Risk Management and the role of the Audit Committee

Slides:



Advertisements
Similar presentations
HELPING THE NATION SPEND WISELY Jonathan Mackay Audit Principal Staying the course: The retention of students in higher education.
Advertisements

Auditing, Assurance and Governance in Local Government
Child Safeguarding Standards
Development of internal control: methodology and responsibility
1 The critical challenge facing banks and regulators under Basel II: improving risk management through implementation of Pillar 2 Simon Topping Hong Kong.
DERBYSHIRE COUNTY COUNCIL RISK MANAGEMENT AWARENESS TOOLKIT FOR ELECTED MEMBERS Martin Brassington and Tom Smith 2006.
AFROSAI-E COOPERATION WITH WGITA African Organisation of English-speaking Supreme Audit Institutions.
APPRAISAL OF THE HEADTEACHER GOVERNORS’ BRIEFING
Governance of the Treasury Function CIPFA Scottish Treasury Management Forum Alan George, Regional Director 23rd February 2012.

© Grant Thornton UK LLP. All rights reserved. Review of Partnership Working Vale of Glamorgan Council Final Report- July 2008.
Equity Housing Group Risk Management. 05 August 2002 © MazarsEquity Housing Group: Risk Management 2 Agenda Introduction: what is Risk Management? The.
Risk Management Report to Audit Committee 26 September 2006 Lee Harris Assistant Chief Executive.
Audit Commission Presentation Salford City Council Consideration of the financial statements.
Professional Certificate – Managing Public Accounts Committees Ian “Ren” Rennie.
Establishing A Compliance Program: It Makes Sense
Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.
A paper presented for the TEM Conference, Sydney, Australia 27 th -30 th August 2006 Presentation by Anne Walker, Risk Manager Massey University New Zealand.
Risk Management & Corporate Governance 1. What is Risk?  Risk arises from uncertainty; but all uncertainties do not carry risk.  Possibility of an unfavorable.
FACILITATOR Prof. Dr. Mohammad Majid Mahmood Art of Leadership & Motivation HRM – 760 Lecture - 25.
APPRAISAL OF THE HEADTEACHER GOVERNORS’ BRIEFING.
S3: Understanding the Business. Session objective To explain why understanding of the business of the entity is important for the auditor To explain why.
DAY 1: OVERVIEW The nature of internal auditing
Risk Management and the Audit Plan abc CIPFA in the Midlands Audit Training Seminar Wednesday 24th November 2004 Tina Spiers.
SOLGM Wanaka Retreat Health and Safety at Work Act 2015 Ready? 4 February 2016 Samantha Turner Partner DDI: Mob:
PIC EU-28 Conference Paris, 26 – 27 November 2015 PIC An EU Approach Assurance Maps An Introductory workshop Nathan Paget United Kingdom.
Page 1 Portfolio Committee on Water and Environmental Affairs 14 July 2009.
F8: Audit and Assurance. 2 Audit and Assurance Designed to give you knowledge and application of: Section A: Audit Framework and Regulation Section B:
Roles & responsibilities Involving staff in safety management December 2015 Dr Emer Bell Integrated Risk Solutions.
Organizations of all types and sizes face a range of risks that can affect the achievement of their objectives. Organization's activities Strategic initiatives.
Assessing the Effectiveness of your Governing Body Jim Benson Secretary to Council Brunel University.
Promoting physical activity for children and young people Schools and colleges Implementing NICE guidance 2009 NICE public health guidance 17.
INTERNAL AUDIT BRIEFING Business Objectives Business Objectives: What are they and how are they used?
The Strategic Responsibilities of Governing Bodies Andrew Wilkinson Chair, Board of Governors, University of Wales, Newport and Chair of Chairs of Higher.
Being a Governor: Challenges and Expectation Jim Benson Secretary to Council Brunel University.
1 GR-PBA 22 September This presentation covers  What does an AC do? ToR & Vision  Work done by AC in the16 months  Assurances to CM on:  internal.
Reflections on applying for TDAP and institutional designation Haymo Thiel Principal.
NHS Information Governance Risk Management. Introduction Information risk to be managed in a robust manner Assurance to be provided in a consistent manner.
APPRAISAL OF THE HEADTEACHER GOVERNORS’ BRIEFING.
Governance, Risk and Ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.
Audit Committee 1 June 2005 Overview of the Audit Function in the Council and Role of Audit Committee.
Embedding the golden threads that lead to quality care every time……
GuildHE: Council Meeting 25th May 2017
An Overview on Risk Management
Disaster and Emergency Planning
Auditing & Investigations I
VALUE OF INTERNAL AUDITING: ASSURANCE, INSIGHT, OBJECTIVITY
Presentation to the Portfolio Committee on Finance
PROGRESS REPORT ON IMPLEMENTATION OF THE PUBLIC FINANCE MANAGEMENT ACT
Region’s EUROSAI Strategic Planning Experience
Finance Training for Governors
TERMS OF REFERENCE - FINANCE COMMITTEE
VALUE OF INTERNAL AUDITING: ASSURANCE, INSIGHT, OBJECTIVITY
Internal control - the IA perspective
Presentation to sell assurance maps to senior management
Edit Nemeth, Vice Chair of IACOP
Edit Nemeth, Vice Chair of IACOP
2017 Administration and Finance Conference
Internal Control system
Risk Management Seminar
External Examiners’ Workshop
Chapter 7 Corporate governance and social responsibility
Portfolio, Programme and Project
Standing committee on the Auditor-General
Plan your journey.
30 January 2014 Department of Agriculture, Forestry and Fisheries (DAFF) Briefing to the Portfolio Committee.
Internal Audit Who? What? When? How? Why? In brief . . .
Robin Youll Office for National Statistics
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Good practices for risk assessment and control activities
Presentation transcript:

