Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risk Management in Plain English

Published byRoss Osborne Modified over 5 years ago

Similar presentations

Presentation on theme: "Risk Management in Plain English"— Presentation transcript:

1 Risk Management in Plain English
Norman Marks 2016

2

3 Talking about Risk You might get run over by a car
You might get run over by a bicycle Your home may be burglarized while you are out You might be mugged You might be shot in a drive-by shooting A lot of bad things might happen

4

5

6

7 “Only 13% of [C-level] respondents believe their risk management processes support, at a high level, the ability to develop and execute business strategies” Deloitte: Exploring Strategic Risk

8

9 Talking about What Might Happen
You might get run over by a car You might get run over by a bicycle Your home may be burglarized while you are out You might be mugged You might be shot in a drive-by shooting A lot of bad things might happen If you work you can earn money You can meet your wife for lunch You can pick up your children after school I can get groceries and be able to eat Getting exercise is healthy A lot of good things might happen

10 What does COSO say? “Enterprise risk management helps an entity get to where it wants to go and avoid pitfalls and surprises along the way.”

11 What does COSO say? “A greater likelihood of achieving business objectives” “More informed risk-taking and decision-making”

12 Why We Need to Manage Risk
The purpose of managing risk is to increase the likelihood of an organization achieving its objectives by being in a position to manage threats and adverse situations and being ready to take advantage of opportunities that may arise. National Guidance on Implementing ISO 31000:2009 From NSAI in Ireland This approach links what is most important to an organization – key objectives, mission and strategy – to the management of risk, which increases the likelihood that we’ll succeed and achieve our objectives. Optional/additional info: NSAI = National Standards Association of Ireland. This standards body created an implementation guide to ISO There is an international work group that is drafting an implementation guide to ISO It is due to be published in In the mean time, there are a few resources that are helpful from Ireland, Canada and Australia/New Zealand. This is an excerpt from one of them.

13

14 A Time of “Pervasive, Ongoing, Uncertainty” - McKinsey

15 Risk management, piercing the fog of uncertainty – Felix Kloman

16

17 It’s about Making Intelligent Decisions

18 It’s all about Taking the Right Risks

19 Why risk management? “An effective [ERM] capability provides value by giving organizations the confidence to take on risk, rather than avoid it. - Ernst & Young

20 Why risk management? “By effectively managing the right risks, management has more timely, comprehensive and a deeper understanding of risk which, in turn, facilitates better decision-making and confidence to take on new ventures or even to accept higher levels of risk. - Ernst & Young

21 Why risk management? “The upshot of this investment includes a greater competitive advantage, reduced cost of capital and a steady share price.” - Ernst & Young

22 Why risk management? Better information leads to: Better decisions
Protection of value Seized opportunities Agile, optimized performance

23 Drive Business results
“We believe a paradigm shift in risk management is beginning, which is: Tied to the increasingly complex world in which companies now operate Based on the awareness that uncertainty is embedded in (and impacts) everything we do Focused on both capturing upside opportunities as well as protecting the business.” “Drive business results by harnessing uncertainty”, EY 2/15

24 Drive Business results
“You need [risk management] to become part of the rhythm of the business: meaning within the flow of strategic and business planning, operations, oversight and monitoring that runs from the board to the line.” “Drive business results by harnessing uncertainty”, EY 2/15

25 Drive Business results
“There are several key business processes, and structural and functional components that make up this rhythm of the business, working together to deliver business value creation. Within these components of the business, we see four basic business process suites: Strategic oversight and planning — board and executive management level activities Business level planning/budgeting — management translation of strategies into business plans and allocation of capital Operational execution — value creating implementation of plans and strategies Monitoring and compliance — audit and compliance activities.” “Drive business results by harnessing uncertainty”, EY 2/15

26 The risk management process
Used by every manager for every decision Establish the context Identify risks Analyse risks Evaluate risks Treat risks Communicate and consult Monitor and review

27 ….in Plain English Anticipate what might happen
Analyze the possibilities Is there a problem? What are the options? Can we improve them? Which is best? Decide Act Review/monitor/learn

28 When do you manage risk? Every day Across the enterprise
In every decision But….. Periodically take stock

29 When Risk Management focuses on the Negative It fails to focus on the Positive and Fails to help the organization Succeed

30

31 The role of internal audit
Provide assurance, advice, and insight But how to assess risk management? Compliance with Risk Appetite Framework? Presence/functioning of Components and Principles?

