GuildHE: Council Meeting 25th May 2017

Slides:



Advertisements
Similar presentations
B B1 We are the champions Louise Brent, risk manager, London Borough of Lambeth.
Advertisements

Facilitated by: Pobal Training Initiative.  Using the “Managing Better” Toolkit  Principles of Good Governance  Key Responsibilities of the Company.
Pursuing Effective Governance in Canada’s National Sport Community June 2011.
Introduction to Enterprise Risk Management (ERM)
Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.
2011 Governance, Risk, and Compliance Conference August 29 – 31, 2011 / Orlando, FL, USA The Top Four Essential Objectives to Auditing ERM Stephen E. McBride,
A Report to CUC on: Good Practice in Six Areas of the Governance of Higher Education Institutions.
Internal auditing for credit unions Nuala Comerford, Chair IIA Irish Region Committee Pamela McDonald Council Member IIA Credit Union Summer School Thursday,
Towards a systematic approach to credit union governance Paul A Jones PhD Research Unit for Financial Inclusion Financing the Future: Achieving Sustainable.
Equity Housing Group Risk Management. 05 August 2002 © MazarsEquity Housing Group: Risk Management 2 Agenda Introduction: what is Risk Management? The.
Clinical Audit for Board Assurance Anne H Lawson Director of Governance – HDFT Visiting Fellow – Loughborough University.
West Hertfordshire Hospitals NHS Trust Board & Committee Structure Trust Board Audit Committee Charitable Funds Committee Safety & Quality Committee Workforce.
Private & Confidential1 (SIA) 13 Enterprise Risk Management The Standard should be read in the conjunction with the "Preface to the Standards on Internal.
Quality Assurance Dr Christopher Stevens
TREASURY REGULATIONS’ CHANGES AND POTENTIAL IMPACT
S3: Understanding the Business. Session objective To explain why understanding of the business of the entity is important for the auditor To explain why.
1 Planning and Programming for Effective Use of External Audit Resources Victor Rezendes Managing Director Strategic Issues U.S. General Accounting Office.
SOLGM Wanaka Retreat Health and Safety at Work Act 2015 Ready? 4 February 2016 Samantha Turner Partner DDI: Mob:
PIC EU-28 Conference Paris, 26 – 27 November 2015 PIC An EU Approach Assurance Maps An Introductory workshop Nathan Paget United Kingdom.
Key Financial Issues in the Audit Committees and Responsibilities of Governing Bodies Nigel Paul Director of Corporate Services, University of Edinburgh.
DAWN Committee Playbook 2016 Focus Areas for “Operational Excellence” 1.
Cyber Security Phillip Davies Head of Content, Cyber and Investigations.
INTEGRATION BASIC FACTS Jaqui Reid, Programme Director Third Sector Health & Social Care Support Team “Our vision is for a Scotland where people who.
Preparing to Apply for Taught Degree Awarding Powers: Quality Assurance and Enhancement Dr Nick Holland – Academic Registrar Conservatoire for Dance and.
Embedding the golden threads that lead to quality care every time……
Getting to Know Internal Auditing
Solihull Review of Urgent Care Programme Approach And Governance 2013
Well Trained International
Risk Management and the role of the Audit Committee
Providing assurance on risk management and controls
Joint Seminar Brussels 2017.
Agenda What is Corporate Governance?
Successful Integration is a result of good governance – getting the wiring right Integrated care as an aspiration is simple, and simplest if one begins.
ENTERPRISE RISK MANAGEMENT IN THE CASE OF THE FINANCIAL SERVICE SECTOR
CILIP Performance Framework – Business metrics & KPI
IIASA Governance Review
Getting to Know Internal Auditing
Briefing to the Portfolio Committee: Defence Audit outcomes of the Defence portfolio for the financial year October 2015.
Risk Management Policy & Procedures
COSO and ERM Committee of Sponsoring Organizations (COSO) is an organization dedicated to providing thought leadership and guidance on internal control,
Getting to Know Internal Auditing
VALUE OF INTERNAL AUDITING: ASSURANCE, INSIGHT, OBJECTIVITY
Meeting Planners Association
Ulrich’s model of HR.
A Framework for Control
Value of internal auditing: Assurance, Insight, objectivity
Corporate Governance for Mutuals
Strawman Best Practice IIA Change Forum June 2017
VALUE OF INTERNAL AUDITING: ASSURANCE, INSIGHT, OBJECTIVITY
Draft OECD Best Practices for Performance Budgeting
Value of internal auditing: Assurance, Insight, objectivity
Active Cumbria Governance Structure
WELCOME Being a Local Governing Board What does this mean
Getting to Know Internal Auditing
Value of internal auditing: Assurance, Insight, objectivity
Presentation to the INTOSAI Working Group on IT Audit Systems assurance and data analytics for continued audit quality and improved efficiency of audits.
Corporate Governance It is a system by which companies are managed and directed in the best interests of the owners and shareholders. It refers to the.
Active Cumbria Governance Structure
Value of internal auditing: Assurance, Insight, objectivity
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Maintaining a sound governance system
Plan your journey.
A COMPETENCY FRAMEWORK FOR GOVERNANCE GOVERNORS’ BRIEFING LANGLEY HALL PRIMARY ACADEMY 14 JULY 2017 Clive Haines & Rebecca Walker.
A Risk Management Approach to Business Continuity
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Active Cumbria Governance Structure
Mike Dailly SHR Board member
Strategic Management and
Strategic Management and
Presentation transcript:

