A1258690595xoQeP - PowerPoint PPT Presentation

Title: A1258690595xoQeP


1
If I were you, I wouldnt start from
here Getting Enterprise Risk Management into
your organisation
Mark Swabey Stuart Gruszka
2
Dublin
Limerick
3
The Typical Scenario
UK Combined Code Sarbanes-Oxley, Turnbull, Basel 2
If only they were in tune! Where are the
priorities? what is the best ROI?
More Programme, Bid and project risk assessments?
How do I manage them all?
Next product NOW please. Window of Opportunity
Earlier completion date? Less testing, less
reliable, more comebacks later
4
Enterprise Risk Management

• Too much emphasis on financial institutions and
  jargon
• ERM is relevant to our whole business
• as long as we are all included
• and we define it in our own terms

5
The foundation stones

• Management commitment
• Involvement of key personnel
• Empowerment
• Training
• Communication

6
The foundation stones

• Common framework
• We all agree to do this and do it this way
• Clear objective
• Inclusiveness
• A simple common process

7
The foundation stones

• Process

Identify
Quantify
Manage
Respond
8
The foundation stones

• Shared Vocabulary
• Chance (Probability)
• Impact
• Money
• Time
• Other criteria

9
RiskAid Other Criteria

• What is important to your organisation
• Reputation
• Quality
• Environmental Impact
• ?

10
Reporting up the ladder

• Hierarchical risk assessments

11
Reporting up the ladder

• Including subsidiary assessments
• Budgets and Plans
• Consequential impact

12
Budgets and Consequential Impact
13
Uncertainty
Hierarchy of Risk (from Risk Improving
governments capability to handle risk and
uncertainty, ref 254205/1102/D16 UK Govt.
Strategy Unit, Nov 2002)
14
Managing the assessments

• Where do we keep the assessments?
• secure web or intranet server
• How do we access them?
• via a browser
• Who can see what?
• up to each assessment manager
• Who did what, when and why?
• history and audit trail
• What-if?
• scenarios

15
Uncertainty in RiskAid

• Uncertainty in estimates
• Uncertainty in chance of risk occurring
• Uncertainty of cost of action
• Uncertainty in an action solving the risk

16
Is each action cost-effective?

• See the effects of the action by switching it on
  and off

?
17
Integrating assessments plans

• Integrate the risk management action plan with
  the business or project plan.
• Allocate resources to the risk management action
  plan.
• Deal with risk management tasks as part of the
  business or project.

18
Instant Reports and Interactive Displays

• Displays to help identify risks

19
Instant Reports and Interactive Displays

• Displays to show the priority risks

20
Instant Reports and Interactive Displays

• Displays to show the effects of actions

21
Instant Reports and Interactive Displays

• Displays to show the risk register, action
  progress, responsibilities

22
The benefits of sharing

• Devolving responsibility
• Involvement by all
• Encourages problem sharing and solving at each
  level
• Clear responsibilities for each person
• Better corporate understanding
• Supported by common, integrated, collaborative
  tools

23
Benefits of web/intranet based support

• Controlled access
• Controlled remote access
• Collaborative environment
• High availability
• Safe storage
• Minimal IT maintenance effort needed
• Easy to use

24
Conclusions
Enterprise Risk Management can be beneficial and
show a positive return on investment if we have

• Common framework
• Common vocabulary
• Common process
• Common, collaborative support environment
• and we keep it simple and easy for all.