1 / 23

Enterprise-Wide Risk Management CAUBO Annual Conference 2006

Enterprise-Wide Risk Management CAUBO Annual Conference 2006. Trudy Pound-Curtis Assistant Vice-President Finance & CFO June 20, 2006. Definition. Enterprise Risk is the level of exposure to uncertainties that an organization must understand and manage in order to achieve its objectives

edmund
Download Presentation

Enterprise-Wide Risk Management CAUBO Annual Conference 2006

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Enterprise-Wide Risk ManagementCAUBO Annual Conference 2006 Trudy Pound-Curtis Assistant Vice-President Finance & CFO June 20, 2006

  2. Definition • Enterprise Risk is the level of exposure to uncertainties that an organization must understand and manage in order to achieve its objectives • Enterprise-Wide Risk Management (EWRM) is a structured and disciplined approach that aligns strategy, processes, people, technology and knowledge with the purpose of: • identifying, • assessing and, • managing risks across the organization

  3. Unacceptable Risk Gap Business Risks Ability to Manage Risks Business risks are increasing exponentially, while risk management practices are not keeping pace. Current Risk Management Situation (Deloitte & Touche)

  4. Broadened risk focus • Improved linkage of risk and opportunity • Increased scope strategy Enterprise-wide Risk Management management Business Risk Management operations Value contributed Risk Management financial Risk Management perspective EWRM - a Natural Evolution in the Art of Risk Management ( Deloitte & Touche)

  5. Objectives of EWRM at York • Gain a better understanding of risks facing York University; • Identify opportunities that can be exploited to enhance the achievement of York’s strategic objectives; • Identify threats to strategies that need to be managed; • Assess how well York believes risks critical to its success are being managed; and • Assist Senior Management and the Board of Governors in meeting institutional governance requirements.

  6. EWRM Process at York • Develop EWRM Framework • Establish Risk Policy • Conduct Risk Assessment • Develop Risk Management Strategy • Monitor Risk Management Performance

  7. York’s Risk Management Framework Risk Roles & Communication Responsibilities Risk Policy Risk Risk Monitoring Identification Risk Management

  8. The University-Wide Risk Policy • It sets the direction for risk management within the University • Clearly articulates roles and responsibilities • Provides a framework for EWRM implementation

  9. Role and Responsibilities • Board of Governors: overseeing the management of risk Management: • identifying and managing the risks to the University • developing and implementing the overall risk management approach, policies, processes, systems, controls and reporting • implementing a risk management culture and capability necessary to execute risk management strategies

  10. Risk Assessment Phase Execute Launch Activities Execute Questionnaire Process Conduct Interviews Plan and Execute Facilitated Workshop Develop and Present Report

  11. Establish a common risk language Business Risk Model (Deloitte & Touche) Uncertainties affecting the viability of our business model Environment risk Process risk Uncertainties affecting the execution of our businessmodel Sources of uncertainty Uncertainties over the relevance and reliability of information that supports our value creation decision Information for decision making risk

  12. Establish a common risk language Business Risk Model (Deloitte & Touche)

  13. Typical Risks Facing Canadian Universities • Human Resources • Marketing • Finances • Student Experience • Government Priorities • Infrastructure

  14. York’s Common Risk Language • Competitor Risk is the risk that actions of competitors including other Universities, Colleges and new market entrants, impact York’s ability to achieve its goals and objectives. • Student Satisfaction Risk is the risk that the University does not focus on its students and does not address issues surrounding student satisfaction both from an academic and non-academic standpoint.

  15. Authority Capital Availability Commodity Customer Satisfaction Political Human Resources Regulatory Efficiency Legal Fraud Currency Risk Map (Deloitte & Touche) HIGH Significance LOW Inherent likelihood of occurrence HIGH

  16. High Under-managed 5 1 2 7 4 Level of risk 3 6 9 13 8 12 14 Zone of balanced 11 16 10 risk management 15 Over-managed High Low Risk management effectiveness Risk Management Effectiveness Map (Deloitte & Touche)

  17. Risk Management Strategy Development Phase Risk Definition and Assessment Assign Risk Owner(s) Assess Risk Tolerance/ Acceptance Identify KPI, Controls and Initiatives Develop Risk Registers

  18. Risk Registers .

  19. Risk Monitoring • Identify the internal and external factors affecting risks • Assess the progress on controls/initiatives • Assess the effects of internal and external factors on the risks • Assess the current risk exposure • Develop risk monitoring reports

  20. Risk Monitoring Report

  21. Next Steps • Risk Management is not a Static Exercise • Continuous Process • Assess Appropriateness of Currently Identified Risks • Assess Risk Beyond First-Tier and Second-Tier Risks • Expand Senior Level Involvement - include Deans and AVPs in 2005 • Incorporate the implications of risk assessment in regular decision-making

  22. Key success factors that make the difference • Executive leadership • Ownership and commitment • Enabling frameworks • Continuous process improvement

  23. Closing Thought Managing Risk = Managing your University

More Related