Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enterprise Risk Management Lucas Taylor Fermilab Strategic Planning Workshop 4 – 5 November 2015.

Published byViolet Clark Modified over 8 years ago

Similar presentations

Presentation on theme: "Enterprise Risk Management Lucas Taylor Fermilab Strategic Planning Workshop 4 – 5 November 2015."— Presentation transcript:

1 Enterprise Risk Management Lucas Taylor Fermilab Strategic Planning Workshop 4 – 5 November 2015

2 Introductions Lucas Taylor, Fermilab –PhD Particle Physicist, PMP-certified, Deputy Project Manager for “LHC CMS Detector Upgrades” –Fermilab Risk Manager, Lab risk processes, tools, project risk (CMS, LBNF / DUNE…), enterprise risk Keith Molenaar, U. of Colorado –Professor of Construction Engineering Mgmt. –Research interests: project risk analysis, alternative project delivery methods, and cost engineering Anne Kerhoas, CERN –Physicist, Engineer, MBA, previously: Senior Safety Officer, International Atomic Energy Commission –CERN Enterprise Risk Management 27-29 Oct 2015Lucas Taylor | Risk Register and Management2

3 Terminology Enterprise Risk: Effect of uncertainty on strategic Lab goals and objectives Enterprise Risk Management (ERM): Processes to identify, analyze, mitigate and respond to enterprise risks Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop3

4 1.Enterprise risks are BIG – strategic not tactical 2.Enterprise risks are DIVERSE and CROSS-CUTTING “ERM analyzes all risk across the enterprise, including operational risk, governance and compliance risk, project and program risk, financial risk, and others.” J. Crook, Director of ERM, Consolidated Nuclear Security, Oak Ridge. Perspective Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop4

5 Outputs of the workshop 1.Define the Lab’s enterprise risk tolerance (Group 0) Ranking scheme in terms of probabilities and impacts. 2.Identify the top risks to the Lab — (Groups 1—5) Rank risks and update risks summary, mitigations, response plans, owners … 3.Action items Ambitious but a lot of preparatory work has been done Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop5

6 Enterprise Risk Management at Fermilab ERM owned by Senior Lab Mgmt. ERM coordinated by IPPM –Integrated Planning & Perf. Mgmt. Monitored by DOE / FRA –Contractor Assurance System (CAS) Learning from others –CERN, ESA, NASA, NGOs, NATO, aviation, power, manufacturing, hi- tech, military (ERMINE forum) Maturing the ERM process –Consolidate after the workshop –Flow down to projects, operations, business processes… Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop6 Establish enterprise risk mgmt. context Identify enterprise risks Develop mitigation and response plans Monitor and Control risks Analyze risks and rank them Communication / Monitoring / Review ISO 31000:2009(E) “Risk management – Principles and guidelines”

7 Identifying Enterprise Risks 2011: 16 major risks identified –Rather general and mostly still valid 2014: revisions of strategic planning process and tools –New Enterprise Risk Register web tool 2015: ~20 risk interviews with senior Lab management, CAS owners, FSO –“What is the biggest risk to..” Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop7 Establish enterprise risk mgmt. context Identify enterprise risks Develop mitigation and response plans Monitor and Control risks Analyze risks and rank them Communication / Monitoring / Review ISO 31000:2009(E)

8 Identifying Enterprise Risks  164 candidates Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop8

9 Boiling down the number of risk candidates 164 risks were initially identified Scrubbed / merged  47 risks in the enterprise risk register –Risk summaries were written to capture risk interview information Working groups get ~10 risks each Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop9 Establish enterprise risk mgmt. context Identify enterprise risks Develop mitigation and response plans Monitor and Control risks Analyze risks and rank them Communication / Monitoring / Review ISO 31000:2009(E)

10 All risks are in a new Enterprise Risk Register Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop10 http://1.usa.gov/1GMdtEk 1 1 2 2 3 3

11 Assessing risks: Working groups 1—5 Session #1 1.Improve risk title and summary 2.Define risk mitigations that can reduce probability and/or impacts BEFORE the risk happens –Examples: safety training, staffing plan 3.Define risk responses that can reduce impact AFTER risk happens –Examples: minimum safe shutdown plan, active shooter response plan Just a few lines – we can follow up later Take credit for what’s already being done 4.Assign risk owners 5.Action items  comments field Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop11 Establish enterprise risk mgmt. context Identify enterprise risks Develop mitigation and response plans Monitor and Control risks Analyze risks and rank them Communication / Monitoring / Review ISO 31000:2009(E)

12 Assessing risks: Working groups 1—5 Session #1 Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop12  Update status as you assess each risk

13 High rank(expect < 5 of these) –Probability AND impacts are high –Owned and managed at Director level –Closely monitored by DOE / FRA board Medium rank(expect ~10–15 of these) –Probability OR impacs high, or both medium –Owned and managed at Chiefs’ level –Monitored by DOE / FRA board Low rank(expect ~20–30 of these) –Probability AND impacts all moderate / low –Either keep on ERM watch list or push down into organization: Division, Project, etc. Risk ranking – Purpose Working Group 0 Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop13 Establish enterprise risk mgmt. context Identify enterprise risks Develop mitigation and response plans Monitor and Control risks Analyze risks and rank them Communication / Monitoring / Review ISO 31000:2009(E)

