SlideShare uma empresa Scribd logo

Managing Hidden Risks with an ERM Approach

K
Karl Davey

Transpacific Industries is a leading waste management company in Australia and New Zealand that manages risks across its many facilities and operations. The presentation discusses consolidating risk information across the organization to get a more comprehensive view of risks. It promotes implementing an enterprise risk management system with a common risk language and process to identify risks, encourage participation, and leverage lessons learned. The goals are to make hidden risks more visible, facilitate knowledge sharing across the organization, and provide insights to help manage risks and opportunities.

Negócios
1 de 27
Managing Risk Registers – SOPAC® 2013 Getting hidden risks on the 3-6 March 2013 Brisbane radar Karen Tuesley Group Internal Audit Manager Karl Davey Chief Risk Officer
Agenda 1. Setting the Scene – Transpacific Industries 2. Consolidating the risk environment 3. Categorising risk 4. The Internal Audit perspective 5. ERM Consolidation 6. Business Benefits Page 2
Australia and New Zealand’s leading waste management provider > Australian publicly listed company with annual revenues of approximately $2b > 380 locations across Australasia > 45 major processing facilities > More than 300 products and services > More than 7,000 staff > Australia‟s largest waste management fleet with more than 3,600 vehicles
Geographic Distribution
Behind the scenes processing ‘smarts’ > Australian-first hydrogenation facility > Mineral oil processed and reused as fuel oil and base oils > Used cooking oil refined and reused to enhance stock feed > Liquid and hazardous treatment plants > Wastes disposed of in an environmentally friendly and safe way > Material Recycling Facilities (MRFs) > Co-mix, building and construction, green waste > Convert harmful landfill gas into „green‟ electricity
Risk and Assurance Areas of Focus > Corporate Governance & Assurance > Internal Audits > SEQ Audits > Investigations > Faircall (Anonymous ethics whistleblower line) > Fraud & Ethics (Internally reported) > Insurance > Claims Management > Risk Engineering/profiling > Risk Management > ERM Implementation > Business Resilience > Group SEQ Function > Sustainability > SEQ Enhancement & Culture programme
The Problem: Silo’ed Risk Management Board Risk Register Audit BU Risk Register BU Risk Register Risks BU Risk BU Risk Register Register Risks Risks Risks
The Solution: Enterprise Risk Management (ERM) > A process owned and supported by > The Board > The organisation as a whole > The solution, a risk process which provides > An identification of the widest range of risks > Allow a contribution from all > This means including all stakeholders across our endeavour > A one team approach > Endeavour wide risk management > Raising Risks and potential problems is GOOD. > Culture change > Supportive Management, No blame environment > Management Actions Should be Accountable > Measurable > Auditable
Risk Management Process > Common Integrated Process Plan: Set The Context > Safety > Environmental Identify > Business & Strategic Communicate > Business Resilience Govern Assess > Emphasis on Management > Elimination of Threats > Realisation of Opportunities Manage > Control > Recovery > Sharing Best Practice Review & Monitor
Consolidating the Risk Envirnoment > Look beyond the silo‟s > Bigger picture > Top down and Bottom up > Business requirements V‟s Operational requirements Business and Strategic Risks Mgt Project / Operational Risks Mgt
Rollup of Information Board Risk Register Audit BU Risk BU Risk BU Risk BU Risk Register Register Register Register Risks Risks Risks Risks
Risk Assessment Financial Likelihood Consequence Safety & Health Environmental Business Interruption Reputational (Set locally) A significant outage that causes International impact - International Threat is expected to Permanent widespread damage inside irreversible damage to a large number public attention. Direct impact on share Almost Certain occur Significant One or more fatalities (public or > AUD $ X M EBIT or outside of site of customers (impacts viability of the price. Potential loss of long term core 75-99% workers) business) client A significant outage that causes National impact - National public Threat could occur Widespread damage within or outside Likely Major Permanent Injury or Disability widespread damage to customer concern. Leads to share price volatility. > AUD $ X M to <AUD $ X M AUD EBIT 50-74% of site, costly restoration (public or workers) relationships (some permanent) Loss of client. Threat Threat could possibly Recoverable damage with treatment Inconvenience to customers that cause Considerable impact - Regional public Possible occur Moderate Lost Time Injury to worker >AUD $ X M to AUD <$ X M EBIT inside or outside of site some harm to relationships concern. Client Unease 25-49% Injury to member of public Threat is unlikely to occur Short to medium term damage Delay affecting customers but no Unlikely 11-24% Minor Minor Injury to worker medical treatment required requiring possible intervention Opportunity damage to relationships Limited impact - Local public concern Threat $ X K to AUD <$ X M EBIT >AUD Threat may occur in Almost Certain -25 -21 -15 -10 -5 5 10 15 21 25 Almost Certain Short term damage no intervention A temporary delay in servicing a small Slight impact - Public awareness may Rare exceptional circumstances Insignificant AUD $0 - AUD < $ X K EBIT Slight Injury to worker first aid required required number of customers exist but no public concern 0-10% Likely -24 -20 -14 -9 -4 4 9 14 20 24 Likely Nil Nil Likelihood Likelihood -23 term solution-13 reduces Short -18 -8 -3 3 8 13 18 23 International impact - International The opportunity is very Enhancement leading to slight injury Possible Possible which public attention. Direct positive impact Rare unlikely to be realised Insignificant and first aid treatment incident Short term environment enhancement AUD $0 - AUD < $ X K EBIT downtime on share price. Potential gain of 0-25% prevention -22 -17 -12 -7 -2 2 7 12 17 22 competitors core client Unlikely Unlikely The