Click here to load reader

Aligning Key Enterprise Risk to Strategic Initiatives Handouts/RIMS 15/SRM003/Aligning Key...Aligning Key Enterprise Risk to Strategic Initiatives Using Metrics ... Using*KRIs,*KPIs*and*strategic*objecAves*to*opAmize

  • View
    217

  • Download
    0

Embed Size (px)

Text of Aligning Key Enterprise Risk to Strategic Initiatives Handouts/RIMS 15/SRM003/Aligning...

  • Aligning Key Enterprise Risk to Strategic Initiatives Using Metrics

    SSF ID 218

    Chrystina Howard, SVP, Willis Kenneth Felton, SVP, Willis

  • Learning Objectives(Ariel 44pt bold) At the end of this session, you will: (list key learning objectives and takeaways that attendees will learn) Learning Objective 1 Understand how to identify key risks that may have an

    impact on the achievement of organizational goals

    Learning Objective 2 Understand how to identify relevant quantitative and qualitative metrics to monitor performance against plan

    Learning Objective 3 Understand how to map key relevant risks to core strategic initiatives in order to achieve enterprise objectives

  • Agenda

    1. Outline the ERM process, benefits & output 2. Demonstrate the link between ERM success and strategic objecAves 3. Using KRIs, KPIs and strategic objecAves to opAmize achievement of

    organizaAonal goals

  • Risk Evaluation Your presentation and handouts are due by April 10

    www.rims.org/upload Once uploaded, changes are not permitted until onsite in New Orleans

    Update your profile TODAY www.rims.org/myprofile

  • ERM Review Must Achieve the Three Es of Assessment

    Economy - Controlling the cost of the assessment Efficiency - CompleAng the assessment with minimum expenditure of effort EffecAveness Achieving the results or benefits based on the stated scope and goals of the assessment

  • Risk IdenAficaAon: 80/20 Rule

    OrganizaAons have a tendency to spend 80 percent of their Ame idenAfying risks and only 20 percent of their Ame doing something to develop risk miAgaAon strategies to reduce the impact on the organizaAon Flip the 80/20 Rule Spend 80 percent of your Ame fully arAculaAng, assessing impact and likelihood and developing risk miAgaAon strategies

  • Accelerated ERM Process Steps

    1. Define the objecAves and Ame scale for assessment

    2. Select the opAmal cross-funcAonal team for assessment acAviAes

    3. Develop Universe of Risks

    4. Develop broad prioriAzaAon of Universe of Risks

    5. IdenAfy most relevant risks for deep analysis

    6. Fully arAculate and assess risk

    7. Develop Performance Improvement Plans

    8. Execute Risk MiAgaAon plans

  • Risk Assessment

    The objecAve is to idenAfy and arAculate the most relevant risks that could impact the organizaAons ability to achieve objecAves Dont Boil The Ocean How is this accomplished:

    Structured interviews Internal audits of risk assessments Public domain search Comprehensive on-line risk survey with write-ins Workshops

  • Define Assessment ObjecAves

    Defines the premise on which the assessment is based.

    To assess the major risks to Memorial Hospital achieving its strategic business objecAves over the next 3 years.

  • Action Required!

  • Risk PrioriAzaAon

    IniAal objecAve to grossly prioriAze the top 20-25 risks Fully ArAculate each risk Assess Impact and Likelihood

  • Risk Assessment

    Fully arAculate the risk into component parts:

    Most risk descripAons focus on triggering events EssenAal to idenAfy key drivers or exisAng characterisAcs that

    make the organizaAon vulnerable List specific consequences that all stakeholders can understand IdenAfy the controls currently in place to specifically address

    each risk

  • Risk Register

    Risk Assessment for :Date: 1-May-14Business Objective(s):Risk No.

    Exposure & Drivers

    Triggers Consequences Current Controls Category L I Gross Risk

    Performance Improvement Plans

    L I Gross Risk

    1 Driver 1, driver 2, driver 3

    Triggering event; future potential

    Reduction in revenue; increase in expenses; reputation damage

    Policy ABC, protocol XYZ, committee 123

    IT 4 4 16 Action 1, item 2, measure 3

    3 4 12

    2 Drivers 7-12; driver 4

    Loss event due to outside exposures; loss event due to internal exposures

    Brand damage; loss of equity; rework; loss of customers

    Gold standard; BCP and trial run off site; backups

    IT 3 5 15 New protocols enacted by board and carried out by senior team

    3 4 12

    3 Driver 3, exposure to significant dependence on suppliers

    External audit, internal audit or accounting discovery of material finding(s)

    Legal action; higher expenses and lower profit margin; loss of market share

    Substantial framework in place; management of risk; loss control steps

    Regulatory 5 3 15 Incremental improvement steps; risk owners; time scale

    2 3 6

    XYZ Financial Institution

    Identify and assess major risks to XYZ achieving its strategic objects over the next 3 years

  • Likelihood and Impact RaAngs

    Impact Score Impact Financial Impact

    5 Major / Catastrophic Financial impact greater than $10M

    4 Significant Financial impact of more than $5M but less than $10M

    3 Moderate Financial impact of more than $2M but less than $5M

    2 Low Financial impact of more than $1M but less than $2M

    1 Negligible Financial impact of less than $1M

    Likelihood Rating Likelihood Frequency

    5 Expected ( Annual or 2 year to 3 year type event )

    4 Probable ( 5 year to 10 year event )

    3 Moderate ( 10 year to 25 year event )

    2 Unusual ( 25 year to 50 year event )

    1 Remote ( 50+ year event )

    The consequences of the risk materializing are severe but could be managed to some extent.

