1 / 18

L’Arche Canada’s Audit and Risk Management Plan Presented by: Bernard L’Abbé 2013 General Assembly

L’Arche Canada’s Audit and Risk Management Plan Presented by: Bernard L’Abbé 2013 General Assembly. Summary of presentation. Why has l’Arche Canada chosen to develop an ARMP? What is a risk ? Examples of major risks What is risk management?

eilis
Download Presentation

L’Arche Canada’s Audit and Risk Management Plan Presented by: Bernard L’Abbé 2013 General Assembly

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. L’Arche Canada’s Audit and RiskManagement Plan Presentedby: Bernard L’Abbé 2013 General Assembly

  2. Summary of presentation • Why has l’Arche Canada chosen to develop an ARMP? • Whatis a risk? • Examples of major risks • Whatisrisk management? • Whatis a risk management process? • Importance of corporateethical values • Riskmapping • Whoisresponsible for managingrisks • How does the Boardoverseerisk management • L’Arche Canada’s ARMP categories of risks

  3. Summary of presentation (continued) • L’Arche Canada RiskRegister • Whatshouldbeincluded in a good ARMP? • Document sources • Thankyou • Question period

  4. Why has l’Arche Canada chosen to developan ARMP? • The issue of risk management wasidentifiedduringl’Arche Canada’s last Governance Structure Reviewprocess • L’Arche Canada waslacking a comprehensiverisk management plan and appropriateprocesses • It wasstronglyrecommended by ourAuditors • The implementation of an Audit and Risk Management Plan is a best practice • It is a structuredprocess the enables the Board to betterfulfillit’sfiduciaryresponsabilities • It enablesbetteraccountability to ourfunders

  5. Whatis a risk? • Risktakesmanyforms but, essentially, isanythingthat affects an organisation’sability to meettheir objectives and preserveit’sreputation. (CICA, 2009) • Riskmayappear in a number of categorieswhichinclude: • Compliancerisk • Externalrisk • Financial risk • Governancerisk • Information Technologyrisk • Operationalrisk • Reputationrisk • Strategicrisk

  6. Examples of major risks • Loss of a major source of funding • Unsuccessfulfundraisingprojects • Fraud • Failure of a project or strategic initiative • Inadequateresponse to emmergencies • Excessive increases in the cost of human or otherresources • Actual or allegedsexualmisconduct or abuse by an employee or volunteer • Loss or theft of information • Inability to performcriticalfunctionsthatdepend on technology • Etc.

  7. Whatisrisk management • Risk management includes the culture, processes, and structures that are directedtowards effective management of potentialopportunities and adverse effects. • Risk management involvesasking: • Whatcouldhappenthatwould affect ourability to meetour objectives? • How likelyisit to occur? • How seriousmightitbe? • Whatshouldwe do to reduce the risk? • How canwebeprepared to respond to risk?

  8. Whatis a risk management process? • Risk management processincludes the systematic application of management policies, procedures and practices to the task of establishing the context, identifying, analysing, assessing, managing, monitoring and communicatingrisk. • Commonly-used approches mayinclude a combination of: • Internalprocesses – interviews, questionnaires, brainstorming, etc. • Self-assessement and otherfacilitated workshops • Strenghts , weaknesses, opportunities, and threats (SWOT) analysis • External sources: comparisonswithother organisations, bench-marking, discussions withpeers, risk consultants, etc. • Tools, diagnostics, and processes – checklists, flowcharts, scenario analysis • Audits (e.g. a safety, or environmental, or financial audit)

  9. Importance of corporateethical values • The integrity of an organisation depends on the behaviour and actions of the people in it, whoshould all share the sameunderstanding of ethics – the values and standards thatdetermine how boardmembers, staff, volunteers, and otherstakeholdersbehave and treatothers. • Corporate values are set out in a Code of Conduct: • The boardapproves the Code of Conduct • The board supports the Code and leads by example • Directorsshouldsign the Code of Conductannually • The Code iscommunicated to staff, volunteers and stakeholders • The Code includes sanctions againstthosewhodeviatefromit • The Code isenforced • The code contains provisions for whistle-blowing

  10. Riskmapping

  11. Whoisresponsible for managingrisks • The entireboardisresponsible for oversight of risk. • The boarddelegates to the National Leaders and staff most of the detailed aspects of identifying, assessing, and managing the risksthat the organisation faces – subject to boardpolicy and approval. • Boardsmay chose to create an ARMC. If thisis the case: • The ARMC meetsregularlywith the externalauditor • The group agrees the external audit plan, reviews the externalauditor’sletter, and monitors implementation of actions required as a result • The ARMC isresponsible of ensuringthat the audit, risk management, and control processeswithin the organisation are effective • The ARMC takes a detailedreview of the draftannual plan, the RiskRegister, and the Annual Report and Accountsprior to theirsubmission to Council

  12. L’Arche Canada’scategories of risks • The ARMC has identifiedeightriskcategoriespertaining to l’Arche Canada. They are: • Governance/OrganisationalRisk • Service Delivery/OperationalRisk • Financial Risk • Legal and ComplianceRisk • Technology and Information Management Risk • HumanResourcesRisk • Member Satisfaction/Public Perception Risk • Communication Risk

  13. L’Arche Canada RiskRegister

  14. L’Arche Canada RiskRegister

  15. Whatshouldbeincluded in a good ARMP? • Corporate and Boardapproval, and ongoing support • Code of Conduct • Senior management, staff, and volunteer engagement • Audit and Risk Management Committee • Effective risk management and control processes • Audit and Risk Management Register • Writtenpolicies and procedures • Plan for responding to crisis • Training and Education

  16. Document Sources • Canadian Institute of CharteredAccountants • Oxfam • Risk Management, Standards Australia/New Zealand • Learning about Risks, Choises, Connections, Competencies, 1998 • Enterprise Risk Management, COSO, 2004 • Ministry of Community and Social Services of Ontario • YMCA of Greater Toronto

  17. Thank You • I wish to thank the followingpersons for theirprecious help: • Guillaume Richard • Ian MacKeigan • HolleeCard • Joe Egan • Boardmembers of l’Arche Canada

  18. Question Period QUESTIONS?

More Related