1. GOVERNANCE OF RISK: THE BOARD - RISK LEADER OR FOLLOWER?
Deon van der Westhuizen

2. Key points of presentation
Providing leadership in risk management
The nature and extent of the strategic risks
The role of combined assurance and how it assists the Board
Setting and achieving its strategic objectives
Risks discussed at board level are not aligned to strategic objectives
How can boards take a proactive and leadership role in risk governance?
Ongoing monitoring of residual risk against the risk appetite
Risk management and accountability

3. From Risk Management to Risk Leadership
What I like is the recommended shift from traditional risk management thinking — what might go wrong — to a focus on whether the right levels of the right risks are being taken — the result of informed and intelligent decision-making. David Renz
"Are you helping your executives, board, and management across the extended enterprise make informed and intelligent decisions that drive the organization to success —​ the achievement of its objectives by intelligent risk-taking?"
Making executives or the board risk-averse is paving the path to failure, not to success.

5. Auditor-general report
Operational losses
Legal complications
Consequence management

6. Working capital management
Current ratio = 0.44:1

7. Rating agency
No ability to raise finance

8. Financial measurement
Staff - 40% vacant
No repairs and maintenance

9. Performance
Water losses = 36%

10. Operational loss
R478m / 12 = R40m per month

11. Value creation vs preservation
COSO 4 fraud risk
Planning and dashboard
M and A’s
Sources of cash
2nd line of defense
Legal compliance
Cash flow management
Emerging risks
Demand management
Skills audit
Preventative maintenance

12. Evolution of Enterprise Risk and Resilience Management (ERM)

13. Risk Universe

14. The value killers – drop in share prices

15. Key risks market capitalization losses

16. Value killers 2005 to 2014
Source: Deloitte –The Value Killers Revisited, 2014

17. Time for share price to recover
Source: Deloitte –The Value Killers Revisited, 2014.

18. Nature and extent of strategic risks

19. Extreme weather
Natural disasters
Cyberattacks
Water
Large scale migration
Ecosystem collapse

20. Interconnectivity

21. Deloitte – focus on strategic risks 2019

22. Compliance and regulatory push

23. Combined assurance - 3 LOD or 5 LOA

24. Residual risk versus risk appetite

25. Broad responsibilities of the Board
The board provides direction to senior management by setting risk appetite.
It also seeks to identify the principal (key) risks.
Board assures itself on an ongoing basis that senior management is responding appropriately to these risks (oversight)
Board delegates to the CEO and senior management primary ownership and responsibility for operating risk management and control.
Management provides leadership and direction re risk management, and to control overall risk-taking activities in relation to the agreed level of risk appetite.
To ensure the effectiveness of risk management, the board and senior management rely on adequate line functions – including monitoring and assurance functions

26. First line of defense

27. Second line of defense

28. Focus on the second line of defense

29. Key Performance Indicators (KPIs) help a firm see how it is performing in relation to its strategic goals and objectives.
Key Risk Indicators (KRIs) are leading indicators of risk to business performance, giving early warning about potential risk event
Use KRIs to monitor risks are in the areas such as:
natural catastrophe risks (as % of group shareholder equity)
asset-liability matching (duration mismatch)
strategic asset allocation (% allowed in investment category)
credit risk (weighted average credit rating)
other risks specific to business or functional areas
KPI’s and KRI’s

30. Minimum tools in the toolbox
Lean six sigma
Root cause expert
Fishbone diagram
Pareto analysis
Data mining
IT auditing skills
Boardroom presence
Minimum tools in the toolbox

31. Lean Six Sigma - Integration of Two Powerful Business Improvement Approaches...
Lean Speed + Waste Elimination
Six Sigma
Quality, Cost
Goal – Improve performance on items Critical to Customer Quality (CTQs)
Focus – Use DMAIC with (TQM) tools to eliminate variation
Method – Management engagement, dedicated team effort
Goal – Reduce waste and increase process speed
Focus – Implementing Waste reduction tools
Method – Improvement events Value Stream Mapping
Implicit – Success is dependant upon the value of other variables in the function. Results not readily apparent.
Explicit – Very specific, clear typical quality measures.
Lean Speed Enables
Six Sigma Quality
(Faster Cycles of Experimentation/learning)
Six Sigma Quality Enables
Lean Speed
(Fewer Defects Means
Less Time Spent on Rework)
Efficiency
Effectiveness

32. Pareto Analysis

33. Fishbone Diagram Material Machine Methods
Discovery of different discount rates occurs too late in process
Computer screens
Billing process not accurate
Updates
Too many “jumps”
Product Shortages
Master customer discount table not up-to-date
Effect: Too many price adjustments at check-out
Incomplete Training on common complaints
Power Failures
Management Policies
Not enough staffing during peak times
Marketing metrics counterproductive
Unfamiliarity with procedures
For vacation notification
Notification of absence
Mother Nature
Measurements
Manpower
Root Cause Analysis

34. Third line of defense - auditing

35. Any Questions? Deon van der Westhuizen
uniratings/