14 Risk tolerance matrix Working Group 0 Two dimensions for ranking: 1.Probability that risk occurs 2.Impact of risk on: Science Mission, themes, Lab goals and objectives, including PEMP Finance Funding, resources, protection of existing Lab's assets – people, physical assets, data… Reputation Standing with scientific community, public, DOE, Government Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop14 Establish enterprise risk mgmt. context Identify enterprise risks Develop mitigation and response plans Monitor and Control risks Analyze risks and rank them Communication / Monitoring / Review ISO 31000:2009(E)

15 Risk ranking – 2-D risk tolerance (ranking) matrix Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop15 Working Group 0 will fill this in

16 Ranking risks Working groups 1—5 Session 2 Groups look at the same ~10 risks as before Using new risk tolerance matrix from Group 0 http://1.usa.gov/1PnqBB2 Assess the probability and impacts of each risk Risk Register automatically computes overall risk rank Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop16 ISO 31000:2009(E)

17 Ranking risks Working groups 1—5 Session 2 Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop17 1 1 2 2 3 3

18 Review full list of ranked risks Final plenary Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop18 1 1

19 Agenda Lucas Taylor, 2015-11-05Enterprise Risk Management | Fermilab Strategic Planning Workshop19 8:00 – 8:30Setup and refreshmentsAll 8:30 – 8:55Introduction, goals and organizationLucas Taylor 8:55 – 10:20 Define Lab’s enterprise risk tolerance (fill in probability vs. impacts matrix) Keith Molenaar with Group 0 (1)Review risks, improve descriptions (2)Add mitigations and response plans (3)Identify owners (4)Note any future action items Breakout Groups 1 – 5 (10 risks each) 10:20 – 10:30Coffee + distribute risk tolerance matrixAll 10:30 – 11:15Rank risks using risk tolerance matrix Groups 1–5 (10 risks each) 11:15 – 12:00Review and refine full ranked list of risksAll

Download ppt "Enterprise Risk Management Lucas Taylor Fermilab Strategic Planning Workshop 4 – 5 November 2015."

Similar presentations

The Department of Energy Enterprise Risk Management Model

The Department of Energy Enterprise Risk Management Model
AASHTO Internal Audit Conference 2012 – Phoenix Daniel Fodera, CMQ/OE Program Management Improvement Team Federal Highway Administration.

AASHTO Internal Audit Conference 2012 – Phoenix Daniel Fodera, CMQ/OE Program Management Improvement Team Federal Highway Administration.
Risk Management at Harvard – Panel Discussion Harvard IT Summit

Risk Management at Harvard – Panel Discussion Harvard IT Summit
Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.

Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.
Hospital Emergency Management

Hospital Emergency Management
Lisanne Sison Director ERM Bickmore

Lisanne Sison Director ERM Bickmore
November 2004 The Research Infrastructures in FP7 DG RTD – Directorate ‘Structuring ERA’

November 2004 The Research Infrastructures in FP7 DG RTD – Directorate ‘Structuring ERA’
Briefing to the Commission to Review the Effectiveness of the National Energy Laboratories (CRENEL) Joseph McBrearty, Deputy Director for Field Operations.

Briefing to the Commission to Review the Effectiveness of the National Energy Laboratories (CRENEL) Joseph McBrearty, Deputy Director for Field Operations.
Contractor Assurance System AC Overview October 13, 2009.

Contractor Assurance System AC Overview October 13, 2009.
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Advanced Metering Infrastructure AMI Security Roadmap April 13, 2007.

Advanced Metering Infrastructure AMI Security Roadmap April 13, 2007.
Project Risk Management

Project Risk Management
Enterprise Risk Management in DHHS

Enterprise Risk Management in DHHS
Risk Assessment Frameworks

Risk Assessment Frameworks
Managing Risk to Reduce Construction Claims (And Improve Project Success) Presented by Laurie Dennis, PE, CVS-Life, FSAVE.

Managing Risk to Reduce Construction Claims (And Improve Project Success) Presented by Laurie Dennis, PE, CVS-Life, FSAVE.
Chapter 11.  The board is ultimately responsible for risk management  Oversee strategic risks, operational risks, and financial risks  Many federal.

Chapter 11.  The board is ultimately responsible for risk management  Oversee strategic risks, operational risks, and financial risks  Many federal.
Project Delivery Method Selection Guidance ACEC/WSDOT Annual Meeting June 11, 2015 Jeff Carpenter Director, WSDOT Construction Division.

Project Delivery Method Selection Guidance ACEC/WSDOT Annual Meeting June 11, 2015 Jeff Carpenter Director, WSDOT Construction Division.
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.

Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.

Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.

Similar presentations

Ads by Google