Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Presentation qrm shc
1. Presentation:
Quality Risk Management
Purpose
To safeguard the organisation, its customers, reputation, assets and the
interests of stakeholders by identifying and managing all risks and to meet
the achievement of its business objectives to ensure that growth is achieved
in a controlled, responsible and sustainable manner.
Peter D. Schellinck Antwerp, 6 June 2011
2. Risk Assessment?
A strategic approach to planning, at all levels and
across all functions of an organization, that
identifies exposures of activities and assists in
making risk adjusted business decisions every day. GET RID OF SILOS
Risk Appetite?
• Risk appetite is the degree of uncertainty an organisation is
willing to accept to reach its goals.
• Risk appetite is a key factor in evaluating strategic options.
• Risk Assessment helps management consider risk appetite
when setting goals that align with overall company strategy,
and managing risks related to that strategy.
Work with the company’s management to decide:
• What is your company’s risk tolerance?
• How much or what are you willing to risk to accomplish the mission or activity?
• How much can your company afford to lose in any one occurrence or in the
aggregate?
3. Understanding the company and the activity
What does the Does the
Company do? activity fit the
(Mission, Goals, Company’s
Objectives) mission, goals,
objectives?
What could happen?
Group Risk
• Could there be bodily
injury, property damage or
Management
other liability exposures Charter
caused by this service or
activity?
• Is there any impact on What is Risk?
workload?
• Could there be any The danger or probability of loss.
damage to the systems?
4. Risk Management Approach
Develop a Group Risk Governance
1. Get a good understanding of the company’s risk profile
2. Manage and monitor the key risk within their tolerances
3. Get Organised: Organisation and Framework
4. Establish a process for assessing risk appetite taking into account:
a) Current risk portfolio
b) External stakeholders expectations: regulators, rating agencies, investors (long
term / short term), employees, customers,…
c) Economic cycles
d) Board of Directors
Risk Management:
1. Driven by strategy
2. Part of the management process of the company
3. Inherent to good governance
5. Risk Assessment: agree on a definition
The conventional approach to risk defines it as being the chance, in quantifiable
terms, of an accident occurrence.
The process of risk assessment and management is generally based on three sets
of sequenced and inter-related activities:
– the assessment of risk in terms of what can go wrong, the probability of it
going wrong, and the possible consequences;
– the management of risk in terms of what can be done, the options and trade-
offs available between the costs, benefits and risks; and
– the impact of risk management decisions and policies on the future options
and undertakings.
Performing each set of activity requires multi-perspective analysis and modelling of
all conceivable sources and impacts of risks as well as viable options for decision
making and management.
6. Risk Assessment structure
Risk Management for each activity consists of:
– Data Model
– Risk Management Processes – Application Development
– RM Framework & Sub-process References
• Definition of Scope and Framework
• Monitor and Review
• Operational Processes
• Risk Acceptance
• Risk Assessment
• Risk Communication
• Risk Treatment
7. Risk Management Infrastructure
Risk Management infrastructure bridges organizational silos to help the organization in its efforts to:
• Synchronize – coordinate risk management across institutional boundaries
• Harmonize – help risk managers all speak the same language and define risk in the same
manner
• Rationalize – eliminate duplication of effort
The goals of a common risk management infrastructure include:
• Get everyone “singing from the same song sheet” – Constrain, guide, or channel
behaviours in ways that align with the goals, strategies, and tactics established by
management and the board
• Create the ability to manage risk exposures so that the organization can take enough of
the right risks to pursue its strategic goals
• Create “risk aware” thinking and decision making at all levels
• Enable appropriate flows of risk information up, down, and across the organization
• Enable and support management of risks at the appropriate level
8. Rules and Regulations: snap shot!
• The framework to be established can be inspired from the recommendations of the Committee of
Sponsoring Organisation of the Treadway Commission (COSO I and II), the Institute of Risk
Management, based on AIRMIC (Association of Insurers and Risk Managers), ISO 31000, the
Australia and New Zealand standard 4360 (AS/NZ 4360 - 1999), the AMRAE (Association pour le
Management des Risques et des Assurances de l’Entreprise), the RIMS (Risk and Insurance
Management Society), ECGI (European Corporate Governance Institute) and other internationally
respected advisers on risk management.
• The Occupational Health and Safety Assessment Series, OHSAS 18000, has been developed to
help organizations control and minimize occupational health and safety risks. OHSAS 18001 is a
specific standard for occupational health and safety management systems designed to eliminate or
minimize the risk to employees and other interested parties who may be exposed to occupational
health and safety risks associated with the business’ activities. OHSAS 18001 is compatible with
ISO 9001 and ISO 14001 management systems. OHSAS 18001 represents a progression of a
management system philosophy, from quality to environmental, continuing to occupational health
and safety.
• One of the main elements of the security amendment of the Community Customs Code
( Regulation (EC) 648/2005) is the creation of the AEO concept. On the basis of Article 5a of the
security amendments, Member States can grant the AEO status to any economic operator meeting
the following common criteria: customs compliance, appropriate record-keeping, financial solvency
and, where relevant, security and safety standards.
Regulatory context:
In Belgium: as from April 6, 2010 a corporate governance statement is mandatory!
9. Risk Management Methodology
Ongoing Risk Assessment
Risk
Identify Analyze Mitigation
Mitigation
Risk Risk Plan
Option
Identify risk by: • Assign owner • Level of effort required
• Evaluate potential impact
• Main assumptions of risk • Estimated cost
• Brainstorm • Estimate probability • Schedule of risk reduction
• Past Experience • Rank and Prioritise Risk activities
• Potential sources Control • Program activities and milestones
• Examine the context • Metrics for tracking & monitoring
• Worst case scenario • Party responsible for managing
Avoidance mitigation & avoidance
• Escalation strategy
Assumption
Lessons
Learned Transfer
Implement
Mitigation
Plan
Monthly
Monitor • Review effectiveness
Reporting
Risk • Review risk approach
• Confirm project/activity is within risk parameters
12. Board Recommendations
To fulfil their responsibilities and to provide value, board members should:
• Put risk on the agenda. Make time for risk before risk demands it.
