AASHTO Internal Audit Conference 2012 – Phoenix Daniel Fodera, CMQ/OE Program Management Improvement Team Federal Highway Administration.

Slides:

Advertisements

Similar presentations

ETHICS AS CULTURE KEY ELEMENTS Stage One (primary) – Key Elements of a Culture of Ethics Appoint an ethics program manager to oversee your ethics-related.

Advertisements

2007 – 2008 Academic/Business Plan …a strategic initiative School District of Palm Beach County New Horizons for Student Success.

EMS Checklist (ISO model)

Risk Management at Harvard – Panel Discussion Harvard IT Summit

Strategic Highway Safety Plan/Developing Local Road Safety Plans Federal Highway Administration (FHWA) Office of Safety.

Program Management Office (PMO) Design

SAI Performance Measurement Framework

Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.

Thematic evaluation on the contribution of UN Women to increasing women’s leadership and participation in Peace and Security and in Humanitarian Response.

Risk and RACI: Defining Clear Roles

Appendix H: Risk training slides (sample). What is Risk? “ Risk is the effect of uncertainty on objectives ” AS/NZS ISO31000:2009.

International Risk Management Standard AS/NZS ISO 31000

I MPLEMENTATION OF AN E NTERPRISE -W IDE R ISK M ANAGEMENT F RAMEWORK Stuart Lovell Manager HR and Risk Glenorchy City Council.

Lisanne Sison Director ERM Bickmore

Primary Benefit Types Value Discipline Benefits – Operating Excellence Reduce Cost Reduce Risk – Product Leadership Increase Revenue – Customer Intimacy.

Moving Forward with Safety Management Systems December 9, 2014 Standing Committee on Public Transportation Winter Meeting American Association of State.

Introduction to Enterprise Risk Management (ERM)

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Office of the Secretary of Defense – Comptroller Financial Improvement and Audit Readiness Directorate Unclassified 17 September 2014 GAO Revised “Green.

6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

The Australian/New Zealand Standard on Risk Management

Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.

Enterprise Risk Management in DHHS

Corporate Ethics Compliance *

Corporate Social Responsibility- do we need a Statutory Instrument? Presented to the Zambia Alternative Mining Indaba conference- July 17, 2013 Sombo Chunda,

Transportation leadership you can trust. presented to NCHRP Project Panel presented by Cambridge Systematics, Inc. with PB Consult Inc. Texas Transportation.

Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.

Business Analysis: A Business Unit Perspective International Institute of Business Analysis January 18, 2012.

Basics of OHSAS Occupational Health & Safety Management System

RISK MANAGEMENT PRESENTATION ASQ- GREATER HOUSTON SECTION 1405 Lila Carden, Ph.D., MBA, PMP University of Houston Instructional Associate Professor

1 Enterprise Risk Management (ERM) Program PNM Resources, Inc. March 29, 2007 Presentation to American Public Power Association March 2007 Austin, Texas.

Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.

FHWA Reorganization Update Program Performance Management Standing Committee on Performance Management Meeting Detroit, MI October 14, 2011 Peter Stephanos.

ERM or COLLEGE WIDE RISK MANAGEMENT - MADE EASY Financial Management Institute – June 6 th, 2007 Peter Lockie, Chief Financial Officer Camosun College.

Corporate Governance and Risk Management. Introduction Corporate Governance What does it mean? and Why does it matter? Risk Management Challenges of growth.

The views expressed in this presentation do not necessarily reflect those of the Federal Reserve Bank of New York or the Federal Reserve System Association.

ISO 9001:2008 to ISO 9001:2015 Summary of Changes

© 2003 DelCreo, Inc. All rights reserved. | U.S. Toll-free 866.DELCREO | International 001/ |

1 Introducing Enterprise Risk Management (ERM) - The KOC Experience November 2012 Khaled Al-Awadhi Risk Management Team Kuwait Oil Company.

POVT Managing Authority A sound Internal Control System A challenge for the period.

©2000 Bank for International Settlements 1 F I N A N C I A L S T A B I L I T Y I N S T I T U T E BANK FOR INTERNATIONAL SETTLEMENTS On-site Examination.

1 | 2010 Lecture 3: Project processes. Covered in this lecture Project processes Project Planning (PP) Project Assessment & Control (PAC) Risk Management.