opportunity is unlikely Enhancement leading to medical Short to medium term environment A temporary solution or redundancy National impact - National public Unlikely to be realised 26-50% Minor treatment incident prevention enhancement Rare -19 which reduces-11 -16 downtime -6 -1 positive 1awareness.6 11 >AUD $16 to AUD <$ X M EBIT XK 19 Rare Significant Significant Insignificant Insignificant Major Minor Minor Major Moderate Moderate The opportunity will Enhancement leading to lost time Medium term environment initiative that A temporary solution or redundancy Considerable impact - Regional public Opportunity Possible probably be realised Moderate >AUD $ X M to AUD <$ X M EBIT incident prevention can be repeated which prevents downtime positive awareness. Client praise 51-75% Consequence Consequence The opportunity is Enhancement leading to incident Permanent process improvement that Limited impact - Positive local public Likely expected to be realised Major Permanent environment enhancement > AUD $ X M to <AUD $ X M AUD EBIT prevention eliminates potential downtime be pursued and Opportunity should awareness 76-90% Requires Immediate Management Response and Extreme Contingency Plan developed if critical to Extreme Contingency Plan objectives The opportunity is almost A significant permanent process Permanent widespread enhancement Requires Management Response and Almost Certain certain to be released Significant Enhancement leading to Zero Harm improvement that eliminates potential be pursuedimpact - Positive local interest High Opportunity should Slight High > AUD $ XContingency Plan M EBIT that can be replicated at other sites 91-99% downtime and improves efficiency Opportunity should be pursued if cost Medium effective Medium Requires Management Response Likelihood Consequence Safety & Health Environmental Business Interruption Reputational Financial Low Monitor Low Monitor
Categorising information > Key is the ability to develop a common risk environment language > Need to identify the common nature of risks, using business specific terminology. Risk Types Technical Risk Operational Risk Programme Risk > Performance Safety Reliability Resources Information Communication Interfaces Complexity > Phase/work stream/functional/operation/process > Design > Development > etc
The Internal Audit Perspective… > Maturity of Risk Management & Controls frameworks > Understanding the journey > How to add value Risk Framework and Governance Compliance Process risk with policies and control & procedures
Example: Organisation with Mature ERM Organisation wide control environment Process risk & control ERM a Policies & Proceduresa Site Risk Management Cross- Value Divisional Processes Site 1 Site 2 Site 3 Site 4 r a a a a r Value Value Value
Organisation with Immature ERM Organisation wide control environment Process risk & control ERM r Policies & Proceduresr Site Risk Management Cross- Value? Divisional Processes Site 1 Site 2 Site 3 Site 4 r a a r a r Value? Value?
Adding Value > Risk & Control identification  Risk Registers > What is working  Shared knowledge > Findings linked to real risk, not compliance
Getting the risks on the risk register > “The business unit does not have a risk register” > “The business unit does not have a risk register which includes strategic, business, finance and operational risk” > “The business unit has not identified the following risks in their risk register. (risks listed). > Opportunity to highlight Controls that are working
Organisational Wide Consolidation (Enterprise Risk Management) > Visibility & consolidation of critical issues Systemic Strategic Risks Risks Corporate Operational Risks Risks Systemic Strategic Risks Risks Business Risks Operational Risks Systemic Business Risks Risks Project Risks Operational Risks
TPI ERM Configuration • System Aligned to the organisation and reporting structure. • All TPI Staff see full structure (subject to security) • Allow limited access to Third Parties
Regional Portfolio Analysis Regional Business & Strategic Risks Portfolio Analysis Risk Roll up: Understanding and consolidate exposure across Operations. Eg: Systemic Issues, Significant Risks Compound risks Knowledge Sharing Risk Escalation of common risks.
Business Stream Portfolio Analysis Business Stream Business & Strategic Risks Risk Roll up: Understanding and consolidate exposure across streams. Eg: Systemic Issues, Significant Risks Compound Risks Knowledge Sharing Key Business Risks Key Strategic Risks Risk Escalation of common risks. Key learning's and Innovation
Divisional Consolidation Business & Strategic Risks Risk Roll up: Understanding and consolidate exposure across Regions. Eg: Systemic Issues, Significant Risks Compound Risks Knowledge Sharing Key Business Risks Key Strategic Risks Risk Escalation of common risks. Key learning's and Innovation
Corporate Consolidation Business & Strategic Risks Risk Roll up: Understanding and consolidate exposure across Divisions. Eg: Systemic Issues, Significant Risks Compound Risks Knowledge Sharing Key Business Risks Key Strategic Risks Risk Escalation of common risks. Key learning's and Innovation
Business Benefits > Visibility > Common proactive risk & opportunity built around enabling consistent support and understanding > Knowledge Database > Retained risk and opportunity intelligence available across the organisation > Insight from Internal Audit > Risk and control knowledge is shared across the organisation > Value adding findings > Puts organisation is on the path for assurance to be provided
Summary > To Identify and understand the hidden risks. > Develop a common process > Implement consistent language > Ensure risks are understandable > Gain involvement from all > Use history, lessons learnt and other perspectives “There is only one thing more painful than learning from experience - and that is not learning from experience.” Archibald MacLeish American Poet and Critic. 1892-1982 Page 26
Managing Risk Registers – SOPAC® 2013 Getting hidden risks on the 3-6 March 2013 Brisbane radar Karen Tuesley Group Internal Audit Manager Karen.Tuesley@transpac.com.au Karl Davey Chief Risk Officer Karl.Davey@transpac.com.au

