Where Innovation Is Tradition Mason Initiatives: Efficiency & Effectiveness Enterprise Risk Management Beth Brock, Associate VP & Controller George Mason.

Slides:



Advertisements
Similar presentations
North Carolina Office of the State Auditor Honesty Integrity Professionalism.
Advertisements

Risk Management at Harvard – Panel Discussion Harvard IT Summit
Program Management Office (PMO) Design
UW Risk Assessment Overview of Risk Assessment. UW Risk Assessment Overview of Risk Assessment Process Gather Information on Risk Universe Identify High.
Lisanne Sison Director ERM Bickmore
Agency Risk Management and Internal Control Standards Presentation to the Board of Visitors November 14, 2014.
Internal Audit Awareness
It’s Time to Talk About Risk and Control
Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.
Delivery Business Solutions April 29, Nashville PMI Symposium April 29, 2013 Stephanie Dedmon, PMP Director, Business Solutions Delivery Department.
Presented by: Patricia “Patti” Snopkowski Chief Auditor, OUS Internal Audit Division 2011 Annual Risk Assessment.
Office of the Secretary of Defense – Comptroller Financial Improvement and Audit Readiness Directorate Unclassified 17 September 2014 GAO Revised “Green.
Operational Auditing--Spring Operational Auditing Spring 2011 Professor Bill O’Brien.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
By Saurabh Sardesai October 2014.
ECM Project Roles and Responsibilities
Risk Assessment Frameworks
Office of the Controller and Internal Controls Jim Corkill Controller Office of the Controller September 2014.
Establishing an Effective Enterprise risk management (ERM) program
“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.
UNCW Institutional Risk Management IRM Overview and Policy Development & Implementation Plan Overview.
National Association of College and University Attorneys 1 November 11, 2009 NACUA Fall 2009 Workshop November 2009.
IT Governance Steering Committee December 2, 2010.
BOARD FIDUCIARY RESPONSIBILITY – Understanding Oversight and Monitoring Roles Presented by: Dan Campbell, Partner.
Central Piedmont Community College Internal Audit.
COMMON CHALLENGES AND SOLUTIONS IN ERM IMPLEMENTATION TO IMPROVE MUNICIPAL CLEAN ADMINISTRATION PROCESS. M.J. RAMAKGOLO (CCSA)
Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.
Higher Education Solutions 1 Internal Audit for Colleges and Universities By: Wally Wetherill, Regional Industry Partner – East Region John McKay, Supervisory.
Transitioning to the COSO 2013 Update.  Released on May 14, 2013  Designed to build upon the foundation of the 1992 Framework  Will supersede the 1992.
University Strategic Resource Planning Council Budget.
SUNY Canton & SUNY Potsdam: Update on Shared Services Open Forum on Shared Services President Schwaller & Interim President Schiffner.
IT Risk Management, Planning and Mitigation TCOM 5253 / MSIS 4253
Section Topics Establish a framework for assessing risk
Establishing A Compliance Program: It Makes Sense
Copyright T. Rowe Price. All rights reserved 1 Ms. Deborah D. Seidel of T. Rowe Price Financial Services Vice President and Manager of Compliance.
EEC Internal Control Plan (ICP) FY2013. Direction from Secretary Malone Acting EEC Commissioner Thomas Weber shall initiate a top-to-bottom review of.
Chapter 14 Internal auditing 14-1 Copyright  2010 McGraw-Hill Australia Pty Ltd PPTs t/a Auditing and Assurance Services in Australia 4e by Grant Gay.
Portfolio Committee Presentation Government printing Works Audit and Compliance 07 May 2013 Presented by: Chief Executive Officer.
Agency Risk Management & Internal Control Standards (ARMICS)
2 From the BOV Bylaws Faculty Representatives The Faculty shall elect a non-voting representative to the following committees of the Board: Academic.
Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.
The Connection between Risk Management and Internal Control in Organizations Mag. Norbert Wagner Budapest,
©2000 Bank for International Settlements 1 F I N A N C I A L S T A B I L I T Y I N S T I T U T E BANK FOR INTERNATIONAL SETTLEMENTS On-site Examination.
1 American Recovery and Reinvestment Act of 2009: Challenges Facing the Department of Transportation and the Office of Inspector General’s Strategy for.
Atlantic Innovation Fund Round VIII February 5, 2008.
Finance & Human Resources Presentation to the Select Committee on Economic and Business Development 27 October 2015.
CAS Spring Meeting June 2007 Introduction to ERM …The Measurements, Quadrants, Tools, and Solutions Prof. Mark C. Vonnahme Fox Family Clinical Professor.
Chief Compliance Officer
INTEGRATED STRATEGIC PLANNING PROCESS (ISPP) 10 year planning outlook10 year planning outlook Monia Lahaie, DCFO and Director General Finance at Statistics.
The Minnesota State Colleges and Universities system is an Equal Opportunity employer and educator. Audit Committee Meeting September 16, 2008 College,
1 Introduction to Enterprise Risk Management Liz Ryan On Detail to NOAA OCFO Risk Office.
1 COSO ERM Framework Update Our Next Challenge and Opportunity September 2015.
What is Internal Audit University of Date. What/Who is Internal Audit? A University department that reports directly to the Board of Regents (BOR) through.
Dolly Dhamodiwala CEO, Business Beacon Management Consultants
Valiants Verify Compliance Program Judith W. Spain, J.D., CCEP ® Chief Ethics and Compliance Officer General Counsel (Effective March 2016) 1.
RISK MANAGEMENT IN THE PUBLIC SECTOR CONVERGING MULTIPLE STAKEHOLDER’S EXPECTATIONS Organised by National Treasury Presented by WELEKAZI DUKUZA CEREBRO.
Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.
Internal Control Process at Geneseo. Objectives Understand the objectives of effective internal controls Describe Geneseo’s internal control program Accurately.
Introduction to Enterprise Risk Management (“ERM”)
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
Risk Assessment ABOR Audit Committee April 5, 2017
Strategic Planning Update
ENTERPRISE RISK MANAGEMENT IN THE CASE OF THE FINANCIAL SERVICE SECTOR
Orientation Overview April 14, 2017
Finance & Human Resources
COSO and ERM Committee of Sponsoring Organizations (COSO) is an organization dedicated to providing thought leadership and guidance on internal control,
Internal Audit & Enterprise Risk Management
Enterprise Risk Management
Enterprise Risk Management (ERM) at Clayton State University
Internal controls Project support overview.
Presentation transcript:

