Presentation is loading. Please wait.

Presentation is loading. Please wait.

Governance, Risk Management and Compliance: Summary of Basic Concepts & Program Goals Bob Kotic Chief Financial Officer University of Sydney.

Published bySara Salisbury Modified over 10 years ago

Similar presentations

Presentation on theme: "Governance, Risk Management and Compliance: Summary of Basic Concepts & Program Goals Bob Kotic Chief Financial Officer University of Sydney."— Presentation transcript:

1 Governance, Risk Management and Compliance: Summary of Basic Concepts & Program Goals Bob Kotic Chief Financial Officer University of Sydney

2 Questions that need Answers What are the greatest risks facing the University?What are the greatest risks facing the University? How does the University manage them?How does the University manage them? How do we monitor them?How do we monitor them?

3 Definitions Corporate Governance: The systems and processes by which the University is directed, controlled and held to accountCorporate Governance: The systems and processes by which the University is directed, controlled and held to account Risk: The potential for an event to occur that could have an effect on the Universitys objectives or operationsRisk: The potential for an event to occur that could have an effect on the Universitys objectives or operations Risk Management: The culture, processes and structures that are directed to the effective management of potential opportunities and adverse effectsRisk Management: The culture, processes and structures that are directed to the effective management of potential opportunities and adverse effects Compliance: The systems and processes that ensure conformity with business rules, policy and legislationCompliance: The systems and processes that ensure conformity with business rules, policy and legislation Governance Risk Management Compliance

4 Universitys Current Approach to Risk Management Silo approach to dealing with riskSilo approach to dealing with risk Specific administrative units have responsibility for specific risksSpecific administrative units have responsibility for specific risks –Hazard (Physical Risk) –Financial Threats –Acts of God OHS Staff Development Physical Security Legal Fraud Error Reporting Data Protection Academic Processes Insurance IT Security

5 Faculties Legal Physical Security Staff Development Fraud OHS IP Management Asset Management Data Protection Compliance

6 Program Goals Develop and implement an integrated approach to risk management and compliance and in turn, provide the framework to allow the University to demonstrate appropriate standards of governance.Develop and implement an integrated approach to risk management and compliance and in turn, provide the framework to allow the University to demonstrate appropriate standards of governance.

7 Program Goals contd Create a culture of risk awareness within the University which will promote the appropriate management of risk and compliance; minimising potential negative events and maximising the ability to seize opportunities.Create a culture of risk awareness within the University which will promote the appropriate management of risk and compliance; minimising potential negative events and maximising the ability to seize opportunities.

8 Program Objectives Identify major risks inherent in the Universitys operating environment & review the effectiveness of existing control measures.Identify major risks inherent in the Universitys operating environment & review the effectiveness of existing control measures. Develop new and more effective tools for monitoring and managing these risks.Develop new and more effective tools for monitoring and managing these risks. Develop a framework to connect the various disciplines currently managing risk to provide a consistent response to risks.Develop a framework to connect the various disciplines currently managing risk to provide a consistent response to risks. Align current activities, policies and procedures with the Universitys overall strategy and streamline deficient processes.Align current activities, policies and procedures with the Universitys overall strategy and streamline deficient processes.

9 Program Objectives contd Educate staff in the Universitys suite of policies, procedures and internal controls.Educate staff in the Universitys suite of policies, procedures and internal controls. Assign responsibilities for projects, activities, controls and compliance where there is no clear leader.Assign responsibilities for projects, activities, controls and compliance where there is no clear leader. Define key performance indicators and early warning systems to ensure quick response to risk.Define key performance indicators and early warning systems to ensure quick response to risk. Provide regular reporting to senior management, Senior Executive Group and the Audit & Risk Management Committee on risk management activities and internal controls.Provide regular reporting to senior management, Senior Executive Group and the Audit & Risk Management Committee on risk management activities and internal controls.

10 Common view of risk Understanding Dependencies Information Decisions, Direction, Controls Integrated Approach to Governance, Risk Management & Compliance Source: Barclays Bank Group Operational Risk

11 Benefits to the University Improved: Management Control & AdministrationManagement Control & Administration Decision MakingDecision Making Resource ManagementResource Management Ability to meet Strategic TargetsAbility to meet Strategic Targets Faculties Legal Physical Security Staff Development Fraud OHS IP Management Asset Management Data Protection Compliance Risk Management Controls

12 Typical Areas of Concern Alignment of current policies, procedures and processesAlignment of current policies, procedures and processes Strategic PlanningStrategic Planning Contracting/LitigationContracting/Litigation Consistency in TechnologyConsistency in Technology Consistency in Human ResourcesConsistency in Human Resources

13 Typical Areas of Concern contd Accountability for Legal ComplianceAccountability for Legal Compliance Management of assets (including acquisition and disposal)Management of assets (including acquisition and disposal) Provision of advice/consultancy agreementsProvision of advice/consultancy agreements Business ContinuityBusiness Continuity