Recomendados

Risk Analysis In Business Continuity Management - Jeremy Wong
Risk Analysis In Business Continuity Management - Jeremy WongRisk Analysis In Business Continuity Management - Jeremy Wong
Risk Analysis In Business Continuity Management - Jeremy WongBCM Institute
 
Valuendo Erm In An Extended Environment (March 2007)
Valuendo Erm In An Extended Environment (March 2007)Valuendo Erm In An Extended Environment (March 2007)
Valuendo Erm In An Extended Environment (March 2007)Marc Vael
 
Commercial Resilience in the Real World
Commercial Resilience in the Real WorldCommercial Resilience in the Real World
Commercial Resilience in the Real WorldInsurance Institute for Business & Home Safety
 
Risk Leadership
Risk LeadershipRisk Leadership
Risk LeadershipDr David Hancock
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational riskDiane Christina
 
Risk Management
Risk ManagementRisk Management
Risk ManagementVishal Gholap
 
Analisis de Riesgos O-ISM3
Analisis de Riesgos O-ISM3Analisis de Riesgos O-ISM3
Analisis de Riesgos O-ISM3Conferencias FIST
 
Microsoft power point risk governance-schreckenberg_swissre_idrc_2012
Microsoft power point risk governance-schreckenberg_swissre_idrc_2012Microsoft power point risk governance-schreckenberg_swissre_idrc_2012
Microsoft power point risk governance-schreckenberg_swissre_idrc_2012Global Risk Forum GRFDavos
 

Recomendados

Risk Analysis In Business Continuity Management - Jeremy Wong
Risk Analysis In Business Continuity Management - Jeremy WongRisk Analysis In Business Continuity Management - Jeremy Wong
Risk Analysis In Business Continuity Management - Jeremy WongBCM Institute
 
Valuendo Erm In An Extended Environment (March 2007)
Valuendo Erm In An Extended Environment (March 2007)Valuendo Erm In An Extended Environment (March 2007)
Valuendo Erm In An Extended Environment (March 2007)Marc Vael
 
Commercial Resilience in the Real World
Commercial Resilience in the Real WorldCommercial Resilience in the Real World
Commercial Resilience in the Real WorldInsurance Institute for Business & Home Safety
 
Risk Leadership
Risk LeadershipRisk Leadership
Risk LeadershipDr David Hancock
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational riskDiane Christina
 
Risk Management
Risk ManagementRisk Management
Risk ManagementVishal Gholap
 
Analisis de Riesgos O-ISM3
Analisis de Riesgos O-ISM3Analisis de Riesgos O-ISM3
Analisis de Riesgos O-ISM3Conferencias FIST
 
Microsoft power point risk governance-schreckenberg_swissre_idrc_2012
Microsoft power point risk governance-schreckenberg_swissre_idrc_2012Microsoft power point risk governance-schreckenberg_swissre_idrc_2012
Microsoft power point risk governance-schreckenberg_swissre_idrc_2012Global Risk Forum GRFDavos
 
Risk eng
Risk engRisk eng
Risk engartipradhan
 
Whitepaper: Effective Risk Management – Substance over Form
Whitepaper: Effective Risk Management – Substance over FormWhitepaper: Effective Risk Management – Substance over Form
Whitepaper: Effective Risk Management – Substance over FormCBIZ, Inc.
 
Risk vs. reward decision matrix
Risk vs. reward decision matrixRisk vs. reward decision matrix
Risk vs. reward decision matrixDaniel Feiman, MBA, CMC
 
Enterprise Risk Management Africa 2011 brochure
Enterprise Risk Management Africa 2011 brochureEnterprise Risk Management Africa 2011 brochure
Enterprise Risk Management Africa 2011 brochureTerrapinn
 
Risk Management: One CRO’s thoughts
Risk Management: One CRO’s thoughtsRisk Management: One CRO’s thoughts
Risk Management: One CRO’s thoughtsCapco
 
Ingram Brighton Sh Value
Ingram Brighton Sh ValueIngram Brighton Sh Value
Ingram Brighton Sh Valuedaveingram
 
