1 / 15

Enterprise Risk & Assurance Management in Zurich North America

Enterprise Risk & Assurance Management in Zurich North America. Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA. Zurich North America.

alvin-wyatt
Download Presentation

Enterprise Risk & Assurance Management in Zurich North America

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA

  2. Zurich North America • Zurich North America, a leader in business insurance, provides property, casualty and specialty insurance and risk management solutions to businesses throughout the United States. Zurich North America also offers customers a range of financial services in more than 60 countries worldwide through the affiliated companies of the Zurich Financial Services Group.

  3. Management focus • Significant risk and control issues • Risk management and control aspects of the operations • Risk identification, quantification and mitigation procedures • Reliable assurance • In short (and in the news!) ….. CORPORATE GOVERNANCE

  4. What is Corporate Governance? • The system by which companies are directed and controlled • The accountability of a board of directors and the chief executive to their stakeholders and the risk management architecture underpinning the actual and perceived fulfillment of this accountability

  5. Corporate Governance components • ICAEW, 2000 ISSN 1367-2517

  6. Corporate Governance best practice • Enterprise Risk Management (ERM): • A rigorous and coordinated approach to assessing and responding to all risks that affect the achievement of an organization’s strategic, operational and financial objectives (a ‘portfolio’ approach) • Chief Risk Officer (CRO) • Assures continuity and consistency in risk management within an organization, bears direct responsibility for directing the organizations entire risk management process.

  7. The Zurich governance solution • Enterprise level: Group Level Governance • Chief Risk Officer: in Group Head Office • ‘Local’ Risk Managers & Networks • Risk Policy Manual & Procedures (ZRP) • Risk Based Capital • Total Risk Profiling (TRP) • Internal Control Assessments (ICA)

  8. Strategy components • Control Environment and Control Activities • Oversight structure and committees • Delegated Authorities and Powers Reserved • Compliance • Security • Risk management policy • Leadership commitment (to risk management)

  9. Strategy components (continued) • Information and Communication • Communicate business objectives • Communication of risk management policy & goals • Internal risk reporting systems • Effective management information

  10. Strategy components (continued) • Risk Assessment • Common risk language and approach • Identify emerging and existing risks • Source emerging and existing risks • Estimate, evaluate and prioritize risks identified • Establish accountability and actions at levels commensurate with risk

  11. Strategy components (continued) • Monitoring • Internal monitoring (of risk management and internal control effectiveness) • Risk Key Performance Indicators • Internal Audit role • Internal Control Reporting

  12. So it’s that easy? No!! • This is a management cultural shift • A change in the “Tone at the Top” is required • The strategy is prioritized: • Initial actions - get momentum; early ‘wins’ • Transform (crawl, walk, run …) • Target end state - level 3 of the Zurich ICA maturity model • Management Board endorsement and active support for the strategy is essential

  13. Assurance? • A positive declaration intended to give confidence • Driver – the level of assurance of the effectiveness of risk management and control required • Low - self-assessment reports within operation • Medium – separate quality assurance activity within, or commissioned by, the operation • High – independent assurance from Internal Audit or other advisors independent of the operation • The higher the assurance level, the higher the cost

  14. Assurance in Zurich North America • Coordinate the results of review activity within the ERM framework: • self-assessments on risk & control issues • underwriting audits • claims technical audits • premium audits • profitability reviews • Internal Audit • External Audit

  15. Finally …. • Any questions? • Any ideas you would like to share? Thank you for your attention, questions & ideas Brian

More Related