Risk Management and the role of the Audit Committee Ian Gross Head of Internal Audit & Projects Risk Management and the role of the Audit Committee Higher Education Funding Council for England

What is risk? A risk is: ‘the threat or possibility that an action or event will adversely or beneficially affect an organisation’s ability to achieve its objectives’. All HEIs have (or should have) objectives

What is risk management? Risk management is defined as ‘the systematic application of management policies, practices and procedures to the task of analysing, assessing, treating, monitoring and reporting on risks’.

Is risk management really new? Yes and no Understanding risks is not new at all - most of us have an inherent understanding of risk ; e.g. health and safety risk assessments are well established; audit and others use it However, risk management in a corporate governance sense is new. It promotes ownership of the RM process at a high level

Why manage risks? It supports the achievement of objectives It allows higher risks to be taken It reduces the chance of serious errors Risks exist at all levels: corporate/strategic, faculty, departmental, functional, personal, project . . . . So we all need to be risk managers in a way appropriate to our own responsibilities

Benefits of risk management

Why now? Implementing the latest development in corporate governance (Turnbull report) All sectors in the economy are now doing it Ongoing process of promoting good practice Accountability burden - promotes ownership of internal control and helps to provide assurance to stakeholders

Why use in HE? Improve management within HE sector Help maintain/enhance the reputation of HE It is good practice Helps encourage innovation (= risk taking) Contributes to the management of change It’s not just about financial risks, but all kinds including academic reputation

What are the types of risk in HE?

What have we done about it? Accounts direction - three year transition Briefing for senior managers/governors Hands-on guide Web-based material case studies model policy illustrative list of risks

What do we expect HEIs to do? Obtain senior manager & governor commitment and agreement to policy Establish approach, plan and commence implementation Start to embed process at all levels Manage, monitor and report on main risks Achieve balanced risk portfolio

Audit Committees & Risk Management - 1 Ensure the Committee has an independent appreciation of what constitutes good practice in risk management, e.g. by considering: - the Turnbull report & HEFCE guidance - the use of independent training for members - advice from other sources e.g. CUC - how risk management works in your own organisations.

Audit Committees & Risk Management - 2 Ensure the Committee is well informed about the University’s approach to risk management, e.g. by: - ensuring the internal auditors conduct reviews of the risk management arrangements (see HEFCE advice) - asking the Vice Chancellor, senior managers and/or the risk co-ordinator to explain aspects of it periodically . . . .

Audit Committees & Risk Management - 2 - considering the comments made by HEFCE at its periodic institutional review - ensuring the external auditors plan to satisfy themselves on the adequacy of risk management - asking for high-level risk owners to make presentations to the Committee about “their” risks . . . .

Audit Committees & Risk Management - 2 - asking for departmental and functional heads to make presentations to the Committee - making risk management a standing item on the Committee’s agenda - ensuring the Clerk to the Committee is well informed about risk management issues - asking to see the corporate level risk register periodically (say, annually)

Audit Committees & Risk Management - 2 - asking to see subsidiary risk registers and/or risk assessments periodically (e.g. for a large capital project or a re-organisation or a new IT/estates/research strategy) - ensuring that management uses risk management in a positive way, e.g to help assess opportunities arising.

Audit Committees & Risk Management - 3 Test the effectiveness of the risk management arrangements in place where appropriate, e.g. by: - enquiring how a risk assessment was actually carried out - questioning the effectiveness of the mitigating controls - directing the internal auditor’s work towards risks of concern to the Committee . . . .

Audit Committees & Risk Management - 3 - asking to see the results of the Vice Chancellor’s annual review of the effectiveness of internal control - asking for periodic monitoring reports on the high-level (and other significant) risks - ensuring that ‘early warning indicators’ are in place where appropriate - seeking management assurances on mitigating controls, further actions and residual risks . . . .

Audit Committees & Risk Management - 3 - ensuring that all corporate objectives are adequately mapped against risks - ensuring that there is a process in place to identify new or emerging risks - challenging the treatment of residual risks - ensuring that ‘further actions’ identified in the risk management process are actually undertaken . . . .

Audit Committees & Risk Management - 3 - enquiring how well risk management is embedded throughout the University and identifying areas where risk management is weak.

Audit Committees & Risk Management - 4 At the year end (November/December meeting) the Committee should: - review the Vice Chancellor’s statement of internal control and the process behind it - review the internal auditor’s annual report - review the external auditor’s management letter - report to the University Council on the effectiveness of the risk management arrangements

Audit Committees & Risk Management - 5 In summary, the Committee should: - familiarise itself with risk management - catalyse risk management - ensure appropriate audit work is undertaken - review information on risks and risk management - review internal and external audit reports - review corporate governance statements - report to the governing body.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.