducing Operational Surprises and Losses
• Identifying and Managing Multiple Cross
Enterprise Risks
• Seizing Opportunities
• Improving Deployment of Capital
ERM objectives typically include some or all of the following:
Source: SAP, 2012 as modified by Newport Consulting Group
Enterprise risk management
(ERM) in business includes the
methods and processes used by
organizations to manage risks and
seize opportunities related to the
achievement of their objectives.
7. Executive Challenges Aligning Goals to Actions @william_newman
Challenges remain as to motive, satisfaction and capabilities…
8. Executive Challenges Aligning Goals to Actions @william_newman
Additional Sources: Discontinuity of risk management practices, in terms of demand, satisfaction, and board level understanding (various
sources: The Economist Intelligence Unit Survey, Ascending the Maturity Curve (March, 2011); McKinsey Global Survey, Governance since
the Economic Crisis (March, 2011); Report on the 2011 Accenture Global Risk Management Study, (February, 2011)
… which suggests a certain “call to action” for executives.
“Practical knowledge of risk management concepts and
principles are needed in the corporate environment as never
before, and executives have created demand for this
knowledge. How this knowledge is crafted into ERM practices,
standards, and guidelines inside of corporate policy is open for
revision.”
Source: The Executive Dilemma: How to Increase Enterprise Risk Management Performance? GRC Expert, 2012.
9. SAP Risk Management 10 ERM Platform @william_newman
1
2
3
ERM is not linked to fundamental value drivers of the business
Shareholder devaluation occurs based on measuring
nonproductive drivers
ERM is not focused significantly or deeply enough on the broad
“value-killer, fat-tail” risks
SAP recognizes there are 3 primary reasons for ERM failure:
Source: The Executive Dilemma: How to Increase Enterprise Risk Management Performance? GRC Expert, 2012.
10. SAP Risk Management 10 ERM Platform @william_newman
SAP Business Suite and LOB
Processes (example: Supply
Chain)
KPIs, Metrics, Measures
(BI Analytics, EPM solutions)
Impacts to Measures
(BI Analytics, GRC & other
solutions)
Mitigation and Remediation Plans
(GRC RM, PC, AC, ERP-PS)
Source: Increase Enterprise Risk Management Performance with SAP Business Objects RM 10. SAP Experts, 2012.
Overall Audit
Documentation
11. SAP Risk Management 10 ERM Platform @william_newman
Source: Increase Enterprise Risk Management Performance with SAP Business Objects RM 10. SAP Experts, 2012.
1 2
12. SAP Risk Management 10 ERM Platform @william_newman
3 4
Source: Increase Enterprise Risk Management Performance with SAP Business Objects RM 10. SAP Experts, 2012.
SAP Risk Management 10 allows for a
“graphical view” to portray bow tie risk
formats, including risk drivers, impacts.
13. SAP Risk Management 10 ERM Platform @william_newman
Source: Increase Enterprise Risk Management Performance with SAP Business Objects RM 10. SAP Experts, 2012.
5 6
The Bow Tie Builder graphical view allows
specific risk driver and impact descriptions
meaningful to specific organizations.
14. SAP Risk Management 10 ERM Platform @william_newman
Source: Increase Enterprise Risk Management Performance with SAP Business Objects RM 10. SAP Experts, 2012.
Risk actions – such as mitigations – may be
added from the Bow Tie Builder.
7
You can identify specific areas of the risk,
associated with organizations and
processes. A common mitigation action
is an audit program, let’s see how RM10
works to support audit programs and
functional risk areas.
15. Considerations for Audit Practices @william_newman
Business audits are increasingly standard as a risk management
function across a number of different functions including:
• Information Technology (SAS 70, SSAE 16)
• Financial Management processes (SOX 404, Dodd-Frank)
• Information Use (ITAR, security constraints)
• Sustainability (LEED, SA 8000, Natural Step, GRI)
• Assurance activities (AA 1000)
• Quality Management processes (ISO 9000, CAPA, APQP)
• Environmental Management processes (ISO 14000)
• Product Compliance Regulations (ROHS, REACH, ELV)
• Treasury Management and Currency Exchange (SWIFT)
Audits are not just for IT system management anymore!
16. Considerations for Audit Practices @william_newman
Regardless of the business function or processes, most agree
the audit format contains several common stages and activities.
Source: Adapted from IIA, University of Illinois materials, as modified by Newport Consulting Group.
17. Considerations for Audit Practices @william_newman
SAP NetWeaver’s Audit Management allows full program life
cycle management for internal audit activities, including:
• Information Technology
• Management Systems, and
• Financial Operations
As part of the SAP NetWeaver platform, SAP NetWeaver’s Audit Management
connects seamlessly with specific SAP modules such as
• SAP ERP Project System
• SAP ERP HCM
• SAP Risk Management
New updates for SAP GRC 10.0 release! Ships FREE with Business Suite!
Source: How SAP Solutions Can Make the Audit Process More Cost-effective, GRC Expert (2011)
18. 2
Considerations for Audit Practices @william_newman
Source: How SAP Solutions Can Make the Audit Process More Cost-effective, GRC Expert (2011)
1
In this example we can associate an Accounts
Payable audit with both financial operations
and even treasury risks if involving foreign
currencies and operating units.