Stress Testing
Stress TestingStress Testing
Stress Testingnikatmalik
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk TransformationAndrew Smart
 
Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...
Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...
Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...PensionSource
 
Riskpro security audit
Riskpro security auditRiskpro security audit
Riskpro security auditRahul Bhan (CA, CIA, MBA)
 
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMichel Rochette
 
Pandemic - Threat & Opportunity 2010 BCAW Perth Launch
Pandemic - Threat & Opportunity 2010 BCAW Perth LaunchPandemic - Threat & Opportunity 2010 BCAW Perth Launch
Pandemic - Threat & Opportunity 2010 BCAW Perth LaunchB4Crisis
 
The Lesson of Lost Value
The Lesson of Lost ValueThe Lesson of Lost Value
The Lesson of Lost ValueStrategy&, a member of the PwC network
 
L lrcture1industrial talk risk management
L lrcture1industrial talk risk managementL lrcture1industrial talk risk management
L lrcture1industrial talk risk managementBTEC UTeM
 
Wirm brochure
Wirm brochureWirm brochure
Wirm brochureIn-Vehicle-Infotainment
 
Annuity capital risk managment ne act nov 2012
Annuity capital risk managment ne act nov 2012Annuity capital risk managment ne act nov 2012
Annuity capital risk managment ne act nov 2012Kendrick Lombardo
 
People Risk Collateral
People Risk CollateralPeople Risk Collateral
People Risk CollateralRahul Bhan (CA, CIA, MBA)
 
People Risk Collateral
People Risk CollateralPeople Risk Collateral
People Risk CollateralRahul Bhan (CA, CIA, MBA)
 
Concepts and best practices for the risk register in primavera risk analysis
Concepts and best practices for the risk register in primavera risk analysisConcepts and best practices for the risk register in primavera risk analysis
Concepts and best practices for the risk register in primavera risk analysisjisothomas
 
Risky Business: Risk as a Business Case for Knowledge Management
Risky Business: Risk as a Business Case for Knowledge ManagementRisky Business: Risk as a Business Case for Knowledge Management
Risky Business: Risk as a Business Case for Knowledge ManagementBusiness FM 89.9
 
Advanced program management risk mitigation and management
Advanced program management risk mitigation and managementAdvanced program management risk mitigation and management
Advanced program management risk mitigation and managementMarcus Vannini
 
Project risk management
Project risk managementProject risk management
Project risk managementYogender Singh Rana
 

Mais conteúdo relacionado

Mais procurados

Whitepaper: Effective Risk Management – Substance over Form
Whitepaper: Effective Risk Management – Substance over FormWhitepaper: Effective Risk Management – Substance over Form
Whitepaper: Effective Risk Management – Substance over FormCBIZ, Inc.
 
Enterprise Risk Management Africa 2011 brochure
Enterprise Risk Management Africa 2011 brochureEnterprise Risk Management Africa 2011 brochure
Enterprise Risk Management Africa 2011 brochureTerrapinn
 
Risk Management: One CRO’s thoughts
Risk Management: One CRO’s thoughtsRisk Management: One CRO’s thoughts
Risk Management: One CRO’s thoughtsCapco
 
Ingram Brighton Sh Value
Ingram Brighton Sh ValueIngram Brighton Sh Value
Ingram Brighton Sh Valuedaveingram
 
Stress Testing
Stress TestingStress Testing
Stress Testingnikatmalik
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk TransformationAndrew Smart
 
Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...
Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...
Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...PensionSource
 
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMichel Rochette
 
Pandemic - Threat & Opportunity 2010 BCAW Perth Launch
Pandemic - Threat & Opportunity 2010 BCAW Perth LaunchPandemic - Threat & Opportunity 2010 BCAW Perth Launch
Pandemic - Threat & Opportunity 2010 BCAW Perth LaunchB4Crisis
 
L lrcture1industrial talk risk management
L lrcture1industrial talk risk managementL lrcture1industrial talk risk management
L lrcture1industrial talk risk managementBTEC UTeM
 
Annuity capital risk managment ne act nov 2012
Annuity capital risk managment ne act nov 2012Annuity capital risk managment ne act nov 2012
Annuity capital risk managment ne act nov 2012Kendrick Lombardo
 

Mais procurados (18)

Risk eng
Risk engRisk eng
Risk eng
 
Whitepaper: Effective Risk Management – Substance over Form
Whitepaper: Effective Risk Management – Substance over FormWhitepaper: Effective Risk Management – Substance over Form
Whitepaper: Effective Risk Management – Substance over Form
 
Risk vs. reward decision matrix
Risk vs. reward decision matrixRisk vs. reward decision matrix
Risk vs. reward decision matrix
 
Enterprise Risk Management Africa 2011 brochure
Enterprise Risk Management Africa 2011 brochureEnterprise Risk Management Africa 2011 brochure
Enterprise Risk Management Africa 2011 brochure
 
Risk Management: One CRO’s thoughts
Risk Management: One CRO’s thoughtsRisk Management: One CRO’s thoughts
Risk Management: One CRO’s thoughts
 
Ingram Brighton Sh Value
Ingram Brighton Sh ValueIngram Brighton Sh Value
Ingram Brighton Sh Value
 
Stress Testing
Stress TestingStress Testing
Stress Testing
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk Transformation
 
Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...
Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...
Vanguard's presentation on XXXXXXXXX at the PensionSource Fund Manager Confer...
 
