Presentation is loading. Please wait.

Presentation is loading. Please wait.

Page 1 Recording of this session via any media type is strictly prohibited. Page 1 A Company’s Journey Towards Strategic Risk Management Tuesday, April.

Published byZoe Hardy Modified over 9 years ago

Similar presentations

Presentation on theme: "Page 1 Recording of this session via any media type is strictly prohibited. Page 1 A Company’s Journey Towards Strategic Risk Management Tuesday, April."— Presentation transcript:

1 Page 1 Recording of this session via any media type is strictly prohibited. Page 1 A Company’s Journey Towards Strategic Risk Management Tuesday, April 29 th 11:30am

2 Page 2 Recording of this session via any media type is strictly prohibited. Kathy Robinson, ADP o Senior Vice President and Chief Audit Executive o 20+ years of Internal Audit / Risk Management experience, including 18 years with Wall Street firms o Speaker, instructor, author for IIA, MIS and RIMS Deon Minnaar, KPMG o Americas Lead Partner for ERM / GRC o 20+ years advising Fortune 500 companies in ERM, GRC, and Internal Audit

3 Page 3 Recording of this session via any media type is strictly prohibited. What to Expect After attending this session you should better be able to: Ensure that a top-down ERM approach is used to gain greater tie-in to strategy Use the framework to make connections and provide insight to management Deconstruct risks into manageable components Use ERM as an opportunity to break out of the location-to- location or department-to-department process level audit approach Use risk process output to drive the type of audit assurance most relevant to the risk

4 Page 4 Recording of this session via any media type is strictly prohibited. Agenda Overview ERM Drivers Approach / Outputs Leading Practices Q & A Session

5 Page 5 Recording of this session via any media type is strictly prohibited. Overview – ADP Leading global provider of business outsourcing solutions and services for: Human Resources Payroll Benefits Retirement Administration Tax Payments & Compliance ADP by the numbers*: $11+ billion in revenue – #255 in the 2013 Fortune® 500 620,000 clients in more than 125 countries ADP pays 24 million (1 in 6) workers in the U.S. 60,000 associates worldwide *as of FYE13

6 Page 6 Recording of this session via any media type is strictly prohibited. Overview – ERM Basics Creating Process Building and maintaining a dynamic risk management framework and process to achieve sustainability Creating Content Identifying, evaluating and prioritizing enterprise risks Consequence Likelihood Catastrophic Major Moderate Minor Insignificant RemoteUnlikelyPossibleLikelyAlmost certain 1 6 5 3 7 9 8 12 10 11 14 13 15 16 17 4 Using risk and control information to improve performance Reporting, monitoring, and assurance activities to provide insights into risk management strengths and weaknesses Measurement, analysis, and consolidation of enterprise risks Identifying, assessing, and categorizing risks across the enterprise Establishment of approach for developing, supporting, and embedding the risk strategy and accountabilities Risk Governance Risk Assessment Risk Quantification and Aggregation Risk and Control Optimization Framework Element Description Risk Monitoring and Reporting KPMG ERM Framework

7 Page 7 Recording of this session via any media type is strictly prohibited. ERM Drivers – Leading Practices Governance Continuously improving corporate stewardship over strategic priorities Meet Credit Rating agencies’ expectations with regards to risk, to ensure “no surprises” culture Board and senior management expectation of using risk management as integrated governance structure Strategy Beyond regulation: Leveraging ERM to create a competitive advantage versus industry peers Focus on improved understanding of threats to strategy through evaluation of prioritized risks – Achieving strategy Performance Improve accountability and transparency through coordinated enterprise risk monitoring and reporting Improve efficiencies of risk assurance across functions Performance Strategy Governance

8 Page 8 Recording of this session via any media type is strictly prohibited. ERM Drivers – Risk Partner Controls Monitoring Inherent risk-driven approach Full scope auditing on a 2 – 5 year cycle Concentrates on compliance- based process level control testing Controls Impact on Organization Investment Source of Value Deep understanding of business objectives, risks and mitigation strategies Proactive identification of risks Risk expert, advisor, and change agent to the business Proactively invited by the business to be part of the solution Risk Partner Value A Risk Partner combines risk and business expertise to enable a company to become a more risk intelligent enterprise thereby improving business results and protecting its brand and reputation. Enterprise-wide view of business objectives, risks and mitigation strategies Ongoing monitoring utilizing varying audit techniques and approaches Shares control checklists and leading practices with the business Risk Monitoring Insight

