Korea Telecom 2007Olson: ERM1 ERM!!! Enterprise Risk Management Not just insurance, auditing, risk analysis A philosophy – A way of business.

Slides:

Advertisements

Similar presentations

Lisanne Sison Director ERM Bickmore

Advertisements

IMFO Audit & Risk Indaba June 2012

Chapter 10 Accounting Information Systems and Internal Controls

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Control and Accounting Information Systems

Introduction to Enterprise Risk Management (ERM)

Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

V i s i o n ACCOMPLISHED ™ Portfolio Management Breakthroughs Shelley Gaddie President Project Corps Pacific Northwest Portfolio Management Roundtable.

2011 Governance, Risk, and Compliance Conference August 29 – 31, 2011 / Orlando, FL, USA The Top Four Essential Objectives to Auditing ERM Stephen E. McBride,

Enterprise Risk Management Its Meaning and Import Jerry A. Miccolis, FCAS, MAAA Tillinghast - Towers Perrin.

6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

MODELING CORPORATE RISK AT FORD Freeman Wood Director Global Risk Management.

ERM David L. Olson, University of Nebraska-Lincoln Desheng Wu, University of Reykjavik, University of Toronto Enterprise Risk Management Not just insurance,

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.

Chapter One Introduction to Managerial Accounting COPYRIGHT © 2012 Nelson Education Ltd.

CORPORATE RISK MANAGEMENT & INSURANCE BY R P BLAH D.G.M. INCHARGE THE ORIENTAL INSURANCE COMPANY LIMITED REGIONAL OFFICE BHUBANESWAR.

NextEnd. Preparation of Business Plan for Setting up Enterprise Business Plan.. The business plan is a written document prepared by the entrepreneur that.

Chapter 4 Internal Controls McGraw-Hill/Irwin

Internal Auditing and Outsourcing

Getting Smarter with Information An Information Agenda Approach

Sapient Insurance Partners. Overview & Services We have almost four decades of combined experience in the property & casualty insurance and reinsurance.

WHERE WE ARE 22 member associations in 20 countries Over 4300 individual members who are responsible for risk management and/or insurance in their organisations.

Continual Service Improvement Process

Global Risk Management Solutions Risk Management and the Board of Director: Moving Beyond Concepts to Execution Anton VAN WYK Partner, Global Risk Management.

2007 Annual Meeting ● Assemblée annuelle 2007 Vancouver 2007 Annual Meeting ● Assemblée annuelle 2007 Vancouver Canadian Institute of Actuaries Canadian.

Business and its Environment

1 Enterprise Risk Management (ERM) Program PNM Resources, Inc. March 29, 2007 Presentation to American Public Power Association March 2007 Austin, Texas.

Enterprise Risk Management (ERM) ABN AMRO Business Unit North America (BU NA) Overview for ERM Committee April 11, 2007.

GRC - Governance, Risk MANAGEMENT, and Compliance

COSO: Current ERM Challenges and Our Responses RIMS 2012 Annual Conference April 17, 2012 by David Landsittel COSO Chairman.

Chapter Three IT Risks and Controls.

Copyright T. Rowe Price. All rights reserved 1 Ms. Deborah D. Seidel of T. Rowe Price Financial Services Vice President and Manager of Compliance.

CDS Operational Risk Management - October 28, 2005 Existing Methodologies for Operational Risk Mitigation - CDS’s ERM Program ACSDA Seminar - October 26.

Enterprise Risk Management in the Insurance Industry July 30, 2003 Value Growth Return Consistenc y Capital.

ACHIEVING KPIs THROUGH RISK MANAGEMENT

© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.

Outsourcing Business Processes ( without In-sourcing the Associated Risks) Gregg Anderson – Crowe Horwath (risk manager) Doug Tripp – Crowe Dunlevy (outsourced.

An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.

The Connection between Risk Management and Internal Control in Organizations Mag. Norbert Wagner Budapest,

Enterprise Risk Management Chapter One Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc

Geneva Association/International Insurance Society Research Presentation, Chicago Enterprise Risk Management in the Insurance Industry Madhusudan.

RISK MANAGEMENT : JOURNEY OR DESTINATION ?. What is Risk? “ Any uncertain event that could significantly enhance or impede a Company’s ability to achieve.

ERM and the Pharmaceutical Industry. Risk  An innate part of every aspect of life, and the business environment is of no exception  Severity, both in.

Where Do We Go From Here: Risk Management after the Financial Meltdown Kevin McCabe Wells Fargo Audit Services EVP & Chief Auditor FIRMA 24 th National.

Chapter 9: Introduction to Internal Control Systems

NEACS: CRO Perspective William Feher Vice President, Internal Audit and Chief Risk Officer October 27, 2015.

INTRODUCTION: World Bank Environmental and Social Safeguard Policies Training Workshop for Financial Intermediaries and Implementing Agencies May-June,

CAS Spring Meeting June 2007 Introduction to ERM …The Measurements, Quadrants, Tools, and Solutions Prof. Mark C. Vonnahme Fox Family Clinical Professor.