Riskpro security audit
Riskpro security auditRiskpro security audit
Riskpro security audit
 
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
 
Pandemic - Threat & Opportunity 2010 BCAW Perth Launch
Pandemic - Threat & Opportunity 2010 BCAW Perth LaunchPandemic - Threat & Opportunity 2010 BCAW Perth Launch
Pandemic - Threat & Opportunity 2010 BCAW Perth Launch
 
The Lesson of Lost Value
The Lesson of Lost ValueThe Lesson of Lost Value
The Lesson of Lost Value
 
L lrcture1industrial talk risk management
L lrcture1industrial talk risk managementL lrcture1industrial talk risk management
L lrcture1industrial talk risk management
 
Wirm brochure
Wirm brochureWirm brochure
Wirm brochure
 
Annuity capital risk managment ne act nov 2012
Annuity capital risk managment ne act nov 2012Annuity capital risk managment ne act nov 2012
Annuity capital risk managment ne act nov 2012
 
People Risk Collateral
People Risk CollateralPeople Risk Collateral
People Risk Collateral
 
People Risk Collateral
People Risk CollateralPeople Risk Collateral
People Risk Collateral
 

Destaque

Concepts and best practices for the risk register in primavera risk analysis
Concepts and best practices for the risk register in primavera risk analysisConcepts and best practices for the risk register in primavera risk analysis
Concepts and best practices for the risk register in primavera risk analysisjisothomas
 
Risky Business: Risk as a Business Case for Knowledge Management
Risky Business: Risk as a Business Case for Knowledge ManagementRisky Business: Risk as a Business Case for Knowledge Management
Risky Business: Risk as a Business Case for Knowledge ManagementBusiness FM 89.9
 
Advanced program management risk mitigation and management
Advanced program management risk mitigation and managementAdvanced program management risk mitigation and management
Advanced program management risk mitigation and managementMarcus Vannini
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk ManagementMarkos Mulat G
 
Risk mangement
Risk mangementRisk mangement
Risk mangementcollege
 
Risk Management
Risk ManagementRisk Management
Risk Managementcgeorgeo
 

Destaque (9)

Concepts and best practices for the risk register in primavera risk analysis
Concepts and best practices for the risk register in primavera risk analysisConcepts and best practices for the risk register in primavera risk analysis
Concepts and best practices for the risk register in primavera risk analysis
 
Risky Business: Risk as a Business Case for Knowledge Management
Risky Business: Risk as a Business Case for Knowledge ManagementRisky Business: Risk as a Business Case for Knowledge Management
Risky Business: Risk as a Business Case for Knowledge Management
 
Advanced program management risk mitigation and management
Advanced program management risk mitigation and managementAdvanced program management risk mitigation and management
Advanced program management risk mitigation and management
 
Project risk management
Project risk managementProject risk management
Project risk management
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Management
 
Risk mangement
Risk mangementRisk mangement
Risk mangement
 
Risk management
Risk managementRisk management
Risk management
 
Risk Management Framework
Risk Management FrameworkRisk Management Framework
Risk Management Framework
 
Risk Management
Risk ManagementRisk Management
Risk Management
 

Semelhante a Managing Hidden Risks with an ERM Approach

The Transitions Group Llc 2009
The Transitions Group Llc 2009The Transitions Group Llc 2009
The Transitions Group Llc 2009John A Deasy
 
D team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqmD team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqmMiraj Mhaisuria
 
Valuendo Erm In An Extended Environment (March 2007)
Valuendo Erm In An Extended Environment (March 2007)Valuendo Erm In An Extended Environment (March 2007)
Valuendo Erm In An Extended Environment (March 2007)Marc Vael
 
Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)bfriday
 
Risk Management - Business Continuity Planning and Management
Risk Management - Business Continuity Planning and ManagementRisk Management - Business Continuity Planning and Management
Risk Management - Business Continuity Planning and ManagementCody Shive
 
Inv306 going social in a world of grc v.1.1
Inv306 going social in a world of grc v.1.1Inv306 going social in a world of grc v.1.1
Inv306 going social in a world of grc v.1.1Arthur Fontaine
 
Dubai Nov08 Erm Gs Khoo
Dubai Nov08 Erm Gs KhooDubai Nov08 Erm Gs Khoo
Dubai Nov08 Erm Gs KhooGuan Khoo
 
CFO Summit XVI - Wheelhouse Advisors LLC
CFO Summit XVI - Wheelhouse Advisors LLCCFO Summit XVI - Wheelhouse Advisors LLC
CFO Summit XVI - Wheelhouse Advisors LLCWheelhouse Advisors LLC
 