Presented to Managers. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an organization.

Consultant Advance Research Team. Outline UNDERSTANDING M&E DATA NEEDS PEOPLE, PARTNERSHIP AND PLANNING 1.Organizational structures with HIV M&E functions.

1 Planning and Programming for Effective Use of External Audit Resources Victor Rezendes Managing Director Strategic Issues U.S. General Accounting Office.

Audit Committee Presentation Annual Audit Plan

INTEGRATED STRATEGIC PLANNING PROCESS (ISPP) 10 year planning outlook10 year planning outlook Monia Lahaie, DCFO and Director General Finance at Statistics.

Swedish Risk Management System Internal management and control Aiming to Transport Administration with reasonable certainty to.

ERM 2014 The Implementation of ERM at The University of Kentucky.

Company LOGO. Company LOGO PE, PMP, PgMP, PME, MCT, PRINCE2 Practitioner.

Alex Ezrakhovich Process Approach for an Integrated Management System Change driven.

1 “Good Practices in Managing for Results” Workshop Santiago, Chile October 27 th and 28 th, 2010 Benjamin Nelson Managing Director for Quality Office.

Organizations of all types and sizes face a range of risks that can affect the achievement of their objectives. Organization's activities Strategic initiatives.

Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.

Business Continuity Planning 101

Developing Your International Risk Management Action Plan The Action Planning Process & Template.

USDA 2016 Financial Management Training Transforming Shared Services

IMPLEMENTING RISK MANAGEMENT. Why Why Implementing Risk Management 1.Performance of Formal Process RM process: RM Plan, Identification, Analysis, Treatment,

SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.

JMFIP Financial Management Conference

Michael J. Novak ASQ Section 0511 Meeting, February 8, 2017

An Overview on Risk Management

COSO and ERM Committee of Sponsoring Organizations (COSO) is an organization dedicated to providing thought leadership and guidance on internal control,

TSMO Program Plan Development

FHWA Risk Management Framework – Update 2012

Continuity Guidance Circular Webinar

TPM/PBPP Implementation Timeline

Effective Risk Management in Decision Making Process

MODULE 11: Creating a TSMO Program Plan

Presentation transcript:

AASHTO Internal Audit Conference 2012 – Phoenix Daniel Fodera, CMQ/OE Program Management Improvement Team Federal Highway Administration

Identify the components of the ISO risk management structure. Describe the risk management framework used by the Federal Highway Administration Recognize the steps in the risk management process Discuss how FHWA uses risk management in program oversight

Risk Initiatives Affecting FHWA International Risk Scan ISO OST/FMFIA Risk Tools

2001 Policy Memo Released 2004 Risk Best Practices Review st Agency- wide Corporate Risk Managemen t Initiative 2007 Risk Mgmt Planning 2007 User Manual Released 2009/2010 FHWA HQ's Offices conducted risk assessment for the 1st time 2009 Corporate Risk Team formed & a corporate risk approach was developed 2011 Intl Risk Scan. ISO FMFIA Risk Tools.

1. RM supports strategic organizational alignment 2. Mature organizations have an explicit RM structure 3. Successful organizations have a culture of RM 4. A wide range of RM tools are in use 5. Use of RM tools for programmatic investment decisions 6. A variety of risk allocation methods are available 7. Active risk communication strategies improve decision making 8. RM enhances knowledge management and workforce development

ISO 31000

ISO Risk Management Structure Design and Framework for managing risk Mandate and Commitment Continual improvement of the framework Implementing risk management Monitoring and review of the framework Communication and Consultation Establishing the context Risk Assessment Monitoring and Review Risk Identification Risk Analysis Risk Evaluation Risk Treatment Principles

Design and Framework for managing risk Mandate and Commitment Continual improvement of the framework Implementing risk management Monitoring and review of the framework 1 - FHWA Risk Directive 2 - Risk Management Timeline 3 - Risk Management Process User Manual 4 - Risk Management Q &A 5 – Risk Tracker 6 - Leadership Dashboard Measure

Provides the foundation for Risk Management at FHWA Defines what risk means to FHWA Outlines FHWAs Risk Management Process Applies to all organizational units of FHWA.

