Upload
willis-smith
View
216
Download
0
Embed Size (px)
Citation preview
berrydunn.com | GAIN CONTROL
Enterprise Risk Management: from Resistance to Resilience
NASACT 2014 Annual Conference
Bill Brown, Principal, BerryDunn
2
DISCUSSION POINTS
• What is Enterprise Risk Management (ERM)?
• Why is it necessary?
• How can it benefit your organization?
3
WHAT IS ERM?
Enterprise Risk Management (ERM) is a holistic approach to identifying, measuring, prioritizing and addressing the risks of an organization at the enterprise level.
4
• Encourage strategic alignment
• Standardize core knowledge
• Drive success
• Support organizational values
• Take a long-term outlook
• Be internally managed
• Leverage technology
• Improve quality
WHAT IS ERM? COMMON STANDARDS & OBJECTIVES
5
WHAT IS ERM?8 PRINCIPLES
ERM
Assess risk environment
Determine expected vs unexpected
Understand risks & current controls
Identify risk activities
Mitigation & mgmt
planning
Assign ownership
Provide governance
Monitor
6
THE BUILDING BLOCKS OF ERM
• Consistent approach
• Government as a single, unified entity
• Shared risk appetite across agencies
• Consistency among diverse initiatives
• Formalized accountability and ownership
• Process to escalate and report risks
• Leadership review of strategic risk initiatives
7
WHY IS TRADITIONAL RISK MANAGEMENT INADEQUATE?
Does not serve the organization as a whole
Inefficiently allocates scarce resources
Ignores the goal of resiliency
8
CHARACTERISTICS OF A SUCCESSFULERM PROGRAM
Transparent, holistic, and focused on resiliency
Include action-based frameworks
Encourage enterprise-
wide collaboration
Include a formal
reporting process
Encourage proactive
discussions
9
A HOLISTIC SOLUTION IS CRITICAL
10
SUCCESSES ARE QUIET. EVENTS (AND FAILURES) ARE NOISY.
11
CASE STUDY: INTEGRATED ERM PROGRAM
State AgenciesManage Risks
Monitor ComplianceImplement Corrective Action
Report Results
ERM CommitteeCompliance OversightDiscuss/Review KRIsReview Dashboards
Review/Update Action Chart
Internal AuditAssess Compliance
Report Results
ERM DashboardBusiness Unit KRIs
ChartsAction Plans
Controllers’ OfficeReview ERM Committee Results
Present to Governor’s Office
Governors’ OfficeReview Strategic KRIs
Review DashboardFeedback on Strategic Direction
Feedback on Risk Appetite
Audit Committee
12
BENEFITS OF ERM
Risk
Cost of Controls
13
RESILIENCE: THE PROPER GOAL OF ERM