Upload
bruce-lewis
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
Risk Assessment
Office of the ControllerJuly 23, 2004
Today’s AgendaToday’s Agenda
• Risk Assessment Framework Risk Assessment Framework
• Where Can Risk Occur?Where Can Risk Occur?
• Department ConcernsDepartment Concerns
• Campus ProcessesCampus Processes
• ScenarioScenario
Framework for Framework for Management of RiskManagement of Risk
UnderstandObjectives
AchieveAcceptable
Level ofExposure
Understand Risks
Manage Risks
What are you trying to
accomplish?
Where the efforts are focused
What gets in your way of
achieving your objectives?
Challenges or obstacles that could impact
your objectives
What are you doing to
manage this?
Current control
activities to manage risk
What is your level of
exposure?
Finding the right balance of controls
Discussion Item #1Discussion Item #1
Objective: Doing a successful Objective: Doing a successful presentation.presentation.
• What are the risks?What are the risks?
Risk Assessment Risk Assessment ComponentsComponents• ObjectivesObjectives
• RisksRisks
• Managing RiskManaging Risk
• Evaluating RiskEvaluating Risk
• Improvement Opportunities Improvement Opportunities
• MonitoringMonitoring
Where Can Risk Occur?Where Can Risk Occur?Measurement
&Information
PeopleRisks
Processes &
SystemsRisks
EnvironmentRisks
Materials,Facilities,
Equipment
FinancialObjectives
People RisksPeople Risks
• Ethics, culture, values, tone at the Ethics, culture, values, tone at the top top
• TrainingTraining
• Safety and securitySafety and security
Environment RisksEnvironment Risks
• LegalLegal
• SuppliersSuppliers
• NaturalNatural
• PoliticalPolitical
• CompetitionCompetition
Measurement and Measurement and Information RisksInformation Risks
• Timeliness / reliability / accuracyTimeliness / reliability / accuracy
• SecuritySecurity
• How we assess resultsHow we assess results
• Availability / relevanceAvailability / relevance
Processes and Systems Processes and Systems RisksRisks
• Policies and proceduresPolicies and procedures
• The way we conduct businessThe way we conduct business
• Security accessSecurity access
• System designSystem design
Materials, Facilities, and Materials, Facilities, and Equipment RisksEquipment Risks
• Quality, cost, delivery, and Quality, cost, delivery, and developmentdevelopment
• AvailabilityAvailability
• Technology / ObsolescenceTechnology / Obsolescence
• Energy ConsumptionEnergy Consumption
Department ConcernsDepartment Concerns
• Where is risk likely to occur?Where is risk likely to occur?
• What concerns do I have? Why?What concerns do I have? Why?
• How are those concerns How are those concerns managed?managed?
Discussion Item #2Discussion Item #2
Objective: Proper handling of cash.Objective: Proper handling of cash.
• Risks:Risks:Inadequate trainingInadequate trainingLack of adequate safeguardsLack of adequate safeguardsLack of individual accountabilityLack of individual accountabilityLack of separation of dutiesLack of separation of duties
• What are the consequences?What are the consequences?
• What are the controls in place?What are the controls in place?
VotingVoting
• Is the current process acceptable, Is the current process acceptable, acceptable with exposure, or acceptable with exposure, or unacceptable?unacceptable?
Next StepsNext Steps
• For those processes determined to For those processes determined to be Unacceptable, determine be Unacceptable, determine Improvement OpportunitiesImprovement Opportunities
• Establish a timelineEstablish a timeline
• MonitoringMonitoring
Campus Processes:Campus Processes:Are There Risks?Are There Risks?
• Form 5sForm 5s
• PayrollPayroll
• TravelTravel
• PurchasingPurchasing
• CashCash
ScenariosScenariosPerform a risk assessment using Perform a risk assessment using one of the following objectives:one of the following objectives:
• Ensure employees are paid Ensure employees are paid timely and accurately.timely and accurately.
• Ensure Form 5s are processed Ensure Form 5s are processed according to policy.according to policy.
• Ensure equipment purchases Ensure equipment purchases are done according to policy.are done according to policy. ..
ScenariosScenariosPerform a risk assessment using Perform a risk assessment using one of the following objectives:one of the following objectives:
• Ensure purchases using the LVPA Ensure purchases using the LVPA are done according to policy.are done according to policy.
• Ensure data integrity of financial Ensure data integrity of financial information.information.
• Ensure travel vouchers are Ensure travel vouchers are processed according to policy.processed according to policy.
Questions?Questions?
THANK YOU!THANK YOU!