1 / 18

Enterprise Risk Management Expectations Outpacing Capabilities and

Enterprise Risk Management Expectations Outpacing Capabilities and The Audit Committee’s Role July 30, 2013 Presented by: Suzette E. Ramsden (B.Sc., CISA, CBRA, CRMA) Caribbean Association of Audit Committee Members Inc. 7th Annual General Meeting and Conference

chogan
Download Presentation

Enterprise Risk Management Expectations Outpacing Capabilities and

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Enterprise Risk ManagementExpectations Outpacing Capabilities and The Audit Committee’s RoleJuly 30, 2013Presented by: Suzette E. Ramsden (B.Sc., CISA, CBRA, CRMA) Caribbean Association of Audit Committee Members Inc. 7th Annual General Meeting and Conference “Governance, Audit and Compliance: Changing the Way We Do Business Hilton Trinidad Hotel & Conference Centre: July 29-30, 2013

  2. Enterprise-Wide Risk Management “Enterprise Risk Management is a process, effected by the entity’s board of directors, management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within the risk appetite, to provide reasonable assurance regarding the achievement of objectives” COSO’s Enterprise Risk Management – Integrated Framework (2004)

  3. ERM in Today’s Global Economy “Risk Management is at the top of the global executive agenda as companies face an array of threats that grow more complexby the day. The risks are multitudinous and ever-present, andthose companies that fail to manage them well imperil their future”

  4. Keeping Pace “…challenges are growing faster than most organizations’ abilities to respond: today’s complex environment requires an even stronger capability to master and optimize Risk Management.” Ability Challenges

  5. Contributors Risk Management capabilities are not advancing fast enough Significant gaps and weaknesses in the management of Enterprise Risk Inability to manage risk in an integrated and holistic way

  6. Constantly Evolving “When Risk Management is a strategic tool, the risk program and profile will constantly evolve..”

  7. Shift in the Aftermath In the aftermath of the Global Financial Storm Risk-Taking Risk-Savvy Risk-Averse Ensure Risk Programs don’t go stale Unmanaged Risk Risk Programs Models Relevant to new Economic Environment Ever-Expanding Economy Stagnant Economies

  8. ERM Roles Board of Directors Oversight - Effectively oversee the organization’s Enterprise-Wide Risk Management. Audit Committee Provide assurance regarding the status of the organization’s Risk Management processes; that they are active, credible and effective. Although the ultimate accountability for Risk Management performance remains with the Board of Directors, boards are increasingly looking to board committees to provide assurance regarding the status of the organization’s Risk management processes Internal Audit An independent, objective assurance and consulting activity to provide objective assurance to the board on the effectiveness of Risk Management. Audit Committee Charter

  9. Audit Committee Agenda SO... What should audit committees look for in a company’s Enterprise-Wide Risk Management endeavours to ensure abilities are not lagging behind expectations?

  10. Intersection of Strategy and Risk Enterprise Risk Management resources and actions must be integrated into Strategic Planning process Tool for collaborative decision-making embedded into management routines such as strategic planning Engaging in discussion and dialogue with designated risk owners (senior mgnt) to keep abreast of emerging risks

  11. Assessing Risk Exposures Ensure consistency in the way risk is being assessed across the enterprise Is your organization conducting regular top down and middle-up assessments and alignment of them to create a comprehensive risk profile of the enterprise? Is Management focusing on those lower level operational risk that could frustrate accomplishment of the Board’s objectives for the company ? Are risks being aggregated and the inter-relationships identified to have a clear understanding of the velocity at which risks may occur. Is guidance provided to the business units and functional groups to ensure that they have a consistent approach that is focused on business objectives?

  12. Articulate Risk Appetite Develop a formal Risk Appetite Statement How do you know whether you have taken too much or not enough risk Calculate the monetary value at which a loss or risk event would jeopardize its credit rating Aggregate risk exposure monitored in monetary terms Risk appetite embedded into the business units and functional areas Risk Appetite Corporate Stress-test the resilience of their balance sheets by calculating the monetary value at which solvency would be jeopardized. Operational

  13. Three Lines of Defense Enhance Risk Management via Business Units, Risk & Compliance and Internal Audit functions 3 3 Are Risk Management capabilities keeping pace with the changing needs of the enterprise and expectations of stakeholders? Is consistent risk training being conducted across your three lines of defense? Are processes and technologies in place to monitor and measure risk in a way that get the three lines of defense closer in alignment? Is risk information between lines of defense visible, freely shared and communicated to support dependencies? Do your Board, shareholders and regulators understand your risk program? Is Risk Management embedded in business processes in a way that enhances transparency? 2 2 Business Unit Risk & Compliance Internal Audit

  14. Barriers to Convergence Resources must be adequate to facilitate convergence or integration of risk and control functions Lack of executive support Lagging governance structures Stagnant risk and control oversight functions Insufficient numbers of people Lack of skills and human talent Absence of technology enablers Risk and control silos Obstructed flow of risk information Changing goals and less clarity of risk data Duplication and redundancy

  15. Creating a Risk-Resilient Culture:A call to action Risk Management Framework Key Questions • How do you establish stakeholders’ expectations? • How do you communicate Risk Management to the organization? • How do you ensure that these Risk Management expectations are followed? Risk Resilient Culture Risk Governance Structure

  16. How can KPMG Help

  17. KPMG Contact Information Robert Alleyne Managing Partner 1-868-623-1081 ralleyne@kpmg.co.tt KPMG 69-71 Edward Street Port-of-Spain Trinidad and Tobago Dushyant Sookram Partner, Advisory 1-868-623-1081 dsookram@kpmg.co.tt KPMG 69-71 Edward Street Port-of-Spain Trinidad and Tobago Neil Bhola Manager, Advisory 1-868-623-1081 nbhola@kpmg.co.tt KPMG 69-71 Edward Street Port-of-Spain Trinidad and Tobago Suzette Ramsden Manager, Advisory 1-868-623-1081 sramsden@kpmg.co.tt KPMG 69-71 Edward Street Port-of-Spain Trinidad and Tobago

  18. Thank You

More Related