Every board meeting is not too often to discuss risk.
• Inventory the current risk structure. How are risks managed? Are
silos being bridged?
• Summon the management team. Engage in periodic risk dialogue.
Identify risks that will prevent the organization from executing on its key
strategies.
• Discuss risk scenarios. Where do the greatest opportunities lie? What
could thwart the organization’s strategic objectives?
• Check organizational appetite — and diet. Determine how much risk
the organization is able to take on. How much is it willing to take on?
And how much is it actually taking on? Are these in line?
• Get reasonable assurance. Ask management: How confident are you?
Why?
• Get independent reassurance. Have internal audit or an outside
consultant evaluate the effectiveness of the full risk management
program. Can management’s assurances be relied upon?
13. Risk intelligent
Books have been written on what went wrong. But here’s a quick summary:
1) The potential interaction of multiple risks was underestimated or
disregarded.
2) Probabilistic modelling was overemphasized; shortcuts were taken;
scenario planning was underutilized; transparency into potential issues
was absent.
3) Risk managers were isolated in silos.
4) Warnings were ignored; those who delivered them were dismissed as
naysayers or criticized for not being team players.
5) A short-term perspective with a single-minded focus on making the
quarterly numbers predominated.
6) Companies lacked a comprehensive approach to firm-wide risk
management; authority and responsibility were poorly controlled and
defined.
7) Risk management often focused on compliance rather than
performance, leading to inadequate assessments and responses.
In other words: It’s time to become Risk Intelligent with QRM.
14. QRM: Quality Risk Management 1
1. With QMR, a common definition of risk, which addresses both value
preservation and value creation, is used consistently throughout the
organization.
2. With QMR, a common risk framework supported by appropriate
standards is used throughout the organization to manage risks.
3. With QRM, key roles, responsibilities, and authority relating to risk
management are clearly defined and delineated within the
organization.
4. With QRM, a common risk management infrastructure is used to support
the business units and functions in the performance of their risk
responsibilities.
5. With QRM, governing bodies (e.g., Boards, Audit Committees, etc.) have
appropriate transparency and visibility into the organization’s risk
management practices to discharge their responsibilities.
15. QRM: Quality Risk Management 2
6. With QRM, executive management is charged with primary
responsibility for designing, implementing, and maintaining an
effective risk program.
7. With QRM, business units (departments, agencies, etc.) are responsible
for the performance of their business and the management of risks
they take within the risk framework established by executive
management.
8. With QRM, certain functions (e.g., HR, finance, IT, tax, legal etc.) have
a pervasive impact on the business and provide support to the
business units as it relates to the organization’s risk program.
9. With QRM, certain functions (e.g., internal audit, risk management,
compliance, etc.) provide objective assurance as well as monitor and
report on the effectiveness of an organization’s risk program to
governing bodies and executive management.
16. Matrix for Risk Reporting
Loss of Cash Flow
Financial
50 mln €
20 mln €
10 mln €
5 mln €
1 mln €
0% 20% 40% 60% 80% 100%
0 mln €
17. Sustainability Reporting
Social performance
Our employees
Number of full time employees (FTE)
Gender (female representation) %
Employee engagement %
Performance appraisals %
Safety
Lost time injury frequency (LTIF) frequency
Fatalities number
Economic performance
Revenue Euro million
Electricity cost Euro million
18. Sustainability Reporting
Environmental performance
Energy consumption Other air emissions
Fuel oil 1,000 tonnes SOx 1,000 tonnes
Diesel 1,000 tonnes NOx 1,000 tonnes
Natural gas 1,000 tonnes VOCs 1,000 tonnes
Electricity 1,000 MWh Particulate matters 1,000 tonnes
Energy consumption GJ
Other resource consumption
Steel consumption 1,000 tonnes
Greenhouse gas (GHG) emissions
GHG emissions 1,000 tonnes CO2 Waste total e 1,000 tonnes
– recycled (composting, reused, recycled) 1,000 tonnes
Direct GHG emissions (Scope 1 GHG Protocol) – solid (landfill, on-site storage, incineration) 1,000 tonnes
CO2 1,000 tonnes – hazardous (controlled deposit) 1,000 tonnes
CH4 1,000 tonnes
N2O 1,000 tonnes Water consumption 1,000 m3
HFC 1,000 tonnes – surface water 1,000 m3
– ground water 1,000 m3
PFC 1,000 tonnes
– rain water 1,000 m3
SF6 1,000 tonnes
– municipal water supplies /water utilities 1,000 m3
Indirect GHG emissions (Scope 2 GHG Spills m3
Protocol)
CO2 1,000 tonnes
CH4 1,000 tonnes
N2O 1,000 tonnes
19. Sustainability Reporting
Injuries by activity
Activity Total Total
Equipment Overhaul – Major
Safety drill, training
Insulation/Fire Proofing
Maintenance - Minor
Shore leave Painting/Blasting
Working aloft (at heights)
Crane Operations
Anchor handling
Use Of Power Tools
Small Craft Operations
Falling Object Mooring/Unmooring
Towing Operation
Tank Cleaning
Off-duty activities
Equipment Overhaul – Minor
Cargo Operations
Unknown
Domestic
General Movement Manual Handling
Other
Bunker transfer operation Maintenance – Major
Enclosed space activities
Gangway/pilot operations
Welding/burning Totals