Where Innovation Is Tradition Mason Initiatives: Efficiency & Effectiveness Enterprise Risk Management Beth Brock, Associate VP & Controller George Mason University May 21,

Where Innovation Is Tradition Agenda Efficiency & Effectiveness (E&E) How we got started and the process Where we are now, observations, questions Enterprise Risk Management (ERM) Overview How we got started and the process Where we are now, survey, questions 2

Where Innovation Is Tradition E&E Initiative Late some members of BOV requested All administrative functions in scope; academics excluded Spring explored big firm and boutique/trade assn approaches 3

Where Innovation Is Tradition E&E Study Advice Do not underestimate: Disruption in workplace Time and effort to do properly Impact on employee moral Expect to make an investment 4

Where Innovation Is Tradition E&E Evolution Issued RFP for benchmarking services in seven administrative areas: Auxiliaries & Affiliated Entities Facilities Information Technology Purchasing Enrollment Services Human Resources Accounting & Finance 5

Where Innovation Is Tradition RFP for Benchmarking Services Selection criteria emphasized higher ed experience, recommended benchmarks required Goal - inform a decision on areas for E&E review Search committee: Controller; Director IA&MS; Fiscal Projects Director Two firms selected for oral presentations Senior VP and Chief of Staff attended orals 6

Where Innovation Is Tradition Benchmarking Project Huron Consulting selected for 3-4 month project: Reviewed data on budgets and staffing Interviewed unit heads Confirmed benchmarks Performed benchmarking and analysis Delivered final report – functioning efficiently and effectively Discussing next phase for some opportunities 7

Where Innovation Is Tradition Efficiency & Effectiveness Observations and Questions 8

