Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2003 DelCreo, Inc. All rights reserved. | U.S. Toll-free 866.DELCREO | International 001/801.756.4180 |

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2003 DelCreo, Inc. All rights reserved. | U.S. Toll-free 866.DELCREO | International 001/801.756.4180 |"— Presentation transcript:

1 © 2003 DelCreo, Inc. All rights reserved. | U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.com | www.delcreo.cominfo@delcreo.comwww.delcreo.com 0 Changed World, New Risks Mark Carey, CPA, CISA

2 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 1 ERM Definition An consistent and organization-wide approach to develop and implement a comprehensive risk strategy and program in order to: –Provide a baseline level of protection of value creating assets, or –Use risk management strategies and tools to assure success of strategic objectives and improve organizational returns (as defined by key stakeholders)

3 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 2 Office of Homeland Security Government Lesson US faces many new, non-conventional threats: –Terrorism –Proliferation of weapons of mass destruction –Attacks on critical infrastructure –International drug trade –etc. No single department, agency, state, local or private sector entity can handle alone, up to 46 different federal agencies are responsible for addressing the non-conventional threats The Office of Homeland Security was created to “coordinate the executive branch's efforts to detect, prepare for, prevent, protect against, respond to, and recover from terrorist attacks within the United States.” Business Application Businesses also face new, non-conventional and complex conventional threats that require coordinated risk management through an enterprise-wide risk management organization/function

4 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 3 Homeland Security Council Government Lesson The Homeland Security Council was established to: –Advise and assist the President with respect to all aspects of homeland security –Ensure coordination of homeland security-related activities of executive departments and agencies –Effective development and implementation of homeland security policies Business Application Consider establishing an enterprise risk council to: –Provide relevant risk information to CXO’s and BOD –Coordinate risk management activities of various functions and business units –Develop and implement corporate risk management policies

5 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 4 Silos Government Lesson Silos exist in: –departments and agencies, Federal, state and local Foreign and domestic US, allies and other –Information Systems and Databases –Processes Intelligence gathering and dissemination activities Business Application Create processes, systems and tools to reach across silos to provide the “big picture” Focus corporate risk management resources on what matters the most Leverage the “silo” expertise through better coordination for complex risks

6 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 5 Low Cost, High Tech Government Lesson Sophisticated technologies that may be employed as weapons of Mass Destruction –Biological and chemical weapons –Technology Tools that have the ability to inflict massive damage are getting cheaper Business Application Sophisticated tools are increasingly affordable and are being used by competitors, customers, employees, litigation teams, etc. Understand impact there tools may have on your organization

7 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 6 Low Tech, High Impact Government Lesson Terrorist have employed low tech weapons to inflict massive physical or psychological damage –Box cutters –Envelopes Business Application Identify assets at risk –Strategic Initiatives –People –Process –Information Systems –Physical Infrastructure –Geography –Organization –Products –Flows (supplies, information, electricity, cash, etc.) Focus risk assessment on how the asset may be impacted Consider best and worst case scenarios (to ensure preparation for best and worst times)

8 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 7 Incident Management Government Lesson The Executive Branch lacked a formal terrorist incident management process, coordinator and team The Homeland Security Director will be the individual primarily responsible for coordinating the domestic response in the event of an imminent threat, and during and in the immediate aftermath of a terrorist attack Business Application Define a formal incident management process with pre-incident planning activities, escalation triggers, defined responsibilities and response pathways

9 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 8 Early Warning System Government Lesson Silos prevented effective aggregation of early warning signals Local decisions to disregard significant information Lack of appropriate escalation metrics and thresholds Many early warning signals were not deemed credible Business Application Develop and constantly enhance quality of information collected and of early warning tools

10 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 9 ERM Definition An consistent and organization-wide approach to develop and implement a comprehensive risk strategy and program in order to: –Provide a baseline level of protection of value creating assets, or –Use risk management strategies and tools to assure success of strategic objectives and improve organizational returns (as defined by key stakeholders)