    The consequences of the risk materializing are less severe and can be managed to a large extent.

    The consequences of the risk materializing are considered relatively unimportant.

    There are no meaningful consequences if this risk materializes.

    Could conceivably occur but would be extremely remote

    Description

    If this risk were to materialize, the company would find it almost impossible to recover financially. Reputational impact would almost certainly occur.

    Description

    Occurs often / is to be expected

    Known to occur / would not be surprising

    Could occur but infrequently

    Could possibly occur but would be rare

    LOW MODERATE HIGH LOW MODERATE HIGH

    SEVERITYFREQUENCY

    ImpactLow 1Med 2High 3

    ProbabilityLow 1Med 2High 3

  • Risk Map

    Likelihood / Impact Risk DistributionCurrent Controls After Additional Controls

    N.B. - Bubble size shows how many risks intersect at that point N.B. - Bubble size shows how many risks intersect at that point

    1 1

    2 4 2 1

    2 2 1

    1

    0

    1

    2

    3

    4

    5

    6

    0 1 2 3 4 5 6Impact

    Like

    lihoo

    d

    1

    1 2

    1 2 4 2

    1 1 2 1

    0

    1

    2

    3

    4

    5

    6

    0 1 2 3 4 5 6Impact

    Like

    lihoo

    d

    Likelihood

    Expected 5 2, 3 1

    Probable 4 18 10, 11, 12, 13, 14 4, 5

    Possible 3 16 7, 8, 9 6

    Unusual 2 17 15

    Remote 1

    1 2 3 4 5 ImpactNegligible Low Moderate Significant Catastrophic

    Contingency Plans

    Control Causes Immediate Action

    Monitor

    RISK LOW MOD HIGH LOW MOD HIGH

    Risk 1 Risk 1Financial Risk 2 Risk 2

    Research Risk 5 Risk 8 Risk 5 Risk 8Center Risk 6 Risk 6

    Risk 7 Risk 7

    Employment Risk 3 Risk 3Practices

    Green Risk 4 Risk 4Lab Risk 9 Risk 9

    Risk 10 Risk 10Risk 11 Risk 11

    Patient- Risk 12 Risk 13 Risk 15 Risk 15 Risk 16 Risk 12Oriented Risk 14 Risk 16 Risk 13 Risk 17Research Risk 17 Risk 14

    Commodity Risk 19 Risk 18 Risk 18Risk 19

  • Source of Risk

    0 1 2 3 4 5

    Economic

    Investments

    Natural events

    People

    Political / Social

    Processes

    Products / Services

    Strategy and policy

    Technology / Industry change

    Analysis by Source of Riskand Stratified by Risk Rank

    20

  • Performance Improvement Plan

    Risk No.: 4 Risk Scores Likelihood Impact Gross Risk Risk RankBefore

    Improvement 4 4 16

    After Improvement

    Triggers:

    Consequences:

    Current Controls:

    Risk Number:4

    Allocated to Target Date

    John Completed / OngoingTom / ED Nurse Manager Ongoing

    Kathy 9/1/2013

    Tom / ED Nurse Manager Ongoing

    Kathy 9/1/2013

    Underlying Vulnerabilities:

    Critical patient wait time in ED for room assignment/treatment; Excessive length of stay across hospital; CMS core measure; Appropriate and competent staffing

    ER Service line / Patient flow

    Risk Description: Responsible:

    Decreased percent of patients leaving without being seen (LWBS)

    Decreased RN and PCA turnover

    Lab results delivered prior to 9:00 A.M. / Analysis of results

    Re-education for appropriate assignment of patient intensity

    Implement Program (including Orienting of 2.0 FTEs and Redesign patient throughput plan)

    Physician extenders available (Pending approval)

    Recruit and retain / Increase RN and PCA staffing ratios

    Increase in Provider FTEs

    Continue RN and Patient Care Associate (PCA) Staffing

    Jake

    Lean Six Sigma; Monitor ED Throughput; Data Transparency; Rounding

    Extended stay in the ER; Overcrowding

    Patient safety; Lost revenue; Clinical and patient dissatisfaction; Poor patient outcome; ED diversion; Increased costs; Damaged relationship with FD and EMS; Reputation damage

    Measure of Success

    Documented proof that 90% of A.M. labs by 9:00 A.M.

    Reduced treat and release times

    Decreased holding times (DTA to Depart)

    Action

    Early phlebotomy and lab results

    Continue Curren

Search related