9 Page 9 Recording of this session via any media type is strictly prohibited. ERM Drivers Enable the company to become a more risk intelligent enterprise thereby improving business results and protecting the company’s brand and reputation To embed a risk management mentality within the organization’s existing processes Provides a continuous focus on the risks that matter to the company Drives accountability Increases transparency by using key metrics to measure success Provides independent perspective

10 Page 10 Recording of this session via any media type is strictly prohibited. Quantitative metrics (e.g., KPIs, KRIs) which provide additional audit plan development insights Focused on specific audit areas during planning phase Emerging risks out of IA plan execution Examples: New sales contracts Bottom Up Start with Auditable Universe Source: IA findings, system reporting Top Down Start with Risk Universe Source: Management reporting, risk assessment interviews, ERM results Linkage to Enterprise Wide Risks and Initiatives Management KRIs/KPIs to monitor the business Segment/Function Reporting Example: Target Revenue goals (%/$) Audit Plan ERM Approach – Enterprise-wide Risk Assessment Process

11 Page 11 Recording of this session via any media type is strictly prohibited. ERM Approach – Enterprise-wide Risk Assessment Process Identification Monitoring Assessment Mitigation Company Strategy Prioritization Critical Risk Profile Mitigation Activities Metrics Reporting Governance & Ongoing Communications Top 12 Risk Universe Audit Activities

12 Page 12 Recording of this session via any media type is strictly prohibited. ERM Approach – Mitigation Strategy and Metrics Validate Sub-Risks / Objectives and Related Threats Identify Broad Risks During Risk Assessment Develop High-Level Mitigation Strategies Deconstruct Broad Risks and Prioritize Include: Key risks Project objectives Potential measures / metrics Existing activities Next steps and timeframes For process risks: Deconstruct broad risks into prioritized sub-risks For strategic or external risks: Understand objectives and threats to achievement Metrics Dashboard Detailed Monitoring (as needed) Detailed Action Plans for Specific Risks Includes: Risk Areas Program Areas Program Components Current Action Plans Timelines

13 Page 13 Recording of this session via any media type is strictly prohibited. ERM Output – Metrics Reporting IDRisk NameRisk DescriptionMetrics BBusiness Resiliency (BCP / DR) Business functions cannot be maintained should a system outage or loss of location occur 1. # DR plans tested during current year 2. # BC plans tested during current year Activities: Disaster Recovery -Activities description content Business Continuity -Activities description content Key Learnings: -Key Learnings description content Planned DR tests DR plans tested TESTED: x out of x 74% x out of x 50% 0 out of x 0% 1. 2.. Additional Information – Internal Audit Reports: -Report #1 : key issues summary -Report #2: key issues summary -Report #3: key issues summary -Report #4: key issues summary Source: list information sources here

14 Page 14 Recording of this session via any media type is strictly prohibited. ERM Approach – Integrated Assurance ProcessStrategicExternal Risk Etc. Initiatives do not exist (Audits) Risk Etc. Initiative exists (Monitoring) Risk Etc. Risk Etc. Risk Etc. Risk Etc. Risk Etc. Risk Etc. Risk Etc. Risk Etc. Orange Risks Red Risks Yellow Risks Priority 1 (Audits ) Priority 3 (Audits and Moderate Monitoring) Priority 4 (Light Monitoring) Priority 2 (ERM Governance)

15 Page 15 Recording of this session via any media type is strictly prohibited. ERM Output – Governance Best Practice Board Audit Committee Management Risk Committee Enterprise Risk Management Team Enterprise Risk Management Working Group BU / Function Risk Facilitator Risk Coordinator RolesStructure Risk management oversight Set strategy, allocate resources and proactively manage critical risks Facilitate risk management process Day-to-day risk management (front line) Reporting Periodic updates Periodic discussions on key metrics and mitigation plan progress Meetings focused on key metrics and mitigation plan updates as needed

