Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Role of Auditing in the ERM Process

Published byJamari Philpot Modified over 10 years ago

Similar presentations

Presentation on theme: "The Role of Auditing in the ERM Process"— Presentation transcript:

1 The Role of Auditing in the ERM Process
SOA Annual Meeting Chicago – October 2006 Rick Gorvett, FCAS, MAAA, ARM, FRM, PhD Director, Actuarial Science Program State Farm Companies Foundation Scholar in Actuarial Science University of Illinois at Urbana-Champaign

2 Agenda Background Enterprise risk management Internal audit and ERM
NAIC risk-focused surveillance framework Conclusion

3 “Who am I? Why am I here?” - Admiral Stockdale, 1992
Currently Director, Actuarial Science Program State Farm Companies Foundation Scholar in Actuarial Science Professor, Depts. of Mathematics, Statistics & Finance University of Illinois at Urbana-Champaign Prior Senior Vice President Director of Internal Audit & Risk Management Internal Audit Corporate Investigations Risk Management Enterprise Risk Management Business Continuity

4 An Initial ERM Comment You don’t become a famous writer by…
Reading a book Reading about other authors Watching someone else write Similarly, you don’t become an “Enterprise Risk Manager” by… Taking a course Listening to a presentation

5 Rather, ERM is… A complex process…
… involving broad-based and in-depth knowledge and understanding,… … requiring an appropriate corporate culture,… … and creativity… … born of a variety of experiences… … and insatiable curiosity.

6 ERM Definition from IIA
From Position Statement, The Institute of Internal Auditors: ERM “is a structured, consistent and continuous process across the whole organization for identifying, assessing, deciding on responses to and reporting on opportunities and threats that affect the achievements of its objectives.”

7 Steps in the Risk Management Process
Determine the corporation’s objectives Identify the risk exposures Quantify the exposures Assess the impact Examine alternative risk management tools Select appropriate risk management approach Implement and monitor program

8 Enterprise Risk Management
Or “Enterprise Risk and Assurance Management” What is ERM? Concerned with a broad financial and operating perspective Recognizes interdependencies among corporate, financial, and environmental factors Strives to determine and implement an optimal strategy to achieve the primary objectives: e.g., maximize the value of the firm

9 Evolution of ERM Historically: “risk silo” mentality Mid-1990s:
First “Chief Risk Officer” First use of ERM terminology Late-1990s: Risk-related regulatory requirements (e.g., Turnbull) Earnings protection insurance debuts 2001: September 11 Corporate scandals Beginning of efforts to improve corporate governance (e.g., Sarbanes-Oxley)

10 A Paradigm Shift Traditional Risks managed in silos
Concentrates on physical hazards and financial risks Insurance orientation Ad hoc / one-off projects Emerging Centralized mgt., with exec-level coordination Integrated consideration of all risks, firm-wide Opportunities for hedging, diversification Continuous and embedded

11 Current State Findings from various surveys
An acknowledged need to improve risk management A recognition that a holistic approach is appropriate and preferable ERM can improve overall capital management and thus enhance corporate value and competitiveness A variety of approaches to improving risk management There are still problems to overcome

12 Types of Risks Operational Strategic Technological Stakeholder Legal
Hazard Physical Strategic Capital / resource allocation Industry / competitors Technological Databases Security Confidential information Stakeholder Legal Compliance Regulatory Financial Capital markets Credit risks Taxes Human capital Retention Training Reputational

13 Issues in ERM Implementation
Different corporate cultures require different ERM approaches Who is going to be the ERM champion within the company Among senior executives Among departments / functions How to embed a risk management culture and responsibilities throughout the firm

14 Components of the ERM Process
Determine corporate objectives Risk identification Goal: comprehensiveness E.g., self-assessment Risk measurement Volatility measures Value at Risk (VaR) Likelihood Impact Likelihood Size of loss

15 Components of ERM (cont.)
Assessing the impact Stress or scenario testing Stochastic simulation Examine and select alternative risk management tools and techniques Traditional risk transfer Natural hedging / diversification Integration of risks E.g., “dynamic financial analysis”

16 Keys to Success in ERM Senior management commitment and sponsorship
Embed a “risk management culture” in the corporation at the operational level Provide for accountability, both specific and widespread Clearly defined responsibilities for coordination and maintenance Adequate communication

17 Internal Audit and ERM Overview
Provide independent and objective assurance for Board on effectiveness of ERM Identify/assess/manage key risks Internal controls IA has assurance and consulting roles Function of other resources Relative time/effort between roles may vary among firms and over time

18 Internal Audit and ERM “The Role of Internal Auditing in Enterprise-wide Risk Management” - The Institute of Internal Auditors Core Roles Assurance regarding, and evaluation of, the risk management process Risk reporting, evaluation, management Assurance regarding handling of key risks

