Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mark Carey, CPA, CISA President Toll free: 866.335.2736 x101 International: 001.801.756.4180 x101 Enterprise Risk Management:

Published byJulian Dollins Modified over 9 years ago

Similar presentations

Presentation on theme: "Mark Carey, CPA, CISA President Toll free: 866.335.2736 x101 International: 001.801.756.4180 x101 Enterprise Risk Management:"— Presentation transcript:

1 Mark Carey, CPA, CISA President Toll free: 866.335.2736 x101 International: 001.801.756.4180 x101 mark@delcreo.com www.delcreo.com Enterprise Risk Management: Recent Trends and Approaches

2 Why are you here? Why did this topic interest you? What do you think about enterprise risk management? What do you expect to get out of this presentation?

3 Risk Appetite Impact X Likelihood = Risk

4 Enterprise Risk Management Definition Enterprise Risk Management (ERM) is the capability to protect enterprise value by managing risk: –With a coordinated and systematic approach, –Organization-wide, and –Across all types of risk.

5 ERM Inflection Point 9/11, Anthrax, Terrorism near misses Corporate Governance Crisis –Enron –Arthur Andersen –WorldCom –Adelphia –GE Reveal and amplify underlying trends impacting need for “enterprise” approach to risk management

6 Trend: Interconnectivity and Infrastructure Today’s business system –Complex –Tightly coupled –Heavily dependent on infrastructure Interconnectivity of infrastructure –Telecommunications –power generation and distribution –Transportation –Medical care –National defense –Other critical government services Ripple effects of infrastructure failure Terrorist employed low tech weapons to inflict massive physical or psychological damage –Box cutters –Envelopes

7 Trend: Low Cost of Tools Technologies/tools that have the ability to inflict massive damage are getting cheaper and easier to obtain every day Being used by competitors, customers, employees, litigation teams, etc. Examples: –Recent wave of viruses and worms –Cyber Activism: The Electronic Disturbance Theater and Floodnet –CyberTerrorism: NATO computers hit with e-mail bombs and denial-of-service attacks during 1999 Kosovo conflict

8 Trend: New Laws, Regulations and Agencies Largest, most aggressive expansion HIPAA –Privacy –Information Security –Physical Security –Business Continuity C-TPAT (Customs-Trade Partnership Against Terrorism) –Process Control –Physical Security –Personnel Security Sarbanes-Oxley Act –Accounting –Internal Control Review –Executive Verification –Ethics and Whistleblower Protection Department of Homeland Security –Consolidation of Agencies with various “risk” responsibilities

9 Response: Be Strategic Be Strategic - Your issues matter more now than ever Position your program as more than “insurance” Speak Language of Senior Management – “Value”

10 Response: Be Strategic Are we in alignment with organizational value drivers and strategies Can we implement our strategy effectively? Do we have the right –Organizational structure –Tools –Metrics –“Go to market” approach?

11 Response: Value Drivers Customer Satisfaction –Impact on external customers –# of customers impacted –Duration of impact People –Loss/ access to private employee information –Workforce endangerment –Access to executive information, systems, etc Financial –Cost Increase –Revenue loss Intangible –Proprietary information –Damage to brand Computer Systems –Number of systems impacted –Number of internet facing systems impacted/vulnerable

12 Response: Update or Create Risk Profile Focus on risks that matter to value drivers Determine response triggers and thresholds Consider Interconnectivity of risks Present to management in their terms (Value Drivers) Drive your strategic planning

13 Response: Develop Strategic Plan Strategic Plan Implementation Framework Metrics Organizational Change Program Management