Audit Committee Presentation Annual Audit Plan

12-CRS-0106 REVISED 8 FEB 2013 APO (Align, Plan and Organise)

Finance 590 Enterprise Risk Management Steve D’Arcy Department of Finance Lecture 6 Integrated ERM Risk Metrics and Industry Examples April 26, 2005.

PIC EU-28 Conference Paris, 26 – 27 November 2015 PIC An EU Approach Assurance Maps An Introductory workshop Nathan Paget United Kingdom.

Risk Management Bill Ferguson, Ray Farmer, Tim Morris, Marty Wingate Insurance Summit

Dolly Dhamodiwala CEO, Business Beacon Management Consultants

Working to Raise the Bar in the Quality, Professionalism and Value of Integration Services.

Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.

#327 – Legal and Regulatory Risk: Silent and Possibly Deadly Deborah Frazer, CPA CISA CISSP Senior Director, Internal Audit PalmSource, Inc.

Contact us: Call: Mail: Visit:

IMPLEMENTING RISK MANAGEMENT. Why Why Implementing Risk Management 1.Performance of Formal Process RM process: RM Plan, Identification, Analysis, Treatment,

Draft - Enterprise Risk Management Risk Universe

Board Role In Recognizing, Identifying and Mitigating Risk Constance B

IS4550 Security Policies and Implementation

Chapter 4 Internal Controls McGraw-Hill/Irwin

COSO and ERM Committee of Sponsoring Organizations (COSO) is an organization dedicated to providing thought leadership and guidance on internal control,

MAZARS’ CONSULTING PRACTICE

- COSO Enterprise Risk Management Integrated Framework (2004)

‘Delivering better value from professional services’

Presentation transcript:

Korea Telecom 2007Olson: ERM1 ERM!!! Enterprise Risk Management Not just insurance, auditing, risk analysis A philosophy – A way of business

Korea Telecom 2007Olson: ERM1 Definition Systematic, integrated approach –Manage all risks facing organization External –Economic (market - price, demand change) –Financial (insurance, currency exchange) –Political/Legal –Technological –Demographic Internal –Human error –Fraud –Systems failure –Disrupted production Means to anticipate, measure, control risk

Korea Telecom 2007Olson: ERM1 DIFFERENCES Traditional Risk MgmtERM Individual hazardsContext - business strategy Identification & assessmentRisk portfolio development Focus on discrete risksFocus on critical risks Risk mitigationRisk optimization Risk limitsRisk strategy No ownersDefined responsibilities Haphazard quantificationMonitor & measure “Not my job”“Everyone’s responsibility”

Korea Telecom 2007Olson: ERM1 Risk & Business Taking risk is fundamental to doing business –Insurance Lloyd’s of London –Hedging Risk exchange swaps Derivatives/options Catastrophe equity puts (cat-e-puts) –ERM seeks to rationally manage these risks Be a Risk Shaper

Korea Telecom 2007Olson: ERM1 Types of Risk Stroh [2005] External environment –Competitors; Legal; Medical; Markets Business strategies & policies –Capital allocation; Product portfolio; Policies Business process execution –Planning; Technology; Resources People –Leadership; Skills; Accountability; Fraud Analysis & reporting –Performance; Budgeting; Accounting; Disclosure Technology & data –Architecture; Integrity; Security; Recovery

Korea Telecom 2007Olson: ERM1 Another view Slywotzky & Drzik, HBR [2005] Financial –Currency fluctuation DEFENSE: Hedging Hazard –Chemical spill DEFENSE: Insurance Operational –Computer system failure DEFENSE: Backup (dispersion, firewalls) New technology overtaking your product –ACE inhibitors, calcium channel blockers ate into hypertension drug market of beta-blockers & diuretics Demand shifts –Gradual – Oldsmobile; Rapid - Station wagons to Minivans

Korea Telecom 2007Olson: ERM1 Industry Margin Squeeze Pharmaceutical R&D Cost escalation –Semiconductor industry Airline deregulation Suppliers gain upper hand –Flat panel displays, Intel direct marketing Cycle volatility –DEFENSE: Shift compete/collaborate ratio Coproduction; supply chain coordination; joint R&D; collaborative marketing Airlines, Utilities, Textiles, Steel, Music, Autos

Korea Telecom 2007Olson: ERM1 Technology Shift Loss of patent protection Outdated manufacturing process –DEFENSE: Double bet Invest in multiple versions of technology Microsoft: OS/2 & Windows Intel: RISC & CISC Motorola didn’t – Nokia, Samsung entered

Korea Telecom 2007Olson: ERM1 Brand Erosion Perrier – contamination Firestone – Ford Explorer GM Saturn – not enough new models –DEFENSE: Redefine scope Emphasize service, quality –DEFENSE: Reallocate brand investment AMEX – responded to VISA campaign, reduced transaction fees, sped up payments, more ads