"2012 Global Influences on Safety and Health" - 12th Biennial Governor’s P...
"2012 Global Influences on Safety and Health" - 12th Biennial Governor’s P... "2012 Global Influences on Safety and Health" - 12th Biennial Governor’s P...
"2012 Global Influences on Safety and Health" - 12th Biennial Governor’s P...Kathy Seabrook
 
Solvency II IT Impacts
Solvency II IT ImpactsSolvency II IT Impacts
Solvency II IT ImpactsAli BELCAID
 
Captive/CIC Presentation
Captive/CIC PresentationCaptive/CIC Presentation
Captive/CIC Presentationfinhrcllc
 
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...Zanders Treasury, Risk and Finance
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAnand Subramaniam
 
Risk description training 22_dec12
Risk description training 22_dec12Risk description training 22_dec12
Risk description training 22_dec12umar farooq
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planningalanlund
 
Business Continuity Planning Seminar
Business Continuity Planning SeminarBusiness Continuity Planning Seminar
Business Continuity Planning Seminarcmckinney
 

Semelhante a Managing Hidden Risks with an ERM Approach (20)

The Transitions Group Llc 2009
The Transitions Group Llc 2009The Transitions Group Llc 2009
The Transitions Group Llc 2009
 
D team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqmD team weekly powerpoint presentation spqm
D team weekly powerpoint presentation spqm
 
Valuendo Erm In An Extended Environment (March 2007)
Valuendo Erm In An Extended Environment (March 2007)Valuendo Erm In An Extended Environment (March 2007)
Valuendo Erm In An Extended Environment (March 2007)
 
Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)Workshop project risk management (29 june 2012)
Workshop project risk management (29 june 2012)
 
Risk Management - Business Continuity Planning and Management
Risk Management - Business Continuity Planning and ManagementRisk Management - Business Continuity Planning and Management
Risk Management - Business Continuity Planning and Management
 
Inv306 going social in a world of grc v.1.1
Inv306 going social in a world of grc v.1.1Inv306 going social in a world of grc v.1.1
Inv306 going social in a world of grc v.1.1
 
Dubai Nov08 Erm Gs Khoo
Dubai Nov08 Erm Gs KhooDubai Nov08 Erm Gs Khoo
Dubai Nov08 Erm Gs Khoo
 
CFO Summit XVI - Wheelhouse Advisors LLC
CFO Summit XVI - Wheelhouse Advisors LLCCFO Summit XVI - Wheelhouse Advisors LLC
CFO Summit XVI - Wheelhouse Advisors LLC
 
"2012 Global Influences on Safety and Health" - 12th Biennial Governor’s P...
"2012 Global Influences on Safety and Health" - 12th Biennial Governor’s P... "2012 Global Influences on Safety and Health" - 12th Biennial Governor’s P...
"2012 Global Influences on Safety and Health" - 12th Biennial Governor’s P...
 
Riskpro Brief Introduction
Riskpro Brief IntroductionRiskpro Brief Introduction
Riskpro Brief Introduction
 
Solvency II IT Impacts
Solvency II IT ImpactsSolvency II IT Impacts
Solvency II IT Impacts
 
Captive/CIC Presentation
Captive/CIC PresentationCaptive/CIC Presentation
Captive/CIC Presentation
 
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
 
Assess Your Business Continuity Management Process
Assess Your Business Continuity Management ProcessAssess Your Business Continuity Management Process
Assess Your Business Continuity Management Process
 
Interest rate risk modeling day sun_gard_ambit banking
Interest rate risk modeling day sun_gard_ambit bankingInterest rate risk modeling day sun_gard_ambit banking
Interest rate risk modeling day sun_gard_ambit banking
 
Risk description training 22_dec12
Risk description training 22_dec12Risk description training 22_dec12
Risk description training 22_dec12
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity Planning
 
Modern operational risk
Modern operational riskModern operational risk
Modern operational risk
 
Business Continuity Planning Seminar
Business Continuity Planning SeminarBusiness Continuity Planning Seminar
Business Continuity Planning Seminar
 
Riskpro Insurance Services Ver5
Riskpro Insurance Services Ver5Riskpro Insurance Services Ver5
Riskpro Insurance Services Ver5
 

Último

Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxpriyanshujha201
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetDenis Gagné
 
Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaShree Krishna Exports
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...lizamodels9
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 DelhiCall Girls in Delhi
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876dlhescort
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 

Último (20)

Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
 
Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in India
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 