GuildHE: Council Meeting 25th May 2017 Assessing and Managing Risk Richard Young – Council Member (and Chair of Audit Committee), LIPA and Director, Uniac

Uniac: who we are Shared internal audit and assurance not-for-profit service established over 25 years ago - a (nearly) unique proposition in comparison to in-house or ’big four’ Guild HE members include Falmouth University, Bishop Grosseteste University and the British School of Osteopathy – strong affinity with small and specialist institutions and big supporter of the importance of diversity and difference in the sector Particular benefits for small and specialist providers in being part of broader shared service and benefiting from wider sharing of expertise and knowledge Membership open to all HE providers and endorsed and recognised by HEFCE as an efficient and effective model Dedicated (possibly largest) team of HE professional auditors with varied backgrounds (HEFCE, QAA, NUS) – not your average audit team!

So why do we do risk management? HEFCE expectations of the Board: take reasonable steps to ensure that there are sound arrangements for risk management, control and governance and value for money annual report must include conclusions on the adequacy and effectiveness of the risk management, control and governance arrangements. Expectations will not go away: The responsibilities of Boards include ensuring that there is a robust and comprehensive system of risk management, control and corporate governance (Memorandum of Assurance and Accountability) Financial Reporting Council: Revised Corporate Governance Code

If we are going to do it, how can we maximise the benefits A well thought through register is a cornerstone for Audit Committee business: Signposting the main risks Link with assurance mechanisms Strategic link between the Audit Committee and the Board: Lifts the interaction away from the compliance / regularity reports

Experience Across the Sector No standard template / not an exact science Simpler the better – colour coding, 3x3 scoring At the very least, a pointer for focus Using the gross and the net scores Used as a challenge – Board and Committee agendas, strategic papers, internal and external audit programmes Clear differential between operational and strategic risks e.g. health and safety

Experience Across the Sector Segregation of sector wide / uncontrollable risks: Major changes in research funding National immigration policy changes Avoid risk appetite Expectations and local registers: Resource and priorities and not wanting to create an industry Limited benefits of bottom up / top down

What is risk and capturing the real ones? One definition: something which, if it happens, will have a direct impact – positive or negative – on the institution Generic risk statements not ideal Common approach of ‘Failure to…’ – actually starting from the control rather than the risk Consequences of failure to manage the risks (impact): Stakeholder relations and reputation Operations Strategy Implementation Financial Two or three causes / sub risks to explore the risk further

Strategic Risk Examples …ones that works well…. Overseas students are not attracted to the institution: They are unaware of the institution and / or its offerings They are aware of the institution but not attracted Having engaged with the institution they are deterred by the recruitment process

Strategic Risk Examples …one that didn’t…..Failure of governance and management Failure of governance and management resulting in: Injury or death Misappropriation of institution resources Withdrawal of delegated authority e.g. Home Office / UKVI ….21 sub risks….

Other risk examples The institution fails to comply with UKVI immigration compliance requirements: Visa refusal rates Student working hours Engagement and attendance monitoring The institution fails to comply with the General Data Protection Regulation: Staff unaware of requirements Not knowing / understanding all data held Access control not aligned to data sensitivity Real risks around cyber, the estate, staff, students (recruitment, experience, retention)…

Risk Management Reporting / Best Practice Clarity of key risk – ‘risk that…leading to….because of…. Sub risks and their priority Controls Monitoring Ownership Improvement plans

Questions for discussion Is a risk register a chore or seen as an aid to good management and governance? Have you considered how you might get the most from it? Would there be benefit in re-articulating your risks? Does your institution's approach to risk management help drive change or simply respond to it? How engaged are the executive in actively monitoring and managing risk and capturing this in a register? Is there a culture of effective, positive risk management? How quickly do your risk management processes adapt to fast moving events? Where is risk management ‘owned’ in your institution – who drives it and is this appropriate? What are the shared risks affecting small and specialist institutions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.