14 Next Steps Identify the top operational risks to the UniversityIdentify the top operational risks to the University –Develop methodology to identify risks –the initial focus on risks and potential exposures that are currently controlled through central administrative support activities Select a risk area and complete full review to pilot an approachSelect a risk area and complete full review to pilot an approach Prioritise remaining risksPrioritise remaining risks

15 Next Steps contd Review the control measures relating to the administrative and financial processes that are currently in place to determine adequacyReview the control measures relating to the administrative and financial processes that are currently in place to determine adequacy Determine new procedures and control measures required and subsequent costsDetermine new procedures and control measures required and subsequent costs

16 Academic Support Administrative Support Risks identified & Control Measures developed Colleges College Risk Manager

17 Outcome List of top ten risks within the UniversityList of top ten risks within the University A risk treatment plan (control measures) by which each risk is managedA risk treatment plan (control measures) by which each risk is managed Risk and treatment plan assigned to a department/individualRisk and treatment plan assigned to a department/individual Performance measures that risks are reported againstPerformance measures that risks are reported against

18 Outcome contd Document as Risk Management PlanDocument as Risk Management Plan Communication and Training in new controls, policies and proceduresCommunication and Training in new controls, policies and procedures Structure within Colleges to assist with implementationStructure within Colleges to assist with implementation Set of procedures which can be audited to ensure complianceSet of procedures which can be audited to ensure compliance

19 Questions ?

Download ppt "Governance, Risk Management and Compliance: Summary of Basic Concepts & Program Goals Bob Kotic Chief Financial Officer University of Sydney."

Similar presentations

The PRR: Linking Assessment, Planning & Budgeting PRR Workshop – April 4, 2013 Barbara Samuel Loftus, Ph.D. Misericordia University.

The PRR: Linking Assessment, Planning & Budgeting PRR Workshop – April 4, 2013 Barbara Samuel Loftus, Ph.D. Misericordia University.
Organizational Governance

Organizational Governance
Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.

Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.
Www.marsh.com Member Training ALARM South East - November 2007 Abigail Simpson and Bob Ellison.

Member Training ALARM South East - November 2007 Abigail Simpson and Bob Ellison.
Auditing, Assurance and Governance in Local Government

Auditing, Assurance and Governance in Local Government
IMFO Audit & Risk Indaba June 2012

IMFO Audit & Risk Indaba June 2012
Risk Management Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Risk Management Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Environmental Management System (EMS)

Environmental Management System (EMS)
NORTHERN TERRITORY TREASURY www.nt.gov.au/ntt Performance Development Framework (PDF) Review 2003 Original Treasury PDF Implemented 2009 November reviewed.

NORTHERN TERRITORY TREASURY Performance Development Framework (PDF) Review 2003 Original Treasury PDF Implemented 2009 November reviewed.
TECHNICAL VOCATIONAL EDUCATIONAL AND TRAINING COLLEGES AN INTRODUCTION TO THE IMPEMENTATION OF A COMPLIANT RISK MANAGEMENT PROCESS July 2014.

TECHNICAL VOCATIONAL EDUCATIONAL AND TRAINING COLLEGES AN INTRODUCTION TO THE IMPEMENTATION OF A COMPLIANT RISK MANAGEMENT PROCESS July 2014.
INTERNATIONAL BEST PRACTICES IN ON-SITE INSPECTIONS OF INSURERS Thomas E Power Senior Manager, Emerging Market Practice Bearing Point.

INTERNATIONAL BEST PRACTICES IN ON-SITE INSPECTIONS OF INSURERS Thomas E Power Senior Manager, Emerging Market Practice Bearing Point.
SEM Planning Model.

SEM Planning Model.
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
Risk Management at ANZ Banking Group Jun 18, 2008 Patrick Zhu Head of Retail Risk China Partnerships.

Risk Management at ANZ Banking Group Jun 18, 2008 Patrick Zhu Head of Retail Risk China Partnerships.
PwC Role of Internal Audit in Corporate Governance September 2010 Tumin Gültekin, Partner.

PwC Role of Internal Audit in Corporate Governance September 2010 Tumin Gültekin, Partner.
The Australian/New Zealand Standard on Risk Management

The Australian/New Zealand Standard on Risk Management
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
Purpose of the Standards

Purpose of the Standards
CORPORATE RISK MANAGEMENT & INSURANCE BY R P BLAH D.G.M. INCHARGE THE ORIENTAL INSURANCE COMPANY LIMITED REGIONAL OFFICE BHUBANESWAR.

CORPORATE RISK MANAGEMENT & INSURANCE BY R P BLAH D.G.M. INCHARGE THE ORIENTAL INSURANCE COMPANY LIMITED REGIONAL OFFICE BHUBANESWAR.
Paradise Valley Community College Ways to Fit Security Risk Management to Your Environment Using the OCTAVE Methodology Tailoring OCTAVE at Maricopa Community.

Paradise Valley Community College Ways to Fit Security Risk Management to Your Environment Using the OCTAVE Methodology Tailoring OCTAVE at Maricopa Community.

Similar presentations

Ads by Google