Managing Hidden Risks with an ERM Approach

  • 1. Managing Risk Registers – SOPAC® 2013 Getting hidden risks on the 3-6 March 2013 Brisbane radar Karen Tuesley Group Internal Audit Manager Karl Davey Chief Risk Officer
  • 2. Agenda 1. Setting the Scene – Transpacific Industries 2. Consolidating the risk environment 3. Categorising risk 4. The Internal Audit perspective 5. ERM Consolidation 6. Business Benefits Page 2
  • 3. Australia and New Zealand’s leading waste management provider > Australian publicly listed company with annual revenues of approximately $2b > 380 locations across Australasia > 45 major processing facilities > More than 300 products and services > More than 7,000 staff > Australia‟s largest waste management fleet with more than 3,600 vehicles
  • 5. Behind the scenes processing ‘smarts’ > Australian-first hydrogenation facility > Mineral oil processed and reused as fuel oil and base oils > Used cooking oil refined and reused to enhance stock feed > Liquid and hazardous treatment plants > Wastes disposed of in an environmentally friendly and safe way > Material Recycling Facilities (MRFs) > Co-mix, building and construction, green waste > Convert harmful landfill gas into „green‟ electricity
  • 6. Risk and Assurance Areas of Focus > Corporate Governance & Assurance > Internal Audits > SEQ Audits > Investigations > Faircall (Anonymous ethics whistleblower line) > Fraud & Ethics (Internally reported) > Insurance > Claims Management > Risk Engineering/profiling > Risk Management > ERM Implementation > Business Resilience > Group SEQ Function > Sustainability > SEQ Enhancement & Culture programme
  • 7. The Problem: Silo’ed Risk Management Board Risk Register Audit BU Risk Register BU Risk Register Risks BU Risk BU Risk Register Register Risks Risks Risks
  • 8. The Solution: Enterprise Risk Management (ERM) > A process owned and supported by > The Board > The organisation as a whole > The solution, a risk process which provides > An identification of the widest range of risks > Allow a contribution from all > This means including all stakeholders across our endeavour > A one team approach > Endeavour wide risk management > Raising Risks and potential problems is GOOD. > Culture change > Supportive Management, No blame environment > Management Actions Should be Accountable > Measurable > Auditable
  • 9. Risk Management Process > Common Integrated Process Plan: Set The Context > Safety > Environmental Identify > Business & Strategic Communicate > Business Resilience Govern Assess > Emphasis on Management > Elimination of Threats > Realisation of Opportunities Manage > Control > Recovery > Sharing Best Practice Review & Monitor
  • 10. Consolidating the Risk Envirnoment > Look beyond the silo‟s > Bigger picture > Top down and Bottom up > Business requirements V‟s Operational requirements Business and Strategic Risks Mgt Project / Operational Risks Mgt
  • 11. Rollup of Information Board Risk Register Audit BU Risk BU Risk BU Risk BU Risk Register Register Register Register Risks Risks Risks Risks
  • 12. Risk Assessment Financial Likelihood Consequence Safety & Health Environmental Business Interruption Reputational (Set locally) A significant outage that causes International impact - International Threat is expected to Permanent widespread damage inside irreversible damage to a large number public attention. Direct impact on share Almost Certain occur Significant One or more fatalities (public or > AUD $ X M EBIT or outside of site of customers (impacts viability of the price. Potential loss of long term core 75-99% workers) business) client A significant outage that causes National impact - National public Threat could occur Widespread damage within or outside Likely Major Permanent Injury or Disability widespread damage to customer concern. Leads to share price volatility. > AUD $ X M to <AUD $ X M AUD EBIT 50-74% of site, costly restoration (public or workers) relationships (some permanent) Loss of client. Threat Threat could possibly Recoverable damage with treatment Inconvenience to customers that cause Considerable impact - Regional public Possible occur Moderate Lost Time Injury to worker >AUD $ X M to AUD <$ X M EBIT inside or outside of site some harm to relationships concern. Client Unease 25-49% Injury to member of public Threat is unlikely to occur Short to medium term damage Delay affecting customers but no Unlikely 11-24% Minor Minor Injury to worker medical treatment required requiring possible intervention Opportunity damage to relationships Limited impact - Local public concern Threat $ X K to AUD <$ X M EBIT >AUD Threat may occur in Almost Certain -25 -21 -15 -10 -5 5 10 15 21 25 Almost Certain Short term damage no intervention A temporary delay in servicing a small Slight impact - Public awareness may Rare exceptional circumstances Insignificant AUD $0 - AUD < $ X K EBIT Slight Injury to worker first aid required required number of customers exist but no public concern 0-10% Likely -24 -20 -14 -9 -4 4 9 14 20 24 Likely Nil Nil Likelihood Likelihood -23 term solution-13 reduces Short -18 -8 -3 3 8 13 18 23 International impact - International The opportunity is very Enhancement leading to slight injury Possible Possible which public attention. Direct positive impact Rare unlikely to be realised Insignificant and first aid treatment incident Short term environment enhancement AUD $0 - AUD < $ X K EBIT downtime on share price. Potential gain of 0-25% prevention -22 -17 -12 -7 -2 2 7 12 17 22 competitors core client Unlikely Unlikely The opportunity is unlikely Enhancement leading to medical Short to medium term environment A temporary solution or redundancy National impact - National public Unlikely to be realised 26-50% Minor treatment incident prevention enhancement Rare -19 which reduces-11 -16 downtime -6 -1 positive 1awareness.6 11 >AUD $16 to AUD <$ X M EBIT XK 19 Rare Significant Significant Insignificant