Presentation is loading. Please wait.

Presentation is loading. Please wait.

RSM McGladrey, Inc. is a member firm of RSM International – an affiliation of separate and independent legal entities. Operational Risk Management Framework.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "RSM McGladrey, Inc. is a member firm of RSM International – an affiliation of separate and independent legal entities. Operational Risk Management Framework."— Presentation transcript:

1 RSM McGladrey, Inc. is a member firm of RSM International – an affiliation of separate and independent legal entities. Operational Risk Management Framework And Control Self Assessment Maurice A. Krisel April 7, 2010

2 Proprietary and Confidential The Vision of Operational Risk Management In 12 to 18 months, the Bank’s goal should be to create a report for each department and group that summarizes all relevant information that gets combined into a rating for operational risk. 1

3 Proprietary and Confidential Losse s Senior Management CSAIssues Indicators Qualitative/Quantitative Analyses Common Operational Risk Classification Scheme Pillars of Operational Risk Management 2

4 Proprietary and Confidential Control Self Assessment Framework 3

5 Proprietary and Confidential Control Self Assessment Outline Control-Self Assessment Definition Control-Self Assessment Objectives Enterprise wide Control Self Assessment Framework –Balanced Scorecard –CSA Methodology –Results Corporate Governance Project TimeLine Appendix -Delivered Solution 1. Risk Map 2. Excel Based Worksheets 3. HTML Interface 4. Excel Based 4

6 Proprietary and Confidential Control Self Assessment Definition Control-Self Assessment is a risk management tool used by business managers to transparently assess risk and control strengths and weaknesses against a Control Framework. The “self” assessment refers to the involvement of management and staff in the assessment process. 5

7 Proprietary and Confidential Control Self Assessment Objectives Communication –To ensure better communication of CEO’s objectives and strategies to all business lines –To ensure business line managers communicate their risks and controls more effectively Education –To ensure business line managers have a better comprehension of effective risk control –To ensure business line managers have a better comprehension of risk management Proactive Management –To ensure business line managers align their objectives and strategies with the CEO's objectives and strategies –To ensure business line managers assume greater responsibility and accountability for their risks and controls –To ensure business line managers monitor their risk effectively and timely –To ensure business line managers utilize and allocate their resources effectively 6

8 Proprietary and Confidential Enterprise-wide CSA Framework Goal To foster a proactive management framework which is pervasive throughout a firm 7

9 Proprietary and Confidential Enterprise-wide CSA Framework 8

10 Proprietary and Confidential Step 1: Objective Setting Balanced Scorecard * –A tool that translates a firm’s mission and strategy into a comprehensive set of performance measures that provides the framework for a strategic measurement and management system Objectives –Ensures linkage between the objective of senior management and the businesses –Increased focus on the appropriateness of the objectives –Reinforced as the central “top down” articulation of goals –Provides a framework within which the oversight functions, risk management and the business lines operate 9

11 Proprietary and Confidential Step 2: CSA Methodology ORCA Framework The ORCA framework components fit logically together to form a comprehensive relationship between firm-wide objectives, processes and risks, and controls. This relationship may be viewed as the core of a firm’s internal control. O bjectives R isk Assessment of Key Processes C ontrols A ction Plans 10

12 Proprietary and Confidential Step 2: CSA Methodology ORCA Framework To find equilibrium the business managers must carefully assess the risks inherent within their key processes, and apply controls that will work at a reasonable costs. 11

13 Proprietary and Confidential Step 2: CSA Methodology ORCA Framework 12

14 Proprietary and Confidential Step 2: CSA Methodology Key Indicators Metrics to measure the effectiveness of controls in the mitigating or managing risks –TO measure operational problems –TO monitor the quality of the services provided –TO provide early warning for problems –TO aid in the containment of losses –TO determine trends –TO set limits for risk or escalation criteria –TO facilitate everyday decisions. 13

15 Proprietary and Confidential Step 3: Results Qualitative Bottom-up feedback to executive management to ascertain how successfully the organization accomplished its strategic vision Identification of the interdepartmental and thematic risks within the firm Quantitative CSA Metric Score Inherent & Residual Risks Model CSA Scenario Engine 14

16 Proprietary and Confidential Step 3: Results 15

17 Proprietary and Confidential Step 3: Results Inherent and Residual risk models provide a sense of the potential monetary impact before and after the implementation of controls CSA scenario engine may shed insight on how the department’s or firm’s control environment may evolve – for better or worse. 16

