6/23/2013

1

Instructors: Kristina Narvaez, MBA

Erike Young, MPPA, CSP, ARM

Describe the importance of economic intelligence as applied to enterprise-wide risk management (ERM) program goals

Describe business intelligence system functions that apply to ERM

Describe the phases in the implementation of a business intelligence (BI) system for an ERM program

Describe the governance and output elements of information technology ( IT) BI systems as they relate to ERM program goals

Given the assignment of presenting an ERM case to management, recommend the BI systems, information technology (IT) governance practices, and risk outputs that benefit an organization

6/23/2013

2

Blends and analyzes the macro data available from public and private sources with expert risk assessments to produce informed perspectives on potential loss events

It translates external data into risk management information that is used to detect potential threats and opportunities

Used to evaluate changes in macroeconomic information ( inflation, recession, demographics )

Demographic Information

Policy-Making Information

Market Segment Activity

Corporate Sector Activity

National Income Statistics

Foreign Trade Activities

Infrastructure Project Activity

Public Finance Activity

6/23/2013

3

Population Size

Employment

Labor Costs

Regulations

Prices

Consumption Rates

Patents

Designed to plan and control the decision-making information flows that affect upside and downside or risk analysis

It extracts, transform, and load systems data into an integrated structure

It converts Economic Intelligence into monitoring reports

6/23/2013

4

Key Performance Indicators help an organization define and measure progress towards their long-term organizational goals.

Key Performance Indicators are quantifiable measurements, agreed to beforehand, that reflect the critical success factors of an organization.

KRI is a measure used in management to indicate how risky an activity is

KRI give us an early warning to identify a potential event that may harm continuity of the activity/project.

Key risk indicators are metrics capable of showing that the organization is subject or has a high probability of being subject to a risk that exceed the defined risk appetite.

6/23/2013

5

Strategic Risk-Competitive positioning, Interest rate risk spreads, Unemployment, Bankruptcies/foreclosures

Compliance Risk- Product and service standards, Ethical standards, Capital adequacy

Financial Risk-Credit rating, Foreign exchange, Capital adequacy

Operational Risk- People, Processes and Systems

Environmental Risk- Property and premises, Safety, and Weather conditions

Reputation Risk-Fraud, Employee espionage, Dealing with a disaster

6/23/2013

6

Organization’s management has a responsibility to monitor the ERM program’s data for relevance and accuracy

Corporate governance objectives are key to assure proper accountability in monitoring performance reporting, regulatory compliance and data integrity

Uses data from multiple sources into an integrated performance management framework to ensure that there are consistent definitions and calculations in business reporting and analysis

University of California uses IBM’s ERMIS to help them integrate claims data, corporate data, and other data sources to create a centralized data management environment

6/23/2013

7

Summarizes performance status information from multiple source systems

Enables management to monitor both changes in financial results and progress toward key operational targets that are linked to strategic plans and goals

Generate reports showing metrics that are designed as either KPIs or KRIs

Financial Management- Reports include

metrics that show specific goals for revenue growth, profitability, asset efficiency, and ERM index

Revenue- Reports include metrics that show specific goals for market demand assumptions, services growth, customer retention, and realized net value underlying financial statements

6/23/2013

8

Operational-Reports include metrics that

show specific goals for supply chain ( vendor) costs , operational costs, and overhead costs underlying financial reporting statements

Long-Term Asset Management- Reports include metrics that show specific goals for strategic investment, ROI, staff productivity, information technology ROI, and employee retention

6/23/2013

9

Process of comparing results to industry standards in best practices

Risk Factors-The quantitative and qualitative criteria used to evaluate relative loss exposure level

Leading Indicator-A predictor of change at the beginning of an economic cycle

Lagging Indicator-A consequence of change at the end of an economic cycle

Functional and organizational parameters used to evaluate how information requirements relate to job responsibilities

Active Directory- Controls administer user group role assignments, monitor workflow processes and log those who access the controls

6/23/2013

10

Segregation of Duties- Processes that ensure that no one individual has the physical and system access to control all phases ( authorization, custody, and record keeping) of a business process or transaction.

Decision Role Analysis-A process that determines what kinds of decisions are needed, where in the organizational structure those decisions should be made, and to what extent each manager should be involved

Primary Decision Roles- Originate or complete transactions and have direct impact on expense

Contribution Decision Role-Which are responsible for quality control activities and risk monitoring of work that originates in other work functions

Status Decision Roles- Which are responsible for certifying business results and releasing external reports that cover their areas of organizational responsibility

6/23/2013

11

The multidimensional slices of information that connect system users to performance scorecards and analytics for enterprise-wide decisions

Dimensional Design-A business intelligence method used to convert transaction data into hierarchal structure for enterprise-wide decision analysis

Metadata- The data about data that provide context for analyzing transaction facts with efficient structures for grouping hierarchal information

Performance Benchmarking- A process for comparing results to comparable organizations and best practices

6/23/2013

12

BI Planning Reports-Use scenario analysis to show baseline budgets approved by management and the board of directors include financial contingency plans that anticipate different market conditions

BI Analysis Reports- Show how a drill-down-to-details review of root cause performance issues will cover the highest priorities in an organization’s ERM oversight processes

Data Mining-Process of extracting hidden pattern from data that to used in a wide range of application for research and fraud detection

Notification Log-Control document used to monitor risk threshold alert message and to system users.

6/23/2013

13

A set of processes and tools that consistently defines and manages the non transactional data entities of an organization, also called organization reference data

BI data management testing is used to identify problems that can include poor data quality management practices, inconsistent data classification controls, and gaps in data reconciliation activities.

Internal Controls- General Management senior executive

Risks- Risk management senior executive

Corporate policies-Legal senior executive

Regulation- Compliance senior executive

Organization Positions- Human resource senior executive

System Applications-IT senior executive

General Ledger Accountant-Finance/accounting senior executive

6/23/2013

14

Linking KRI metrics and roles creates the elements for managing risk alert notifications

BI administration creates log reports that show the timing of report information generation and risk notification to responsible parties

Information is used to confirm ERM is a continuous process

Asset cost reduction

Asset utilization

Operational risk management

Asset life cycle planning

Asset tax depreciation documentation compliance

6/23/2013

15

Procedures that cover all key business processes

Monitoring processes to ensure effectiveness

Recordkeeping documentation

Quality control preventative and detective activities

Contingency plans

Continuous improvement management

Disk encryption

Data and system backups

Data masking-Hides sensitive information

System log-in password controls

Single sign-on access rights

Data security laws and regulations

6/23/2013

16

IT governance practices for benchmarking

Risk management culture accountability

Risk factor evaluation for emerging risks

Enterprise risk control validation

EI and risk model testing

Enterprise risk management program assessment

BI data structures create the organizational links that show the underlying processes that support risk assessment and related actions plans

BI program from ERM design means that the board and management at multiple levels of organization are able to view risk management and business performance goals

6/23/2013

17

Organizations need economic intelligence for what purpose?

Business intelligence systems are used to transform economic intelligence information into monitoring reports. What is the purpose of monitoring reports?

Define the terms key performance indicators (KPI) and key risk indicators (KRI)?

List the primary business intelligence ( BI) system functions that apply to ERM practices?

Explain the purpose of performance management scorecards?

Describe the three access review levels for assessing risk management accountability and data privileges?

6/23/2013

18

List the five phases in BI ERM implementation?

Define risk information mapping?

State the importance of creating BI reports for risk control roles and notification?

Explain how a BI system can assist an organization with risk factor evaluations for emerging risks?