1 / 20

Enterprise Risk Management

Enterprise Risk Management. Framework for establishing industry requirements and priorities. Andreas Vogel September 13 th , 2006. Framework for Discussion. This is a strawman proposal which summarizes some thinking and brainstorming Next steps Team discussion and refinement

Patman
Download Presentation

Enterprise Risk Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Enterprise Risk Management Framework for establishing industry requirements and priorities Andreas Vogel September 13th, 2006

  2. Framework for Discussion • This is a strawman proposal which summarizes some thinking and brainstorming • Next steps • Team discussion and refinement • Framework for discussion with ISMs and IBUs • Framework for discussion with partners, analysts, customers The goal is to create a product strategy which optimizes between market requirements and SAP development capabilities.

  3. Train of Thought (for non-audio consumption) • Risk Management Processes • Identifying the key processes and process steps within • Classify steps by generic vs. specific to a risk class • Modeling and monitoring are risk class specific • Risk Monitoring • Identify a list of risk classes, the corresponding key risk identifiers, and the industries where they apply (some are generic) • Risk Modeling • Understand pre-requisites for quantitative modeling • Identify techniques • Identify industries which satisfy pre-requisites • Understand approach to solution for qualitative modeling and analysis • Value drivers in key industries • ERM value pyramid • Used banking as an example to identify key value drivers within the ERM process • Provide similar analysis for other key industries

  4. Response Strategy To hazards Actions to change Frequency Impact Periodically Periodically Continuously Managing Enterprise Risk – Processes View Strategic Planning Setting Risk Appetite Risk Identification and Assessment Risk Identification Surveys Workshops Review Risk Registration Risk database Description Owners, etc. Risk Assessment Qualitative Quantitative Models/Simulation VaR, Monte Carlo, etc. Risk Monitoring Monitoring Risk indicators Specific Generic

  5. Train of Thought (for non-audio consumption) • Risk Management Processes • Identifying the key processes and process steps within • Classify steps by generic vs. specific to a risk class • Modeling and monitoring are risk class specific • Risk Monitoring • Identify a list of risk classes, the corresponding key risk identifiers, and the industries where they apply (some are generic) • Risk Modeling • Understand pre-requisites for quantitative modeling • Identify techniques • Identify industries which satisfy pre-requisites • Understand approach to solution for qualitative modeling and analysis • Value drivers in key industries • ERM value pyramid • Used banking as an example to identify key value drivers within the ERM process • Provide similar analysis for other key industries

  6. Monitoring of Key Risk Indicators – Industry Specific

  7. Risk Monitoring of Key Risk Indicators - Generic

  8. Train of Thought (for non-audio consumption) • Risk Management Processes • Identifying the key processes and process steps within • Classify steps by generic vs. specific to a risk class • Modeling and monitoring are risk class specific • Risk Monitoring • Identify a list of risk classes, the corresponding key risk identifiers, and the industries where they apply (some are generic) • Risk Modeling • Understand pre-requisites for quantitative modeling • Identify techniques • Identify industries which satisfy pre-requisites • Understand approach to solution for qualitative modeling and analysis • Value drivers in key industries • ERM value pyramid • Used banking as an example to identify key value drivers within the ERM process • Provide similar analysis for other key industries

  9. What could be done outside the financials services industry? Risk Modeling and Simulation Prerequisites for Quantitative Modeling • Statistically relevant historical data samples, e.g. • Stock market data • Accident static of thousands of employees over years • Historical demand data • Applicable modeling and simulation technique, e.g. • Value at Risk • Monte Carlo Simulation • Apply quantitative modeling and simulation techniques • Banking • Insurance available Are there other industries Where quantitative modeling can be applied? not available • Apply qualitative techniques • What-if scenario analysis How would tools for scenario analysis look like?

  10. Train of Thought (for non-audio consumption) • Risk Management Processes • Identifying the key processes and process steps within • Classify steps by generic vs. specific to a risk class • Modeling and monitoring are risk class specific • Risk Monitoring • Identify a list of risk classes, the corresponding key risk identifiers, and the industries where they apply (some are generic) • Risk Modeling • Understand pre-requisites for quantitative modeling • Identify techniques • Identify industries which satisfy pre-requisites • Understand approach to solution for qualitative modeling and analysis • Value drivers in key industries • ERM value pyramid • Used banking as an example to identify key value drivers within the ERM process • Provide similar analysis for other key industries

  11. Failure to address certain classes of risk can put companies out of business Often regulated industries Budget available Some processes and org structures in place Failure to address certain classes could have major impact on business Processes and org structures rudimentary Mining Oil & Gas Pharma / Biotech Aerospace and Defense Utilities Remaining industries Have agreement on what the sweet spot is and why? Need to review selected industry in this bucket with IBUs ERM Value Pyramid Requirements too sophisticated for current SAP offering ERM is core value driver Companies have sophisticated tools, processes and org structures in place Budget available Banking Insurance ERM iscore business Sweet spot forSAP ERM ERM iskey to business No $$$ ERM isimportant to business

  12. Failure to address certain classes of risk can put companies out of business Often regulated industries Budget available Some processes and org structures in place Failure to address certain classes could have major impact on business Processes and org structures rudimentary May have very specific risks requiring special solutions Pharma Utilities / Energy Oil & Gas / Mining Selected manufacturing (large and complex) Public sector Healthcare Telco Retail ERM Value Pyramid based on Deloitte Input ERM is core value driver Companies have sophisticated tools, processes and org structures in place Budget available Banking Insurance ERM iscore business ERM iskey to business ERM isimportant to business

  13. Continuously Periodically Periodically Can we make similar assessment for other industries? Value Drivers in Financial Services Strategic Planning Setting Risk Appetite Risk Identification and Assessment Response Strategy To hazards Risk Identification Surveys Workshops Review Risk Registration Risk database Description Owners, etc. Risk Assessment Qualitative Quantitative Actions to change Frequency Impact Investment decisions Models/Simulation VaR, Monte Carlo, etc. Risk Monitoring Monitoring Risk indicators

  14. Case Studies and Customer Interviews I 1 Excerpt from Barton et al, “Making Enterprise Risk Management Pay Off”, fei Research Foundation, 2002

  15. Case Studies and Customer Interviews II 1 Excerpt from Barton et al, “Making Enterprise Risk Management Pay Off”, fei Research Foundation, 2002

  16. Case Studies and Customer Interviews III 2 Excerpt from Paul et al, “Enterprise Risk Management: Pulling it all together”, The Institute of Auditors Research Foundation, 2002

  17. Case Studies and Customer Interviews IV 2 Excerpt from Paul et al, “Enterprise Risk Management: Pulling it all together”, The Institute of Auditors Research Foundation, 2002

  18. Southern Company3 3 Phone interview by Andreas in 2005/2006

  19. Bombardier3 3 Phone interview by Andreas in 2005/2006

  20. Hydro One3 3 Phone interview by Andreas in 2005/2006

More Related