19. • During the execution stage of an
audit, work papers often suggest
corrective or preventive actions in
real time.
• SAP NetWeaver audit management
allows you to identify these work
papers and capture remediation
actions on the fly so that these can be
automatically summarized in the
findings report.
Considerations for Audit Practices @william_newman
3
Source: How SAP Solutions Can Make the Audit Process More Cost-effective, GRC Expert (2011)
20. MEMBERSHIP memberservices@asug.comConsiderations for Supply Chain Risk Activities @william_newman
Functional Risk Management can look at many areas,
including supply chain disruptions due to disasters, business
continuity, and sociopolitical risk…
21. Read my article on
supply chain visibility
in SCN
MEMBERSHIP memberservices@asug.comConsiderations for Supply Chain Risk Activities @william_newman
…which can then roll-up and into a broader ERM program
environment, providing transparency and proactive
management.
Source: Newman, William. Understanding SAP BusinessObjects Enterprise Performance Management, Galileo Press (2010).
22. MEMBERSHIP memberservices@asug.comConsiderations for Supply Chain Risk Activities @william_newman
SAP Supply Chain Performance
Management 2.0 allows for supply chain
risks to be mapped to RM10 as part of an
overall ERM program portfolio.
These risks can also be associated with
key risk indicators (KRIs) and SCOR 11
operating models key performance
indicators (KPIs) which can help to
minimize financial and operational
risk targets and increase performance.
Source: Manage Supply Chain Risks Using Supply Chain Management 2.0, GRC Expert (2012)
Listen to my SCOR11
review on IXN Podcast
in iTunes (IXN002)
23. MEMBERSHIP memberservices@asug.comConsiderations for Supply Chain Risk Activities @william_newman
Source: Manage Supply Chain Risks Using Supply Chain Management 2.0, GRC Expert (2012)
In this example we can link a risk
from RM10 into performance
measurements and operational
data found in SCPM 2.0
1
2
24. Case Study – How One Organization Got Started @william_newman
• Large Multinational Organization
• Major SAP transformation underway
• Third party purchased existing PC-based
audit software (burning platform)
• Looked to leverage AIS function of ECC
(near term) as well as RM10, PC10
capabilities (downstream)
Example audit risk management engagement
Based on this, the organization’s
internal audit department looked
at how to leverage Access
Controls, Process Controls, and
NetWeaver Audit Management
with Risk Management 10.
25. Case Study – How One Organization Got Started @william_newman
System Topology
The concept of using the
records tracking inside AIS
of ECC 6.0, combined with
the document
management features of
NW Audit Management
was compelling.
26. Case Study – How One Organization Got Started @william_newman
System Context
Fortunately the process
for conducting the audit
was reasonably consistent
across business audit
domains. Much of the
system context was on
workflow, approvals.
27. Case Study – How One Organization Got Started @william_newman
Permissions
Once roles and workflow
were defined a permissions
matrix was determined based
on modified “CRUD-M” level
access to audit report and
working papers
documentation.
ILLUSTRATIVE
28. Case Study – How One Organization Got Started @william_newman
Other aspects
• SAP User Roles would determine AC
permissions for NW Audit Management
based on audit
eventually stage gate position using
PC
• Integrated message system between NW
Audit Management and SAP Messaging,
Microsoft Outlook
• AIS would “feed” auditor working papers
based on ISACA T-codes and “scenario
basis”
ILLUSTRATIVE
29. Links and References @william_newman
• Newman, William. Understanding SAP BusinessObjects Enterprise Performance Management,
Galileo Press (2010)
• Newman, William. Reduce Risk in your Supply Chain with Supply Chain Performance Management, GRC Expert
(March 12, 2010) login required
• Newman, William. How SAP Solutions Can Make the Audit Process More Cost-effective, GRC Expert (October 4,
2011) login required
• Newman, William. Increase Enterprise Risk Management Performance with Risk Management 10.0, GRC Expert
(April 18, 2012) login required
• Newman, William. The Bow Tie Builder Tool, GRC Expert (May 1, 2012) login required
• Newman, William. Supply Chain Management 2.0 Offers Better Integration, Analytics,
searchSAP.com (March 21, 2012)
• Stackpole, Beth. Deploying Supply Chain Management Software Hinges on Breadth, Depth, Integration,
searchManufacturingERP.com (April 18, 2012)
• Stackpole, Beth. Ripe with Opportunity, Global Supply Chain also Brings Substantial Risk,
searchManufacturingERP.com (March 14, 2012)
30. Key Take Away Points @william_newman
1. There is a great need for Enterprise Risk Management (ERM) – and a lot of
confusion as to what this means. This creates significant opportunity for SAP
and its partners.
2. SAP Risk Management 10.0 offers a great platform to build, manage, and
assess the effectiveness of an ERM program
3. As part of mitigation activities, organizations are looking towards audits to
build these actions into their ERM programs. SAP NetWeaver Audit
Management offers easy to use connections into RM10 and other GRC tools.
4. Functional risk management allows deeper dives into specific
processes, functions and operational activities in the organization.
5. SAP Supply Chain Performance Management 2.0 – allows for quick integration
to RM10 risk activities while leveraging the Supply Chain Council SCOR model
and SCRP framework.