1 / 19

Governance, Risk Management and Compliance: Summary of Basic Concepts & Program Goals

Governance, Risk Management and Compliance: Summary of Basic Concepts & Program Goals. Bob Kotic Chief Financial Officer University of Sydney. Questions that need Answers. What are the greatest risks facing the University? How does the University manage them? How do we monitor them?.

meda
Download Presentation

Governance, Risk Management and Compliance: Summary of Basic Concepts & Program Goals

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Governance, Risk Management and Compliance:Summary of Basic Concepts & Program Goals Bob Kotic Chief Financial Officer University of Sydney

  2. Questions that need Answers • What are the greatest risks facing the University? • How does the University manage them? • How do we monitor them?

  3. Risk Management Governance Compliance Definitions • Corporate Governance:The systems and processes by which the University is directed, controlled and held to account • Risk: The potential for an event to occur that could have an effect on the University’s objectives or operations • Risk Management: The culture, processes and structures that are directed to the effective management of potential opportunities and adverse effects • Compliance: The systems and processes that ensure conformity with business rules, policy and legislation

  4. Data Academic Processes Legal IT StaffDevelopment Security Protection PhysicalSecurity Fraud Insurance OHS ErrorReporting University’s Current Approach to Risk Management • Silo approach to dealing with risk • Specific administrative units have responsibility for specific risks • Hazard (Physical Risk) • Financial Threats • “Acts of God”

  5. Staff Development Asset Management Fraud IP Management OHS Faculties Compliance Physical Security Data Protection Legal

  6. Program Goals • Develop and implement an integrated approach to risk management and compliance and in turn, provide the framework to allow the University to demonstrate appropriate standards of governance.

  7. Program Goals cont’d • Create a culture of risk awareness within the University which will promote the appropriate management of risk and compliance; minimising potential negative events and maximising the ability to seize opportunities.

  8. Program Objectives • Identify major risks inherent in the University’s operating environment & review the effectiveness of existing control measures. • Develop new and more effective tools for monitoring and managing these risks. • Develop a framework to connect the various disciplines currently managing risk to provide a consistent response to risks. • Align current activities, policies and procedures with the University’s overall strategy and streamline deficient processes.

  9. Program Objectives cont’d • Educate staff in the University’s suite of policies, procedures and internal controls. • Assign responsibilities for projects, activities, controls and compliance where there is no clear leader. • Define key performance indicators and early warning systems to ensure quick response to risk. • Provide regular reporting to senior management, Senior Executive Group and the Audit & Risk Management Committee on risk management activities and internal controls.

  10. Integrated Approach to Governance, Risk Management & Compliance Common view of risk Information Decisions, Direction, Controls Understanding Dependencies Source:Barclay’s BankGroup Operational Risk

  11. Risk Management Controls Benefits to the University Improved: • Management Control & Administration • Decision Making • Resource Management • Ability to meet Strategic Targets Staff Development Legal Data Protection Physical Security Compliance Asset Management OHS Fraud IP Management Faculties

  12. Typical Areas of Concern • Alignment of current policies, procedures and processes • Strategic Planning • Contracting/Litigation • Consistency in Technology • Consistency in Human Resources

  13. Typical Areas of Concern cont’d • Accountability for Legal Compliance • Management of assets (including acquisition and disposal) • Provision of advice/consultancy agreements • Business Continuity

  14. Next Steps • Identify the top operational risks to the University • Develop methodology to identify risks • the initial focus on risks and potential exposures that are currently controlled through central administrative support activities • Select a risk area and complete full review to pilot an approach • Prioritise remaining risks

  15. Next Steps cont’d • Review the control measures relating to the administrative and financial processes that are currently in place to determine adequacy • Determine new procedures and control measures required and subsequent costs

  16. Risks identified & Control Measures developed Academic Support Administrative Support College Risk Manager Colleges

  17. Outcome • List of top ten risks within the University • A risk treatment plan (control measures) by which each risk is managed • Risk and treatment plan assigned to a department/individual • Performance measures that risks are reported against

  18. Outcome cont’d • Document as Risk Management Plan • Communication and Training in new controls, policies and procedures • Structure within Colleges to assist with implementation • Set of procedures which can be audited to ensure compliance

  19. Questions ?

More Related