enterprise risk management. what has been done regarding risk management in the past ● agency...
TRANSCRIPT
Enterprise Risk Management
www.liikennevirasto.fiThe Finnish Transport Agency 2
What has been done regarding risk management in the past
● Agency level safety an security issues have been led by a top level group
● Data security security issues have been handled somewhat separately
● Risks have been systematically identified
● Responsibilities have been defined
● Control measures have been planned
● Analysis and reporting is done regularly
● We still have vulnerabilities that are not in sufficient control
www.liikennevirasto.fiThe Finnish Transport Agency 3
What is being done now (1/2)
New classification of risks
● Strategic risks
● Safety risks
● Process risks
● Project risks
● Financial risks
● Personnel risks
● Operational risks
● Data security risks
● Legal risks
www.liikennevirasto.fiThe Finnish Transport Agency 4
What is being done now (2/2)
● New top level group to lead safety and security issues
● Development of FTA’s Integrated Management System
● Integration of all safety, security and risk issues into the management process
● Contracts with key partners from the industry
● Identification of key focuses (eg. extreme weather, cyber, installations, etc.)
● Plans prepared for exceptional situations in advance
● Definition of acceptable risk levels
www.liikennevirasto.fiThe Finnish Transport Agency 5
Safety and security management vs. risk management
The objective of safety and security management
-> minimize threats and negative impacts on people, the environment and property
The objective of risk management
-> to keep business running
www.liikennevirasto.fiThe Finnish Transport Agency 6
Thank you for your attention!
Jan Juslén
Director, Research and Development Programs
Finnish Transport Agency