14 Tools RiskWeb Early Warning System Assessment and Quantification tools Culture Knowledge Mgmt Metrics Training Communication Assess Risk Treat Risk Monitor & Report Enterprise-wide Integration Strategic Planning Programs/PMO Processes Functions Risk Management Process Allocation of Capital Control Cost Drive Innovation Manage Growth Risk Attributes Lifecycle Individual Portfolio Qualitative Quantitative Organization Enterprise Risk Committee CRO or ERM Manager Risk Strategy & Appetite Internal Audit Risk Mgmt IT Security ERM BCP Legal EH&S Risk Strategy Appetite Prioritize Treatment Approach Program Strategy Develop Deploy Continuously Improve Risk Functions Business Objectives Risk Drivers Strategy Capability Capability Functions Process Organization Culture Tools Enterprise- Wide Integration Risk Attributes Risks Strategic Operational Stakeholder Financial Intangible ERM Framework

Download ppt "Mark Carey, CPA, CISA President Toll free: 866.335.2736 x101 International: 001.801.756.4180 x101 Enterprise Risk Management:"

Similar presentations

DoD Logistics Human Capital Strategy (HCS) Executive Overview 1 October 2008.

DoD Logistics Human Capital Strategy (HCS) Executive Overview 1 October 2008.
AASHTO Internal Audit Conference 2012 – Phoenix Daniel Fodera, CMQ/OE Program Management Improvement Team Federal Highway Administration.

AASHTO Internal Audit Conference 2012 – Phoenix Daniel Fodera, CMQ/OE Program Management Improvement Team Federal Highway Administration.
Risk Management at Harvard – Panel Discussion Harvard IT Summit

Risk Management at Harvard – Panel Discussion Harvard IT Summit
Auditing Governance Functions

Auditing Governance Functions
Lisanne Sison Director ERM Bickmore

Lisanne Sison Director ERM Bickmore
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, 2007. This work is the intellectual property rights of the author.

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
Primary Benefit Types Value Discipline Benefits – Operating Excellence Reduce Cost Reduce Risk – Product Leadership Increase Revenue – Customer Intimacy.

Primary Benefit Types Value Discipline Benefits – Operating Excellence Reduce Cost Reduce Risk – Product Leadership Increase Revenue – Customer Intimacy.
Operational Risk ACSDA Leadership Forum ACSDA Leadership Forum New York City, USA - October 8-10, 2007 Diana Downward, DTCC.

Operational Risk ACSDA Leadership Forum ACSDA Leadership Forum New York City, USA - October 8-10, 2007 Diana Downward, DTCC.
“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”

“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.

Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Enterprise Risk Management Its Meaning and Import Jerry A. Miccolis, FCAS, MAAA Tillinghast - Towers Perrin.

Enterprise Risk Management Its Meaning and Import Jerry A. Miccolis, FCAS, MAAA Tillinghast - Towers Perrin.
© 2003 DelCreo, Inc. All rights reserved. | U.S. Toll-free 866.DELCREO | International 001/801.756.4180 |

© 2003 DelCreo, Inc. All rights reserved. | U.S. Toll-free 866.DELCREO | International 001/ |
Mark Carey, CPA, CISA President Toll free: 866.335.2736 x101 International: 001.801.756.4180 x101 Business Continuity.

Mark Carey, CPA, CISA President Toll free: x101 International: x101 Business Continuity.
6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.

6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.
EBusiness Enterprise Risk Management Mark Carey, CPA, CISA President Toll free: 866.335.2736 x101 International: 001.801.756.4180 x101

EBusiness Enterprise Risk Management Mark Carey, CPA, CISA President Toll free: x101 International: x101
Enterprise Risk Management and Business Continuity Planning Mark Carey, CPA, CISA President 866.335.2736 x8431

Enterprise Risk Management and Business Continuity Planning Mark Carey, CPA, CISA President x8431
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
Saba Confidential 1 Next Generation HCDM April 16, 2003 E-Learning Brazil Conference Magna Session Bobby Yazdani President and COO.

Saba Confidential 1 Next Generation HCDM April 16, 2003 E-Learning Brazil Conference Magna Session Bobby Yazdani President and COO.

Similar presentations

Ads by Google