enterprise risk management. what has been done regarding risk management in the past ● agency...
TRANSCRIPT
![Page 1: Enterprise Risk Management. What has been done regarding risk management in the past ● Agency level safety an security issues have](https://reader035.vdocuments.us/reader035/viewer/2022071807/56649eb15503460f94bb6cad/html5/thumbnails/1.jpg)
Enterprise Risk Management
![Page 2: Enterprise Risk Management. What has been done regarding risk management in the past ● Agency level safety an security issues have](https://reader035.vdocuments.us/reader035/viewer/2022071807/56649eb15503460f94bb6cad/html5/thumbnails/2.jpg)
www.liikennevirasto.fiThe Finnish Transport Agency 2
What has been done regarding risk management in the past
● Agency level safety an security issues have been led by a top level group
● Data security security issues have been handled somewhat separately
● Risks have been systematically identified
● Responsibilities have been defined
● Control measures have been planned
● Analysis and reporting is done regularly
● We still have vulnerabilities that are not in sufficient control
![Page 3: Enterprise Risk Management. What has been done regarding risk management in the past ● Agency level safety an security issues have](https://reader035.vdocuments.us/reader035/viewer/2022071807/56649eb15503460f94bb6cad/html5/thumbnails/3.jpg)
www.liikennevirasto.fiThe Finnish Transport Agency 3
What is being done now (1/2)
New classification of risks
● Strategic risks
● Safety risks
● Process risks
● Project risks
● Financial risks
● Personnel risks
● Operational risks
● Data security risks
● Legal risks
![Page 4: Enterprise Risk Management. What has been done regarding risk management in the past ● Agency level safety an security issues have](https://reader035.vdocuments.us/reader035/viewer/2022071807/56649eb15503460f94bb6cad/html5/thumbnails/4.jpg)
www.liikennevirasto.fiThe Finnish Transport Agency 4
What is being done now (2/2)
● New top level group to lead safety and security issues
● Development of FTA’s Integrated Management System
● Integration of all safety, security and risk issues into the management process
● Contracts with key partners from the industry
● Identification of key focuses (eg. extreme weather, cyber, installations, etc.)
● Plans prepared for exceptional situations in advance
● Definition of acceptable risk levels
![Page 5: Enterprise Risk Management. What has been done regarding risk management in the past ● Agency level safety an security issues have](https://reader035.vdocuments.us/reader035/viewer/2022071807/56649eb15503460f94bb6cad/html5/thumbnails/5.jpg)
www.liikennevirasto.fiThe Finnish Transport Agency 5
Safety and security management vs. risk management
The objective of safety and security management
-> minimize threats and negative impacts on people, the environment and property
The objective of risk management
-> to keep business running
![Page 6: Enterprise Risk Management. What has been done regarding risk management in the past ● Agency level safety an security issues have](https://reader035.vdocuments.us/reader035/viewer/2022071807/56649eb15503460f94bb6cad/html5/thumbnails/6.jpg)
www.liikennevirasto.fiThe Finnish Transport Agency 6
Thank you for your attention!
Jan Juslén
Director, Research and Development Programs
Finnish Transport Agency