View
76
Download
0
Tags:
Embed Size (px)
Citation preview
berrydunn.com | GAIN CONTROL
Enterprise Risk Management: from Resistance to Resilience
NASACT 2014 Annual Conference Bill Brown, Principal, BerryDunn
DISCUSSION POINTS
• What is Enterprise Risk Management (ERM)?
• Why is it necessary?
• How can it benefit your organization?
2
WHAT IS ERM?
Enterprise Risk Management (ERM) is a holistic approach to identifying, measuring, prioritizing and addressing the risks of an organization at the enterprise level.
3
• Encourage strategic alignment • Standardize core knowledge • Drive success • Support organizational values
• Take a long-term outlook • Be internally managed • Leverage technology • Improve quality
WHAT IS ERM? COMMON STANDARDS & OBJECTIVES
4
WHAT IS ERM? 8 PRINCIPLES
5
ERM
Assess risk environment
Determine expected vs unexpected
Understand risks & current controls
Identify risk activities
Mitigation & mgmt
planning
Assign ownership
Provide governance
Monitor
6
THE BUILDING BLOCKS OF ERM
• Consistent approach
• Government as a single, unified entity
• Shared risk appetite across agencies
• Consistency among diverse initiatives
• Formalized accountability and ownership
• Process to escalate and report risks
• Leadership review of strategic risk initiatives
WHY IS TRADITIONAL RISK MANAGEMENT INADEQUATE?
7
Does not serve the organization as a whole
Inefficiently allocates scarce resources
Ignores the goal of resiliency
CHARACTERISTICS OF A SUCCESSFUL ERM PROGRAM
8
Transparent, holistic, and focused on resiliency
Include action-based frameworks
Encourage enterprise-
wide collaboration
Include a formal
reporting process
Encourage proactive
discussions
CASE STUDY: INTEGRATED ERM PROGRAM
State Agencies Manage Risks
Monitor Compliance Implement Corrective Action
Report Results
ERM Committee Compliance Oversight Discuss/Review KRIs Review Dashboards
Review/Update Action Chart
Internal Audit Assess Compliance
Report Results
ERM Dashboard Business Unit KRIs
Charts Action Plans
Controllers’ Office Review ERM Committee Results
Present to Governor’s Office
Governors’ Office Review Strategic KRIs
Review Dashboard Feedback on Strategic Direction
Feedback on Risk Appetite
Audit Committee
11