Insignificant Major Minor Minor Major Moderate Moderate The opportunity will Enhancement leading to lost time Medium term environment initiative that A temporary solution or redundancy Considerable impact - Regional public Opportunity Possible probably be realised Moderate >AUD $ X M to AUD <$ X M EBIT incident prevention can be repeated which prevents downtime positive awareness. Client praise 51-75% Consequence Consequence The opportunity is Enhancement leading to incident Permanent process improvement that Limited impact - Positive local public Likely expected to be realised Major Permanent environment enhancement > AUD $ X M to <AUD $ X M AUD EBIT prevention eliminates potential downtime be pursued and Opportunity should awareness 76-90% Requires Immediate Management Response and Extreme Contingency Plan developed if critical to Extreme Contingency Plan objectives The opportunity is almost A significant permanent process Permanent widespread enhancement Requires Management Response and Almost Certain certain to be released Significant Enhancement leading to Zero Harm improvement that eliminates potential be pursuedimpact - Positive local interest High Opportunity should Slight High > AUD $ XContingency Plan M EBIT that can be replicated at other sites 91-99% downtime and improves efficiency Opportunity should be pursued if cost Medium effective Medium Requires Management Response Likelihood Consequence Safety & Health Environmental Business Interruption Reputational Financial Low Monitor Low Monitor
  • 13. Categorising information > Key is the ability to develop a common risk environment language > Need to identify the common nature of risks, using business specific terminology. Risk Types Technical Risk Operational Risk Programme Risk > Performance Safety Reliability Resources Information Communication Interfaces Complexity > Phase/work stream/functional/operation/process > Design > Development > etc
  • 14. The Internal Audit Perspective… > Maturity of Risk Management & Controls frameworks > Understanding the journey > How to add value Risk Framework and Governance Compliance Process risk with policies and control & procedures
  • 15. Example: Organisation with Mature ERM Organisation wide control environment Process risk & control ERM a Policies & Proceduresa Site Risk Management Cross- Value Divisional Processes Site 1 Site 2 Site 3 Site 4 r a a a a r Value Value Value
  • 16. Organisation with Immature ERM Organisation wide control environment Process risk & control ERM r Policies & Proceduresr Site Risk Management Cross- Value? Divisional Processes Site 1 Site 2 Site 3 Site 4 r a a r a r Value? Value?
  • 17. Adding Value > Risk & Control identification  Risk Registers > What is working  Shared knowledge > Findings linked to real risk, not compliance
  • 18. Getting the risks on the risk register > “The business unit does not have a risk register” > “The business unit does not have a risk register which includes strategic, business, finance and operational risk” > “The business unit has not identified the following risks in their risk register. (risks listed). > Opportunity to highlight Controls that are working
  • 19. Organisational Wide Consolidation (Enterprise Risk Management) > Visibility & consolidation of critical issues Systemic Strategic Risks Risks Corporate Operational Risks Risks Systemic Strategic Risks Risks Business Risks Operational Risks Systemic Business Risks Risks Project Risks Operational Risks
  • 20. TPI ERM Configuration • System Aligned to the organisation and reporting structure. • All TPI Staff see full structure (subject to security) • Allow limited access to Third Parties
  • 21. Regional Portfolio Analysis Regional Business & Strategic Risks Portfolio Analysis Risk Roll up: Understanding and consolidate exposure across Operations. Eg: Systemic Issues, Significant Risks Compound risks Knowledge Sharing Risk Escalation of common risks.
  • 22. Business Stream Portfolio Analysis Business Stream Business & Strategic Risks Risk Roll up: Understanding and consolidate exposure across streams. Eg: Systemic Issues, Significant Risks Compound Risks Knowledge Sharing Key Business Risks Key Strategic Risks Risk Escalation of common risks. Key learning's and Innovation
  • 23. Divisional Consolidation Business & Strategic Risks Risk Roll up: Understanding and consolidate exposure across Regions. Eg: Systemic Issues, Significant Risks Compound Risks Knowledge Sharing Key Business Risks Key Strategic Risks Risk Escalation of common risks. Key learning's and Innovation
  • 24. Corporate Consolidation Business & Strategic Risks Risk Roll up: Understanding and consolidate exposure across Divisions. Eg: Systemic Issues, Significant Risks Compound Risks Knowledge Sharing Key Business Risks Key Strategic Risks Risk Escalation of common risks. Key learning's and Innovation
  • 25. Business Benefits > Visibility > Common proactive risk & opportunity built around enabling consistent support and understanding > Knowledge Database > Retained risk and opportunity intelligence available across the organisation > Insight from Internal Audit > Risk and control knowledge is shared across the organisation > Value adding findings > Puts organisation is on the path for assurance to be provided
  • 26. Summary > To Identify and understand the hidden risks. > Develop a common process > Implement consistent language > Ensure risks are understandable > Gain involvement from all > Use history, lessons learnt and other perspectives “There is only one thing more painful than learning from experience - and that is not learning from experience.” Archibald MacLeish American Poet and Critic. 1892-1982 Page 26
  • 27. Managing Risk Registers – SOPAC® 2013 Getting hidden risks on the 3-6 March 2013 Brisbane radar Karen Tuesley Group Internal Audit Manager Karen.Tuesley@transpac.com.au Karl Davey Chief Risk Officer Karl.Davey@transpac.com.au