Annual Risk Call aligned with release of Final SIP (3/15) Risk Due Date aligned with Unit Plan Due Date (5/31) Quarterly Updates of Status in Risk Tracker OST/FMFIA Unit Risk Profile annual update to be aligned with Risk/Unit Plan (hopefully) OST FMFIA Inherent Risk Assessment annual update to be done at Component Level and aligned with Risk/Unit Plan (hopefully)

Identify the Context Identify Risks Prioritize Risks Plan and Execute Response Strategies Monitor, Evaluate, and Adjust Communication and Consultation occur at each step Analyze the Risks Assess Impact Assess Likelihood Risk Assessment Internal – anything within the organization that can influence the way in which FHWA will manage risk – mission, objectives, controls, resources, etc. External – key drivers & trends having impact on objectives of the organization, relationships with, perceptions & values of external stakeholders. Risk Management - Are you reassessing previously identified risks or identifying emergent risks? Who will assess what Program Areas? Will it be done individually, in teams or as an office? With input from your partners?

Required by and Reported to OST as part of the FMFIA Assurance. Document the Units Internal Controls Completed by all Assessable Units, including the Division Offices Integrated into our annual Risk Management Cycle A Key Part of Step 1: Setting the Context Now Managed by the OCFO in Coordination with the PMI Team

Required by and Reported to OST as part of the FMFIA Assurance. Assess the high-level inherent risk of the Component or Unit Completed at the Component level for FHWA. DA Council to Complete One on Behalf of the Division Offices Integrated into our annual Risk Management Cycle A Key Part of Step 1: Setting the Context Managed by the OCFO in Coordination with the PMI Team

When identifying risks consider your key objectives: Organizational Objectives in the SIP that affect your Unit Local Unit Objectives Program Objectives (Planning, Environment, ROW etc.) Project Objectives Ask – What Are the Risks to Meeting My Objectives? Brainstorm with the Right Folks Identify the Context Identify Risks Prioritize Risks Plan and Execute Response Strategies Monitor, Evaluate, and Adjust Communication and Consultation occur at each step Analyze the Risks Assess Impact Assess Likelihood Risk Assessment

Scale 4 - Catastrophic 3 - Major 2 - Moderate 1 - Minor 0 - Insignificant Criteria Financial Reputation Business Operations Legal & Compliance Infrastructure Assets Resources & Efforts Req. Environment & Culture Safety Identify the Context Identify Risks Prioritize Risks Plan and Execute Response Strategies Monitor, Evaluate, and Adjust Communication and Consultation occur at each step Analyze the Risks Assess Impact Assess Likelihood Risk Assessment

Scale 4 - Almost Certain 3 - Likely 2 - Possible 1 - Unlikely Criteria Outside Control/Influence Fraud, Waste, Abuse Workforce Development/Training FHWA Involvement Consultant Use Identify the Context Identify Risks Prioritize Risks Plan and Execute Response Strategies Monitor, Evaluate, and Adjust Communication and Consultation occur at each step Analyze the Risks Assess Impact Assess Likelihood Risk Assessment Criteria Staffing Operational Procedures Guidance Problem History New Program Complexity

Start with an Expected Value calculation (Impact Rating X Likelihood Rating) Locate the Risks on the Heat Map - a graphical plot to represent the relative placement of risks Adjust Risk Ratings (Top, High, Medium, Low) based on LEADERSHIP VALIDATION Identify the Context Identify Risks Prioritize Risks Plan and Execute Response Strategies Monitor, Evaluate, and Adjust Communication and Consultation occur at each step Analyze the Risks Assess Impact Assess Likelihood Risk Assessment

Your Approach to Treating the Risks Response Strategy Type: Avoid Enhance Mitigate Transfer Accept Identify the Context Identify Risks Prioritize Risks Plan and Execute Response Strategies Monitor, Evaluate, and Adjust Communication and Consultation occur at each step Analyze the Risks Assess Impact Assess Likelihood Risk Assessment

Identify the Context Identify Risks Prioritize Risks Plan and Execute Response Strategies Monitor, Evaluate, and Adjust Communication and Consultation occur at each step Analyze the Risks Assess Impact Assess Likelihood Risk Assessment

Identify the Context Identify Risks Prioritize Risks Plan and Execute Response Strategies Monitor, Evaluate, and Adjust Communication and Consultation occur at each step Analyze the Risks Assess Impact Assess Likelihood Risk Assessment

Questions? Mike Graf Daniel Fodera