Post on 29-Mar-2015
transcript
1Risk Reasoning LtdRisk Management Made Easy
Mark Swabey & Stuart Gruszka
“If I were you, I wouldn’t start from here”
Getting Enterprise Risk Management into your organisation
2Risk Reasoning LtdRisk Management Made Easy
Limerick
Dublin
3Risk Reasoning LtdRisk Management Made Easy
The Typical Scenario
UK Combined CodeSarbanes-Oxley,
Turnbull,Basel 2
More Programme, Bid and project risk
assessments? How do I manage them all?
Next product NOW please.
Window of Opportunity…
Earlier completion date? Less testing, less
reliable, more comebacks later
If only they were in tune! Where are the priorities?
what is the best ROI?
4Risk Reasoning LtdRisk Management Made Easy
Enterprise Risk Management
Too much emphasis on financial institutions and jargon
ERM is relevant to our whole business
as long as we are all included
and we define it in our own terms
5Risk Reasoning LtdRisk Management Made Easy
The foundation stones
Management commitment
Involvement of key personnel
Empowerment
Training
Communication
6Risk Reasoning LtdRisk Management Made Easy
The foundation stones
Common framework
“We all agree to do this and do it this way”
Clear objective
Inclusiveness
A simple common process
7Risk Reasoning LtdRisk Management Made Easy
The foundation stones
Process
Quantify
Identify
Respond
Manage
8Risk Reasoning LtdRisk Management Made Easy
The foundation stones
Shared Vocabulary
Chance (Probability)
Impact
Money
Time
Other criteria
9Risk Reasoning LtdRisk Management Made Easy
RiskAid – Other Criteria
What is important to your organisation
Reputation
Quality
Environmental Impact
?
10Risk Reasoning LtdRisk Management Made Easy
Reporting up the ladder
Hierarchical risk assessments
Strategy
ProgrammeProject
Project
Operation
ProgrammeProject
Project
Operation
Operation
Operation
Operation
Operation
Operation
Strategy
ProgrammeProject
Project
ProgrammeProject
Project
Operation
Operation
Operation
Operation
Operation
Operation
Operation
Programme
Strategy
Project
Programme
Operation
Risk Management levels and relationships
Strategy
ProgrammeProject
Project
Operation
ProgrammeProject
Project
Operation
Operation
Operation
Operation
Operation
Operation
StrategyStrategy
ProgrammeProgrammeProjectProject
ProjectProject
OperationOperation
ProgrammeProgrammeProjectProject
ProjectProject
OperationOperation
OperationOperation
OperationOperation
OperationOperation
OperationOperation
OperationOperation
StrategyStrategy
ProgrammeProgrammeProjectProject
ProjectProject
ProgrammeProgrammeProjectProject
ProjectProject
OperationOperation
OperationOperation
OperationOperation
OperationOperation
OperationOperation
OperationOperation
OperationOperation
ProgrammeProgramme
StrategyStrategy
ProjectProject
ProgrammeProgramme
OperationOperation
Risk Management levels and relationships
11Risk Reasoning LtdRisk Management Made Easy
Reporting up the ladder
Including subsidiary assessments
Budgets and Plans
Consequential impact
12Risk Reasoning LtdRisk Management Made Easy
Budgets and Consequential Impact
13Risk Reasoning LtdRisk Management Made Easy
Uncertainty
Hierarchy of Risk (from Risk: Improving government’s capability to handle risk and uncertainty, ref 254205/1102/D16 UK Govt. Strategy Unit, Nov 2002)
14Risk Reasoning LtdRisk Management Made Easy
Managing the assessments
Where do we keep the assessments?secure web or intranet server
How do we access them?via a browser
Who can see what?up to each assessment manager
Who did what, when and why?history and audit trail
What-if?scenarios
15Risk Reasoning LtdRisk Management Made Easy
Uncertainty in RiskAid
Uncertainty in estimates
Uncertainty in chance of risk occurring
Uncertainty of cost of action
Uncertainty in an action solving the risk
16Risk Reasoning LtdRisk Management Made Easy
See the effects of the action by switching it on and off
Is each action cost-effective?
Before proposed action
After proposed action
17Risk Reasoning LtdRisk Management Made Easy
Integrating assessments & plans
Integrate the risk management action plan with the business or project plan.
Allocate resources to the risk management action plan.
Deal with risk management tasks as part of the business or project.
18Risk Reasoning LtdRisk Management Made Easy
Instant Reports and Interactive DisplaysDisplays to help identify risks
19Risk Reasoning LtdRisk Management Made Easy
Instant Reports and Interactive DisplaysDisplays to show the priority risks
20Risk Reasoning LtdRisk Management Made Easy
Instant Reports and Interactive DisplaysDisplays to show the effects of actions
21Risk Reasoning LtdRisk Management Made Easy
Instant Reports and Interactive Displays
Displays to show the risk register, action progress, responsibilities
22Risk Reasoning LtdRisk Management Made Easy
The benefits of sharing
Devolving responsibility
Involvement by all
Encourages problem sharing and solving at each level
Clear responsibilities for each person
Better corporate understanding
Supported by common, integrated, collaborative tools
23Risk Reasoning LtdRisk Management Made Easy
Benefits of web/intranet based support
Controlled access
Controlled remote access
Collaborative environment
High availability
Safe storage
Minimal IT maintenance effort needed
Easy to use
24Risk Reasoning LtdRisk Management Made Easy
Conclusions
Common framework
Common vocabulary
Common process
Common, collaborative support environment
and we keep it simple and easy for all.
Enterprise Risk Management can be beneficial and show a positive return on investment if we have