Where Innovation Is Tradition ERM Defined Enterprise Risk Management (ERM) is generally defined as: a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives 1. 1 Standard ERM Model content adapted from: Committee of Sponsoring Organizations of the Treadway Commission 9

Where Innovation Is Tradition ERM Framework Categorization of risks: Strategic – organizational goals Operations – executing objectives Financial/Reporting – safeguarding assets Compliance – adherence with laws and regs. Reputational – public image Cultural – character of university and personnel 10

Where Innovation Is Tradition ERM Initiative at Mason Late BOV interested in risks other than financial risks Spring Controller’s office and IA&MS collaborated to survey approx. 80 unit heads Responses reviewed, consolidated, reviewed again, 32 items presented to BOV 11

Where Innovation Is Tradition ERM Evolution Funding for next steps in FY11 budget Issued RFP for assistance with designing a sustainable ERM program Responses from 14 firms; orals from 5 Sr. VP and Chief of Staff attended orals 12

Where Innovation Is Tradition ERM Project Huron Consulting selected late 2010 Extensive data requests: Org charts, audit reports, draft audit findings, budgets, IA&MS work plans, list of affiliates, strategic and/or business plans for IT, research, student, finance, President’s initiatives, ERM work to date 13

Where Innovation Is Tradition Huron Phase I Evaluated data Met with about 25 unit heads Identified common risks at other institutions Assigned one or more of 6 framework categories Assigned functional area: facilities, safety, IT, academic, research, fiscal, HR, etc. 14

Where Innovation Is Tradition Assigning Risk Factors Evaluated each risk using five factors: 1.External environment – e.g., federal regs 2.Reputational risk – level of public visibility 3.Financial exposure – e.g., budget, penalties 4.Vulnerability – likelihood of occurrence 5.Internal controls risk assessment 15

Where Innovation Is Tradition Ranking our Risks Used the collective high, medium, low scores for each factor to assign a relative impact score to each 40 risks prioritized as highest, high, medium Eleven highest priority include fraud, research compliance, succession planning Phase I deliverable – modified risk inventory 16

Where Innovation Is Tradition ERM Implementation Plan Huron phase 2 deliverables: Recommended organizational structure Reviewed policies, provided gap analysis Provided executive level reporting format (heat map) Provided risk mitigation strategy guidance 17

Where Innovation Is Tradition Hiring a Chief Risk Officer New admin. faculty position, reporting to Sr. VP Advertised late November late January 2012 Committee: Controller, Director IA&MS, Projects Director, Assoc. Dean College of Science About 45 applicants, 3 selected for interview Reopened search April

Where Innovation Is Tradition Interim Efforts Applying the committee-based organizational model Functional managers appointed to committee Will develop mitigation strategies for highest priority risks Will update risk inventory, determine factors for assessing relative degrees of risk 19

Where Innovation Is Tradition Audience Survey Question #1 Q:How has your institution’s approach to risk management changed over the past two years? 1.Significantly increased time and resources devoted to risk management 2.Somewhat increased time and resources devoted 3.Made few or no changes to risk-mgmt approach 4.Decreased time and resources devoted 20

Where Innovation Is Tradition Survey by CFO Magazine Q#1 21

Where Innovation Is Tradition Audience Survey Question #2 Q: Who in your institution is most responsible for risk oversight? 1.CFO5.Board of Visitors 2.President6.Audit Committee 3.Risk committee7.Director, Internal Audit 4.CRO 22

Where Innovation Is Tradition Survey by CFO Magazine Q#2 23

Where Innovation Is Tradition Audience Survey Question #3 Q: Which would you say is the single biggest impediment to improved risk management within your institution? 1.Commitment of time/resources5. N/A, adequate risk mgmt 2.Internal expertise6. Implement. methodology 3.No clear mandate from top7. Lack of IT system to 4.Organizational structure address risk mgmt. 24

Where Innovation Is Tradition Survey by CFO Magazine Q#3 25

Where Innovation Is Tradition Enterprise Risk Management Observations and Questions Contact information: Beth Brock