32 Assess against ISO 31000 Principles
Creates and protects value An integral part of organizational processes Part of decision-making Dynamic, iterative, responsive to change Tailored

33 Assess in real-life Does the practice of risk management meet the needs of the organization?

34 ASSESS IN REAL LIFE Does it help make intelligent and informed decisions across the extended enterprise?

35 “Only 13% of [C-level] respondents believe their risk management processes support, at a high level, the ability to develop and execute business strategies” Deloitte: Exploring Strategic Risk

36 DOES IT HELP THE BUSINESS MANAGE AT SPEED?

37 ARE YOU HELPING THE BUSINESS MANAGE AT SPEED?

38 INSERT KEY INTO IGNITION
SHIFT INTO DRIVE PRESS FOOT FIRMLY ON THE THROAT OF MEDIOCRITY

39 Thank You! Norman Marks, CPA, CRMA
Author; Evangelist for Better Run Business; OCEG Fellow; Honorary Fellow of the Institute of Risk Management 9/17/2018 39

Download ppt "Risk Management in Plain English"

Similar presentations

Risk Management at Harvard – Panel Discussion Harvard IT Summit

Risk Management at Harvard – Panel Discussion Harvard IT Summit
Lisanne Sison Director ERM Bickmore

Lisanne Sison Director ERM Bickmore
It’s Time to Talk About Risk and Control

It’s Time to Talk About Risk and Control
Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.

Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
Adopt & Adapt Tips on Enterprise Data Management Annette Pence September 10, 2009 MITRE.

Adopt & Adapt Tips on Enterprise Data Management Annette Pence September 10, 2009 MITRE.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.

Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO GENERAL RISK MANAGEMENT 2.

Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO GENERAL RISK MANAGEMENT 2.
Oceg © 2011 Driving Principled Performance An Overview of the OCEG GRC Capability Model.

Oceg © 2011 Driving Principled Performance An Overview of the OCEG GRC Capability Model.
Risk Assessment Frameworks

Risk Assessment Frameworks
Board responsibility for internal control and risk management by Kiattisak Jelatianranat Chairman, The Institute of Internal Auditors of Thailand Director,

Board responsibility for internal control and risk management by Kiattisak Jelatianranat Chairman, The Institute of Internal Auditors of Thailand Director,
61 What is hazard risk management?. 62 Emergency risk management is “a systematic process that produces a range of measures that contribute to the well.

61 What is hazard risk management?. 62 Emergency risk management is “a systematic process that produces a range of measures that contribute to the well.
Information Systems Controls for System Reliability -Information Security-

Information Systems Controls for System Reliability -Information Security-
Dorothy Gjerdrum, ARM-P, CIRM Chair, US ISO Technical Adv Group

Dorothy Gjerdrum, ARM-P, CIRM Chair, US ISO Technical Adv Group
© 2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

© 2011 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
The role of internal audit in enterprise-wide risk management (ERM)

The role of internal audit in enterprise-wide risk management (ERM)
Continual Service Improvement Process

Continual Service Improvement Process
1 Bölgesel Rekabet Edebilirlik Operasyonel Programı’nın Uygulanması için Kurumsal Kapasitenin Oluşturulmasına Yönelik Teknik Yardım Technical Assistance.

1 Bölgesel Rekabet Edebilirlik Operasyonel Programı’nın Uygulanması için Kurumsal Kapasitenin Oluşturulmasına Yönelik Teknik Yardım Technical Assistance.
IT Risk Management, Planning and Mitigation TCOM 5253 / MSIS 4253

IT Risk Management, Planning and Mitigation TCOM 5253 / MSIS 4253
COSO: Current ERM Challenges and Our Responses RIMS 2012 Annual Conference April 17, 2012 by David Landsittel COSO Chairman.

COSO: Current ERM Challenges and Our Responses RIMS 2012 Annual Conference April 17, 2012 by David Landsittel COSO Chairman.

Similar presentations

Ads by Google