19 Internal Audit and ERM (cont.)
“The Role of Internal Auditing in Enterprise-wide Risk Management” - The Institute of Internal Auditors NOT Roles Establishment of “risk appetite” Imposing / implementing risk responses / management

20 Internal Audit and ERM (cont.)
“The Role of Internal Auditing in Enterprise-wide Risk Management” - The Institute of Internal Auditors Possible Roles Facilitating risk management Identification, evaluation, championing Coordinating ERM “Developing risk management strategy for board approval”

21 “Risk-Focused Surveillance Framework”
NAIC “Risk-Focused Surveillance Framework” Main Objectives Focus on areas posing greatest risk to solvency Focus on “the assessment of governance structure, corporate culture, and management processes in insurance companies to identify, assess and manage (where manage is defined as measurement, mitigation and monitoring) risk”

22 NAIC (cont.) Risk Classifications Credit Market
Pricing and underwriting Reserving Liquidity Operational Legal Strategic Reputation

23 NAIC (cont.)

24 Conclusion “The revolutionary idea that defines the boundary between modern times and the past is the mastery of risk” - Peter Bernstein, Against the Gods

Download ppt "The Role of Auditing in the ERM Process"

Similar presentations

Risk Management at Harvard – Panel Discussion Harvard IT Summit

Risk Management at Harvard – Panel Discussion Harvard IT Summit
Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.

Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.
Lisanne Sison Director ERM Bickmore

Lisanne Sison Director ERM Bickmore
IMFO Audit & Risk Indaba June 2012

IMFO Audit & Risk Indaba June 2012
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Own Risk & Solvency Assessment (ORSA): The heart of Risk & Capital Management John Spencer Director, Ultimate Risk Solutions.

Own Risk & Solvency Assessment (ORSA): The heart of Risk & Capital Management John Spencer Director, Ultimate Risk Solutions.
Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.

Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.
1 Risk-Focused Surveillance Framework Enterprise Risk Management Symposium Chicago, Illinois April 26, 2004 Terri Vaughan, Iowa Insurance Commissioner.

1 Risk-Focused Surveillance Framework Enterprise Risk Management Symposium Chicago, Illinois April 26, 2004 Terri Vaughan, Iowa Insurance Commissioner.
The Development of Enterprise Risk Management and Supervision for Insurance Companies in Taiwan Dr. Huang, Tien-Mu Director General, Insurance Bureau Financial.

The Development of Enterprise Risk Management and Supervision for Insurance Companies in Taiwan Dr. Huang, Tien-Mu Director General, Insurance Bureau Financial.
Manulife Financial Corporation operates as John Hancock in the United States, and Manulife in other parts of the world. Enterprise Risk Management in Life.

Manulife Financial Corporation operates as John Hancock in the United States, and Manulife in other parts of the world. Enterprise Risk Management in Life.
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.

Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.
ERM in the Rating Evaluation CAMAR Fall Meeting November 29, 2007 Thomas M. Mount, ACAS, MAAA Andrew Colannino, Vice President A.M.Best Company.

ERM in the Rating Evaluation CAMAR Fall Meeting November 29, 2007 Thomas M. Mount, ACAS, MAAA Andrew Colannino, Vice President A.M.Best Company.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
2011 Governance, Risk, and Compliance Conference August 29 – 31, 2011 / Orlando, FL, USA The Top Four Essential Objectives to Auditing ERM Stephen E. McBride,

2011 Governance, Risk, and Compliance Conference August 29 – 31, 2011 / Orlando, FL, USA The Top Four Essential Objectives to Auditing ERM Stephen E. McBride,
Enterprise Risk Management and Business Continuity Rick Gorvett, FCAS, MAAA, ARM, FRM, Ph.D. Actuarial Science Professor Departments of Mathematics and.

Enterprise Risk Management and Business Continuity Rick Gorvett, FCAS, MAAA, ARM, FRM, Ph.D. Actuarial Science Professor Departments of Mathematics and.
Enterprise Risk Management Rick Gorvett, FCAS, MAAA, ARM, FRM, Ph.D. Actuarial Science Professor Departments of Mathematics and Finance University of Illinois.

Enterprise Risk Management Rick Gorvett, FCAS, MAAA, ARM, FRM, Ph.D. Actuarial Science Professor Departments of Mathematics and Finance University of Illinois.
6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.

6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.
1 Math 479 / 568 Casualty Actuarial Mathematics Fall 2014 University of Illinois at Urbana-Champaign Professor Rick Gorvett Session 18: Enterprise Risk.

1 Math 479 / 568 Casualty Actuarial Mathematics Fall 2014 University of Illinois at Urbana-Champaign Professor Rick Gorvett Session 18: Enterprise Risk.
MODELING CORPORATE RISK AT FORD Freeman Wood Director Global Risk Management.

MODELING CORPORATE RISK AT FORD Freeman Wood Director Global Risk Management.

Similar presentations

Ads by Google