RM Vision and ObjectivesHow does management develop a shared vision for the role of risk management in the organization?. senior management working group “risk management vision” develo
Trang 1Enterprise Risk Management (ERM)
‘Integrated Framework’
IMPLEMENTATION Risk Management Vision and Objectives
Trang 2FUNDAMENTALS & ROLES
• The Fundamentals
• COSO Enterprise Risk Management
• Role of Executive Management
• Role of the Director
• Role of the Chief Risk Officer
• Risk Management Oversight Structure
• Role of Internal Audit
Trang 3• Risk Management Vision and Objectives
• Conducting Risk Assessments
• Getting Started – Set the Foundation
• Building & Enhancing Capabilities
• Building a Compelling Business Case
• Making it Happen
• Relevance to Sarbanes-Oxley Compliance
• Other Questions
Trang 4RM Vision and Objectives
How does management develop a shared vision for the role of risk management in the
organization? What is the practical use of a
shared vision?
senior management working group
“risk management vision” develops a shared view
of the role of risk management in the
organization and the capabilities desired to
manage its key risks (“big picture view”)
Trang 5RM Vision and Objectives
Risk management vision
“call for action” to drive the organization to
identify, design and build the risk
management capabilities needed to close
significant gaps and make management’s
selected risk responses happen
Trang 6RM Vision and Objectives
Specific capabilities managing priority risks
selecting the priority risks and determining the current state of risk management capability
desired future state is assessed with the
objective of advancing the maturity of the
capabilities around managing those risks
close significant gaps and deliver management’s desired outcomes
Trang 7RM Vision and Objectives
ERM infrastructure
overall risk management policy
enterprise wide risk assessment process
integration of risk responses with business plans
presence on the board and CEO agenda
chartered risk committee
clarity of risk management roles and responsibilities
dashboard and other
risk reporting
proprietary tools to portray a portfolio view of risk
Trang 8RM Vision and Objectives
How does management define the entity’s risk management
goals and objectives?
Develop a common understanding of risk across multiple
functions and business units to manage risk cost-effectively
Achieve a better understanding of risk for competitive advantageBuild safeguards against earnings-related surprises
Build and improve capabilities to respond effectively to low
probability, critical, catastrophic risks
Achieve cost savings through better management of internal
resources
Allocate capital more efficiently
Trang 9RM Vision and Objectives
RM Goals and Objectives should be consistent /supportive of the
enterprise’s business objectives and strategies
targets the markets and geographies in which the firm does
business
specifies the products and services it provides to those markets,
the channels it uses to access those markets and the
characteristics by which it differentiates its products and services
in the eyes of the customer
built on the processes through which the entity converts materials and labor into products and services; employees,
training/retention; suppliers/customers; shareholders and
lenders
Trang 10RM Vision and Objectives
“Tough questions”
What are our business objectives and strategies?
What are our financial targets, e.g., profitability, size
and revenue growth?
What values do we want to build and reinforce?
What markets do we choose?
What relative market position do we seek?
What is our business model for winning in our chosen markets?
Trang 11RM Vision and Objectives
Trang 12RM Vision and Objectives
“Tough questions”
Which specific future events could, if they occurred,
affect our organization’s ability to achieve its:
objectives relating to quality, innovation, timeliness, safety, compliance, etc.
to execute its strategies successfully?
Which events would affect our market share?
Trang 13RM Vision and Objectives
unit? By major product? By geography?
If accept the exposures inherent in our business model that give rise to our existing risks, do we have
sufficient capital to absorb significant unforeseen
losses should they occur?
Trang 14RM Vision and Objectives
ERM Vision Statement:
Contribute to the creation, optimization and
protection of enterprise value by managing
our business risks as we create value in the
marketplace.
Trang 15RM Vision and Objectives
ERM Mission Statement:
Create a comprehensive approach to anticipate, identify, prioritize, manage and monitor the
portfolio of business risks impacting our
organization Put in place the policies, common processes, competencies, accountabilities,
reporting and enabling technology to execute that approach successfully.
Trang 16RM Vision and Objectives
ERM Goals and Objectives:
Design and execute a global business risk management process integrated with our strategic management process:
• Integrate business risk management with our strategy formulation and business planning processes
• Articulate our strategies so that they are understood throughout our organization
• Establish KPIs designed to drive behaviors consistent with our strategy
• Reward effective articulation and management of key risks
Ensure that process ownership questions are addressed with
clarity so that roles, responsibilities and authorities are
properly understood
Trang 17RM Vision and Objectives
ERM Goals and Objectives:
Design and execute a global process to monitor and reassess the top quartile risk profile and identify gaps in the management
of those risks, based upon changes in business objectives and
in the external and internal operating environment
Define risk management strategies and clear accountabilities and action steps for building and executing risk management
capabilities and improving them continuously
Continuously monitor the information provided to
decision-makers in order to assist them as they manage key risks and protect the interests of shareholders
Trang 18RM Vision and Objectives
What is “risk appetite”?
amount of risk, on a broad level, an entity is willing to accept in pursuit of value
reflects management philosophy, and in turn influences the
entity’s culture and operating style
qualitative risk appetite: high, medium or low
quantitative approach: balancing goals for growth, return and
risk
higher risk appetite may be willing to allocate a large portion of its capital to such high risk areas as newly emerging marketslow risk appetite only in mature, stable markets
Trang 19RM Vision and Objectives
What is “risk thresholds” = “tolerances” =
“limits”?
acceptable level of variation relative to
achievement of a specific objective
best measured in the same units as those used
to measure the related objective
Trang 20RM Vision and Objectives
Observations:
Risk appetite is strategic - relates primarily to the business modelRisk tolerance is tactical - relates primarily to objectives
Every organization has a risk appetite
Risk tolerance reflected differently for different objectives:
• relating to earnings variability
• interest rate exposure
• compliance with laws and regulations
• acquisition, development and retention of people
Trang 21RM Vision and Objectives
Is there a defined methodology for calibrating performance
with risk tolerances? (“the acceptable variation relative to the
achievement of an objective.”)
three types of risk tolerance:
• Variability in achieving expected returns (materiality)
• Susceptibility to extreme events = loss exposure or loss
driver exposure to catastrophic loss (probability)
• Inconsistency with the desired risk appetite
Trang 22RM Vision and Objectives
How are the risk management vision and objectives translated into the appropriate ERM infrastructure?
Develop “Capabilities” policies, processes,
competencies, reports, methodologies and
technologies
• phase 1 sets the foundation
• phase 2 builds capabilities for critical risks
• phase 3 enhances existing risk management
capabilities
Trang 23RM Vision and Objectives