Upload File

enterprise risk management · •va scandal •opm data breach •2016 hurricanes and wild fires...

  • Home
  • Documents
  • Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks
19
Enterprise Risk Management Jonelle Pianta, Chief Risk Officer Overland Park, KS | December 8, 2017 1

Upload: others

Post on 24-Aug-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management Jonelle Pianta, Chief Risk Officer Overland Park, KS | December 8, 2017

1

Page 2: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Overview • What it is and why do it • Internal ERM • Auditing ERM

Enterprise Risk Management

2

Page 3: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management

What it is and why we should do it

3

Page 4: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management

4

• GSA scandal • VA scandal • OPM data breach • 2016 hurricanes and wild fires • 2008 financial crisis • IRS screening of politically active exempt orgs

Risks are everywhere

Page 5: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management

5

Opportunities are everywhere

Page 6: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management

6

Trademark by COSO ERM Framework coso.org

Page 7: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management

7

COSO ERM Framework – Trademark by coso.org

Page 8: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Mandated by OMB A-123 • Revised July 15, 2016 • All Federal agencies effectively manage risks to

meet strategic objectives • Coordinate ERM, strategic planning, strategic

review process, and internal control processes

Enterprise Risk Management

8

Page 9: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

ERM is • The culture and practices that organizations rely

on to manage risk in creating, preserving, and realizing public value.

• It will identify potential risks and opportunities that could impact how well we achieve our mission, vision, and strategic goals and objectives.

Enterprise Risk Management

9

Page 10: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management

R - 58 G - 16 B - 55

R - 27 G - 41 B - 82

R - 155 G - 128 B - 75

R - 165 G - 166 B - 165

R - 79 G - 80 B - 79

10

Page 11: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Why we do it... • Advance opportunity

– Improve mission delivery – Reduce costs – Focus our corrective actions

• Prioritization – if all risks are important, none are • Better decision making • Gain knowledge to review your agency

Enterprise Risk Management

11

Page 12: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

What ERM is not... • It does not replace internal controls; it feeds,

shapes, and guides them. • Are you already doing great? It may just be a way

to do better. • It is not a cure-all. Bad stuff will still happen.

Enterprise Risk Management

12

Page 13: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management

Internal ERM

13

Page 14: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

How we do it... • Develop the framework • Create a risk register • Evaluate risks • Risk council ranks the risks for the organization • Affected offices implement corrective actions • Evaluate and repeat

Enterprise Risk Management

14

Page 15: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management

External ERM

15

Page 16: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

How we do it... • Develop the framework

– Who does what – Timing

• Evaluate risks • Rank the risks for the agency • Evaluate current risks and continue to find new risks

Enterprise Risk Management

16

Page 17: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Tips • Get support from the top • Sell people on the benefits first so it doesn’t

become a compliance exercise • Use plain language • You don’t know how to do it until you do it

Enterprise Risk Management

17

Page 18: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Enterprise Risk Management

ERM feeds governance and decision making – the process is fair and supportable and what is

determined to be most important is based on what is best for the

organization as a whole.

18

Page 19: Enterprise Risk Management · •VA scandal •OPM data breach •2016 hurricanes and wild fires •2008 financial crisis •IRS screening of politically active exempt orgs . Risks

Questions? www.hudoig.gov

19


CELEBRITY AND SCANDAL 3. Suzanne Paul: Scandal, celebrity

Markets Are Politically Constructed and Politically Maintained

pg. 1 pg. 2 · pg. 15 pg. 16 AB *orgs lopr *orgs lopr *orgs lopr *orgs lopr *orgs lopr . Title: forestFloorBlocks.indd Author: jenny Created Date: 10/20/2016 12:54:07 PM

VW Scandal

Soc. Media Inside Orgs

Strengthening neighborhood orgs

Politically social

131007PPT Transforming Orgs

listingofREGIONAL ORGS

Biz Orgs Handout

Carrian Scandal

Biz Orgs Outline

ArmorGroup Scandal

Enron Scandal

The Scandal

Oil Detector & Alarm ORGS 11 1 ORGS 11 2 - GESTRA AG4 Function The oil detector & alarm ORGS 11 2 is an equipment unit consisting of the measuring electrode ORGS 11-1 and a measuring

satyam Scandal

Orgs Accounts

College Based Orgs

Constitutional Orgs

Unum Scandal

Outreach To Outside Orgs

Groups and Orgs

Setting Up Producer Orgs

The Politically Incorrect Guide to Science (Politically Incorrect Guides)

Worldcom scandal

Outline Bus Orgs

WHITE PAPER Politically Exposed Persons (PEPs) and ...€¦ · Politically Exposed Persons (PEPs) and Customer Due ... Politically Exposed Persons (PEPs) ... Politically Exposed Persons

Religious Orgs Workbook

Public Orgs in Ghana

Strengthening OST Orgs

World economic orgs

Politically Incorrect

Hacking Orgs

Forms of business orgs