Korea Telecom 2007Olson: ERM1 One-of-a-kind Competitor Competitor redefines market Wal-Mart –DEFENSE: Create new, non-overlapping business design Target – unique product selection

Korea Telecom 2007Olson: ERM1 Customer Priority Shift –DEFENSE: Analyze proprietary information Identify next customer shift –Coach leather goods – competes with Gucci –Went trendy, aggressive in-market testing »Customer interviews, in-store product tests –DEFENSE: Market experiments Capital One – 65,000 experiments annually –Identify ever-smaller customer segments for credit cards

Korea Telecom 2007Olson: ERM1 New Project Failure Edsel –DEFENSE: Initial analysis Best defense –DEFENSE: Smart sequencing Do better-controllable projects first –Applied Materials – chip-making –DEFENSE: Develop excess options Improve odds of eventual success –Toyota – hybrid: proliferation of Prius options –DEFENSE: Stepping-stone method Create series of projects –Toyota – rolling out Prius

Korea Telecom 2007Olson: ERM1 Market Stagnation –DEFENSE: Generate demand innovation House of Quality? –Air Liquide industrial gas »Developed technology allowing customers to establish small gas production facilities on-site

Korea Telecom 2007Olson: ERM1 Means to Control Enterprise Risk Honeywell (1997) –Multi-year contract combining property, liability, option hedging risks against adverse currency exchange rates Dickinson [2001] –Holistic approach Extend contingency planning with comprehensive internal risk management systems CRO / CEA –Chief Risk Officer / Chief Auditing Executive

Korea Telecom 2007Olson: ERM1 COSO Committee of Sponsoring Organizations Treadway Committee – 1990s Smiechewicz [2001] Assign responsibility –Board of directors Establish organization’s risk appetite establish audit & risk management policies –Executives assume ownership Policies express position on integrity, ethics Responsibilities for insurance, auditing, loan review, credit, legal compliance, quality, security Common language –Risk definitions specific to organization Value-adding framework

Korea Telecom 2007Olson: ERM1 COSO Integrated Framework 2004 Levinsohn [2004]; Bowling & Rieger [2005] Internal environment – describe domain Objective setting – objectives consistent with mission, risk appetite Event identification – risks/opportunities Risk assessment - analysis Risk response – based on risk tolerance & appetite Control activities Information & communication – to responsible people Monitoring

Korea Telecom 2007Olson: ERM1 Risk Management Tools Simulation (Beneda [2005]) –Monte Carlo – Crystal Ball Multiple criteria optimization (Dash & Kajiji [2005]) –Goal programming - tradeoffs SYSTEMS FAILURE METHOD –Information Systems Project Management

Korea Telecom 2007Olson: ERM1 ERM Software Rhoden [2006] Penny [2002] Algorithmics Incorporated – ERM software, global financial institutions Jane’s Defence Industry [2005] Strategic Thought – Active Risk Manager – defence industry Rhoden [2006] Q5AIMS –From Q5 Systems Ltd –Safety audit & corrective action tracking –Mobile devices, Web-link Preceptor –Learning management system –Regulatory compliance, technical training PicketdynaQ –Workplace audit & assessment management –Regulatory references built in

Korea Telecom 2007Olson: ERM1 Experiences with ERM Walker [2003] –FirstEnergy Corp – auditing, problem-solving –Wal-Mart – best auditing practices, governance –Unoval – auditing to consultation –Canada Post – auditing efficiency –GM – corporate governance Kleffner et al. [2003] –Canadian risk & insurance 31% adopted ERM

Korea Telecom 2007Olson: ERM1 UnitedHealth Management Stroh [2005] Top level Strategic business risk Decompose strategic risks / opportunities Mitigation / acceleration plan Assure leadership that top risks are in sight 2 nd Market / business Internal risk sensing External risk sensing 3 rd Financial Identify gaps in plans Test/verify assumptions 4 th Ops Audit plan Advisory services - controls 5 th Compliance Partner with external audit Financial controls

Korea Telecom 2007Olson: ERM1 UHM Lessons Learned ERM value must be apparent to executive sponsors in a timely fashion Begin the process by focusing on the most important risks, thus avoiding swamping the organization with all possible risks, which would likely discourage participation Obtain sponsorship, and assign accountability for specific risks to responsible organizational members Standardize approaches where possible, setting minimum thresholds of execution Develop a diverse set of ERM team members Keep ERM implementation simple

Korea Telecom 2007Olson: ERM1 ERM Research Mostly descriptive, frameworks SURVEY –Lynch-Bell [2002] surveyed 52 companies Examined practices of governance, strategy, processes, technology, functions, culture –Milladge [2005]; Gates [2006] surveyed 271 members of the Conference Board Skelton & Thamhain [2003]; Thamhain [2004] –3 year field study R&D product development –Suggest look-ahead simulation, rapid prototyping to anticipate problems Beasley et al. [2005] –Gathered data on 123 organizations, found ERM implementation positively related to: Chief risk officer presence Board independence Top management support Big Four auditor presence Entity size Banking, Education, Insurance