16 Page 16 Recording of this session via any media type is strictly prohibited. Leading Practices Identifying, focusing and responding to the right risks ●Identifying and responding to the most significant risks ●Focusing attention on areas needing mitigation or optimization ●Linking risk to strategic planning ●Using scenario analysis to focus on emerging risks Right level of controls (Control Portfolio Optimization) ●The right level of controls executed by the right people with the right information from the right system ●Aiming to contribute to improved business performance ●Understanding risk tolerance and thresholds: the cornerstone of risk management Risk management structure and governance ●Accountability and assurance ●Reporting to management and Board ●Clearly defining roles and responsibilities in risk governance – Three Lines of Defense ●Consideration for a risk executive or equivalent ●Convergence of risk oversight functions Risk culture ●The organization’s culture facilitates and embraces the sharing of risk information ●Understanding risk culture and its impact on a risk management program ●Targeted risk management communication, awareness and training programs Is the right amount of risk taken? ●Measuring and monitoring ●Risk awareness ●Defining risk appetite more specifically ●Determining risk tolerance levels for specific risks ●Increased emphasis on key risk indicators ●Risk Committees for key decisions II IIII IIIIII IVIV VV Capabilities Practice

17 Page 17 Recording of this session via any media type is strictly prohibited. Questions? -------------------------- Contact Information Kathy Robinson, Senior Vice President and Chief Audit Executive, ADP kathy.robinson@adp.com Deon Minnaar, Partner, KPMG deonminnaar@kpmg.com

Download ppt "Page 1 Recording of this session via any media type is strictly prohibited. Page 1 A Company’s Journey Towards Strategic Risk Management Tuesday, April."

Similar presentations

Risk Management at Harvard – Panel Discussion Harvard IT Summit

Risk Management at Harvard – Panel Discussion Harvard IT Summit
Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.

Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.
Auditing Governance Functions

Auditing Governance Functions
IMFO Audit & Risk Indaba June 2012

IMFO Audit & Risk Indaba June 2012
Own Risk & Solvency Assessment (ORSA): The heart of Risk & Capital Management John Spencer Director, Ultimate Risk Solutions.

Own Risk & Solvency Assessment (ORSA): The heart of Risk & Capital Management John Spencer Director, Ultimate Risk Solutions.
Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.

Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.
It’s Time to Talk About Risk and Control

It’s Time to Talk About Risk and Control
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.

Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.
ERM in the Rating Evaluation CAMAR Fall Meeting November 29, 2007 Thomas M. Mount, ACAS, MAAA Andrew Colannino, Vice President A.M.Best Company.

ERM in the Rating Evaluation CAMAR Fall Meeting November 29, 2007 Thomas M. Mount, ACAS, MAAA Andrew Colannino, Vice President A.M.Best Company.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
Improving Your Business Results Six Sigma Qualtec Six Sigma Qualtec Six Sigma Qualtec – All Rights Reserved June 26, 2002 BEYOND SIX SIGMA: A HOLISTIC.

Improving Your Business Results Six Sigma Qualtec Six Sigma Qualtec Six Sigma Qualtec – All Rights Reserved June 26, 2002 BEYOND SIX SIGMA: A HOLISTIC.
Eliot M. Stenzel, CPA,CIA IIA Instructor for many years. 220-3198 Risk Based Auditing.

Eliot M. Stenzel, CPA,CIA IIA Instructor for many years Risk Based Auditing.
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.

6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.
Shared Learning Services : Key Learnings Session 102 November 9, 2009.

Shared Learning Services : Key Learnings Session 102 November 9, 2009.
Viewpoint Consulting – Committed to your success.

Viewpoint Consulting – Committed to your success.
PwC Role of Internal Audit in Corporate Governance September 2010 Tumin Gültekin, Partner.

PwC Role of Internal Audit in Corporate Governance September 2010 Tumin Gültekin, Partner.
RSM McGladrey, Inc. is a member firm of RSM International – an affiliation of separate and independent legal entities. Operational Risk Management Framework.

RSM McGladrey, Inc. is a member firm of RSM International – an affiliation of separate and independent legal entities. Operational Risk Management Framework.
LINKING ENTERPRISE RISK MANAGEMENT TO STRATEGY November 27, 2014 Presented by: Carolyn M. Snow RIMS President Director, Risk Management, Humana Inc. Mary.

LINKING ENTERPRISE RISK MANAGEMENT TO STRATEGY November 27, 2014 Presented by: Carolyn M. Snow RIMS President Director, Risk Management, Humana Inc. Mary.

Similar presentations

Ads by Google