11 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 10 Business Case: Improve Total Cost of Risk Gaps in Risk Coverage and Information –Emerging risk areas –Strategic Planning and Decision Making Processes do not receive complete, reliable and timely risk information –Programs/Projects with multiple vulnerabilities –Vulnerabilities that require multiple skills, aggregation of data, etc to mitigate Cost of Managing Risks –Poor use of process enabling technology –Knowledge management –Modeling/Data aggregation tools –Coordination and communication between risk functions, business organizations, and management

12 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 11 Case Studies: Fortune 50 Company Emerging Risk Areas Growth Cost and Efficiency Allocation of Capital Value Drivers Strategic Process Intangible Information System Infrastructure People Suppliers Customers Competitors Rapid Risk Assessment Process Risk Management Portal Toolkit Development Risk Council ERM Strategic Plan Key Risks Risk Management Program

13 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 12 Strategic Planning and Risk Analysis Decision Making Process 1 2 3 4 5 Filters Information Action or Decision 1.People’s cognitive limitations 2.Operating goals, rewards and incentives 3.Information, measurement, and communication systems 4.Organizational and geographical structure 5.Tradition, culture, folklore and leadership

14 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 13 Strategic Planning and Risk Analysis Maps Words Diagrams Friendly Algebra Simulation Qualitative Models Gaming Simulators Quantitative Models Concepts & Theory Facilitation Changing Business Environment Recognized Strategic Issue (Opportunity or Threat) Executive Debate and Dialogue Action Plans and Change

15 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 14 Risk Profiling Process Coverage –Strategic Initiatives –People –Process –Information Systems –Physical Infrastructure –Geography –Organization –Products –Flows (supplies, information, electricity, cash, etc.) Risks Approach –Stakeholder Value Based –Focus on Risks that Impact Stakeholder Value Use of Technology

16 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 15 Value Driver/Risk Analysis Road Map Industry Analysis Competitive Advantage Strategy and Execution Market & Segment Analysis Value Drivers Risk Drivers Determine Scope and Effort Validate and Refine Define Baseline Protection

17 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 16 Some Key Elements of a Successful ERM Program Strategy Program Strategy Go to Market 30-60-90 Day Plan People Sponsor Program Manager Technical Expertise Workers Processes Program Management Organizational Change Internal Marketing Knowledge Management Performance Measurement and Reporting Risk Management Technology Intranet Risk Portal Automated and Integrated Risk Tool Quantitative Analysis Scenario and Simulation Tools Program Management Tools

18 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 17 You Probably Have a Business Case When…. Baseline protection of assets is not in place Rising cost of risk events High cost of risks compared to peers Returns are less than required for a given risk profile Projected or unanticipated change(s) impact the items above

19 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 18 Why ENTERPRISE Risk Management is Necessary Continually provides necessary and consistent risk information and measures to decision makers Risk measures are a key factor in most, if not all decision making and valuation approaches Risks may hedge, aggregate with, magnify or be uncorrelated with other risks All of the above scenarios present opportunities and challenges The real impact of risk is often separated by time and space from the occurrence One really big risk, or a swarm of small risks can put you out of business

20 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 19 Really Why ENTERPRISE Risk is Necessary Speak the language of business executives; Align your function with the value drivers and strategies of the organization; Enhance your professional success by making yourself, your job and your function more relevant to the value creating activities of your organization; While creating value for your organization!

21 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 20 Enterprise Risk Management: Getting Started Develop Risk Framework –Determine Value Drivers for Your Stakeholders –Identify Risk Drivers Risk Management Profiling –Identify and Qualify/Quantify Risks –Identify and assess current risk management capabilities, processes and practices Build Business Case –Identify Gaps and Overlaps in Risk Management Coverage –Identify risk management inefficiencies Create Future Vision –Design future vision of risk management –Create strategic plan

22 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 21 Enterprise Risk Management: Getting Started Pilot –Pilot implementation of future vision on limited scale –Adjust strategy –Plan for full implementation Full Implementation Ongoing Operations and Improvement