18 Proprietary and Confidential Corporate Governance The enterprise-wide CSA framework presented here is a key component of a robust corporate governance structure. It enables the organization to inform executive management of the current state of the firm’s risk environment on an ongoing basis Furthermore, the framework readily lends itself to Sarbanes-Oxley and BIS II compliance The expected benefits of a strong corporate governance structure are: 17

19 Proprietary and Confidential Summary The presented enterprise-wide control self-assessment framework: Provides flexibility and dynamism to evolve with the changing firm Allows a firm to manage risks from both the “top-down” and “bottom- up” perspectives Is an integral component of a strong corporate governance structure 18

20 Proprietary and Confidential Time Line MarchFebruary PlanningAnalysis April MayJune NovemberOctoberAugust SeptemberJuly Closeout Implementation June Design December January Development CSA Rollout  Planning  Project Scope  Define CSA scope  Evaluate current firm wide objectives  Define key business areas and processes  Obtain Sr. Management support  Project Planning  Create project timeline  Allocate resources Deliverables: Project Plan, Road map  Analysis  Define Op Risk components  Firm wide objectives  Risk map  Define CSA components  Objectives and key processes  Risks  Control Methods  Action Plans  Key Risk Indicators  Refine Timeline and estimates Deliverables: Business requirements, User presentation  Design and Development (Prototype)  Meet with Business Lines  Gather Key business processes  Establish  Create Data Model  Create Database  Create user interface  Load master tables data into database  Create procedure guide Deliverables: CSA beta version software, User guide  Implementation  Rollout Control Self Assessment Software  Data Gathering of Business Units CSA  Support business units performing CSA Deliverables: Cutover Plan, CSA application  Close-out  Review user feedback  Establish cyclical review requirements  Update CSA reporting package 19

Download ppt "RSM McGladrey, Inc. is a member firm of RSM International – an affiliation of separate and independent legal entities. Operational Risk Management Framework."

Similar presentations

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)
. . . a step-by-step guide to world-class internal auditing

. . . a step-by-step guide to world-class internal auditing
E.g. 4.3.2 Act as a positive role model for innovation 4.3.1. Question the status quo 2.3.4 Keep the focus of contribution on delivering and improving.

E.g Act as a positive role model for innovation Question the status quo Keep the focus of contribution on delivering and improving.
Internal Control–Integrated Framework

Internal Control–Integrated Framework
The HR Paradigm Shift Discover Stakeholder Value for the Human Resources Function.

The HR Paradigm Shift Discover Stakeholder Value for the Human Resources Function.
Lisanne Sison Director ERM Bickmore

Lisanne Sison Director ERM Bickmore
© 2009 The MITRE Corporation. All rights Reserved. Evolutionary Strategies for the Development of a SOA-Enabled USMC Enterprise Mohamed Hussein, Ph.D.

© 2009 The MITRE Corporation. All rights Reserved. Evolutionary Strategies for the Development of a SOA-Enabled USMC Enterprise Mohamed Hussein, Ph.D.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Own Risk & Solvency Assessment (ORSA): The heart of Risk & Capital Management John Spencer Director, Ultimate Risk Solutions.

Own Risk & Solvency Assessment (ORSA): The heart of Risk & Capital Management John Spencer Director, Ultimate Risk Solutions.
IRSHAD Fourth Objective Dubai Islamic Bank – Performance Management Systems.

IRSHAD Fourth Objective Dubai Islamic Bank – Performance Management Systems.
It’s Time to Talk About Risk and Control

It’s Time to Talk About Risk and Control
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
System Office Performance Management

System Office Performance Management
Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.
Program Management Overview (An Introduction)

Program Management Overview (An Introduction)
Contractor Assurance Discussion Forrestal Building Washington, D.C. December 14, 2011.

Contractor Assurance Discussion Forrestal Building Washington, D.C. December 14, 2011.
Return On Investment Integrated Monitoring and Evaluation Framework.

Return On Investment Integrated Monitoring and Evaluation Framework.
IT Planning.

IT Planning.
The Information Systems Audit Process

The Information Systems Audit Process
Lecture Nine Database Planning, Design, and Administration

Lecture Nine Database Planning, Design, and Administration

Similar presentations

Ads by Google