23 © 2003 DelCreo, Inc. All rights reserved. U.S. Toll-free 866.DELCREO | International 001/801.756.4180 info@delcreo.cominfo@delcreo.com | www.delcreo.comwww.delcreo.com 22 FREE Risk Resources DelCreo is committed to the continual improvement of the risk community. DelCreo offers a FREE monthly eZine with up-to-date information concerning risk issues and risk professionals. In addition, we have a FREE workbook Strategy Planning Workbook for Risk Professionals. DelCreo also offers a number of free presentations, articles and other pieces of valuable information for download on our website. www.delcreo.com/delcreo/free.cfm

Download ppt "© 2003 DelCreo, Inc. All rights reserved. | U.S. Toll-free 866.DELCREO | International 001/801.756.4180 |"

Similar presentations

HR Manager – HR Business Partners Role Description

HR Manager – HR Business Partners Role Description
National Incident Management System (NIMS)  Part of Homeland Security Presidential Directive-5, February 28, 2003.  Campuses must be NIMS compliant in.

National Incident Management System (NIMS)  Part of Homeland Security Presidential Directive-5, February 28,  Campuses must be NIMS compliant in.
Mark Carey, CPA, CISA President Toll free: 866.335.2736 x101 International: 001.801.756.4180 x101 Enterprise Risk Management:

Mark Carey, CPA, CISA President Toll free: x101 International: x101 Enterprise Risk Management:
Centro Internacional para Estudios del Medio Ambiente y el Desarrollo Sostenible CIEMADeS Centro Internacional para Estudios del Medioambiente y el Desarrollo.

Centro Internacional para Estudios del Medio Ambiente y el Desarrollo Sostenible CIEMADeS Centro Internacional para Estudios del Medioambiente y el Desarrollo.
Assessing the impact of an aging workforce across global organizations.

Assessing the impact of an aging workforce across global organizations.
It’s Time to Talk About Risk and Control

It’s Time to Talk About Risk and Control
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.

Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.
1 NGA Regional Bio-Terrorism Conference Boston, Massachusetts January 12-13, 2004.

1 NGA Regional Bio-Terrorism Conference Boston, Massachusetts January 12-13, 2004.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Improving Your Business Results Six Sigma Qualtec Six Sigma Qualtec Six Sigma Qualtec – All Rights Reserved June 26, 2002 BEYOND SIX SIGMA: A HOLISTIC.

Improving Your Business Results Six Sigma Qualtec Six Sigma Qualtec Six Sigma Qualtec – All Rights Reserved June 26, 2002 BEYOND SIX SIGMA: A HOLISTIC.
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall 2-1 The Organizational Context: Strategy, Structure, and Culture Chapter 2.

Copyright © 2010 Pearson Education, Inc. Publishing as Prentice Hall 2-1 The Organizational Context: Strategy, Structure, and Culture Chapter 2.
Greg Shaw 202-994-6736 How do we turn private sector preparedness into an investment rather than a cost of doing.

Greg Shaw How do we turn private sector preparedness into an investment rather than a cost of doing.
Strategic Management & Strategic Competitiveness

Strategic Management & Strategic Competitiveness
A Portfolio Approach to Enterprise Risk Management Bruce B. Thomas November 11, 2002.

A Portfolio Approach to Enterprise Risk Management Bruce B. Thomas November 11, 2002.
1 Corporate Capabilities. Adayana was founded in 2001 to improve human capital performance Our clients come to Adayana to help improve their people’s.

1 Corporate Capabilities. Adayana was founded in 2001 to improve human capital performance Our clients come to Adayana to help improve their people’s.
Enterprise Risk Management and Business Continuity Planning Mark Carey, CPA, CISA President 866.335.2736 x8431

Enterprise Risk Management and Business Continuity Planning Mark Carey, CPA, CISA President x8431
MODELING CORPORATE RISK AT FORD Freeman Wood Director Global Risk Management.

MODELING CORPORATE RISK AT FORD Freeman Wood Director Global Risk Management.

Similar presentations

Ads by Google