Example: bankruptcy

ISO 31000:2009 & COSO ERM - IIA Indonesia

ISO 31000 : 2009 & coso ERMF acilitators:Dr. Antonius AlijoyoMBA., ERMCP., CERG., CGAP., CCSA., CFSA., CGEIT., CFE-KetuaKomTek03-10 BSN-Founder CRMS Indonesia -KetuaUmumIRMAPAJ akarta, 2018 coso References2 coso frameworks do not replace each other, are distinct, & complimentary2 Internal Control Framework -2013 ERM Framework -2017 coso ReferencesCOSO ERM Framework Integrating with Strategy and Performance3 ERM Framework -2017 Explores ERM and strategy from 3 different perspectives: The possibility of strategy and business objectives not aligning with mission, vision, and values The implications from the strategy chosen Risk to executing the strategyCOSO ReferencesCOSO ERM Framework Integrating with Strategy and Performance4 Focuses on 5 interrelated componentsPlus, introduces 20 principlesCOSO ReferencesCOSO ERM Framework Integrating with Strategy and :Governancesetstheorganization stone,reinforcingtheimportanceof,andesta blishingoversight

COSO References COSO ERM Framework –Integrating with Strategy and Performance 6 3. Performance: Risks that may impact the achievement of strategy and business objectives need to be identified and assessed. Risks are prioritized by severity in the

Tags:

  Business, 2009, Coso, Indonesia, Iso 31000, 31000, 2009 amp coso erm

Information

Domain:

Source:

Link to this page:

Please notify us if you found a problem with this document:

Other abuse

Transcription of ISO 31000:2009 & COSO ERM - IIA Indonesia

1 ISO 31000 : 2009 & coso ERMF acilitators:Dr. Antonius AlijoyoMBA., ERMCP., CERG., CGAP., CCSA., CFSA., CGEIT., CFE-KetuaKomTek03-10 BSN-Founder CRMS Indonesia -KetuaUmumIRMAPAJ akarta, 2018 coso References2 coso frameworks do not replace each other, are distinct, & complimentary2 Internal Control Framework -2013 ERM Framework -2017 coso ReferencesCOSO ERM Framework Integrating with Strategy and Performance3 ERM Framework -2017 Explores ERM and strategy from 3 different perspectives: The possibility of strategy and business objectives not aligning with mission, vision, and values The implications from the strategy chosen Risk to executing the strategyCOSO ReferencesCOSO ERM Framework Integrating with Strategy and Performance4 Focuses on 5 interrelated componentsPlus, introduces 20 principlesCOSO ReferencesCOSO ERM Framework Integrating with Strategy and :Governancesetstheorganization stone,reinforcingtheimportanceof,andesta blishingoversightresponsibilitiesfor, ,desiredbehaviors, :Enterpriseriskmanagement,strategy.

2 Businessobjectivesputstrategyintopractic ewhileservingasabasisforidentifying,asse ssing, ReferencesCOSO ERM Framework Integrating with Strategy and :Byreviewingentityperformance,anorganiza tioncancon-siderhowwelltheenterpriserisk managementcomponentsarefunctioningoverti meandinlightofsubstantialchanges, ,Communication,&Reporting:Enterpriserisk managementrequiresacontinualprocessofobt ainingandsharingnecessaryinformation,fro mbothinternalandexternalsources,whichflo wsup,down, ERM & ISO 31000 coso ERM Board Risk Oversight The board of directors provides oversight of the strategy and carries out governance responsibilities to support management in achieving strategy and business Operating Structures The organization establishes operating structures in the pursuit of strategy and business Desired Culture The organization defines the desired behaviors that characterize the entity s desired Commitment to Core Values The organization demonstrates a commitment to the entity s core , Develops.

3 And Retains Capable Individuals The organization is committed to building human capital in alignment with the strategy and business ERM & ISO 31000 coso ERM in ISO 31000 business Context The organization considers potential effects of business context on risk Risk Appetite The organization defines risk appetite in the context of creating, preserving, and realizing Alternative Strategies The organization evaluates alternative strategies and potential impact on risk business Objectives The organization considers risk while establishing the business objectives at various levels that align and support ERM & ISO 31000 coso ERM Framework9 coso ERM & ISO 31000 coso ERM in ISO 31000 perspective10 coso ERM Risk The organization identifies risk that impacts the performance of strategy and business Severity of Risk The organization assesses the severity of Risks The organization prioritizes risks as a basis for selecting responses to Risk Responses The organization

4 Identifies and selects risk Portfolio View The organization develops and evaluates a portfolio view of ERM & ISO 3100011 coso ERM & ISO 31000 coso ERM in ISO 31000 Substantial Change The organization identifies and assesses changes that may substantially affect strategy and business Risk and Performance The organization reviews entity performance and considers Improvement in Enterprise Risk Management The organization pursues improvement of enterprise risk ERM & ISO 31000 coso ERM Framework13 coso ERM & ISO 31000 coso ERM in ISO 31000 perspective14 coso ERM Information Systems The organization leverages the entity s information and technology systems to support enterprise risk Risk Information The organization uses communication channels to support enterprise risk on Risk, Culture, and Performance The organization reports on risk, culture, and performance at multiple levels and across the ERM & ISO 3100015 coso ERM & ISO 31000 coso ERM in ISO 31000 perspective16 Some Challengeswith coso ERM Understanding the scope17 Enterprise is not the only type of organization that needs risk management (public organizations, project mgt.)

5 Office, program task force).Some Challengeswith coso ERM Understanding the scope18 Not every organization is aiming business -oriented objectives (public sector organizations, social institutions). As a matter of fact, business objectives are only applied to profit-oriented Challengeswith coso ERM Prerequisite to effectiveness19 Not every organization has been matured enough and hasa well-defined strategy in place. Moreover, there is a risk of defining a wrong strategy (which is acknowledged by coso ERM).Some Challengeswith coso ERM Prerequisite to effectiveness20 Having a sound risk management culture, and necessary capabilities to manage risk, integrated with strategy and execution will surely increase the effectiveness of risk management practices.

6 It may not be a problem for (or to apply to) a mature organization with adequate resources, but it will in the context of organizations which don t have such Challengeswith coso ERM Practicing the definition21 Managing the risk, or by definition, managing the possibility that events will occur and affect the achievement of .. might mislead the risk management to focusing only on the preventive actions, whilst in the real life a good risk management even might encourage us in taking more risks, in term of exploiting the opportunity. Some Challengeswith coso ERM Comments from independent parties22 Source: COSOSome Challengeswith coso ERM Comments from independent parties23 Source: COSOS ource: IFAC, AIRMIC, ALARM, IRMSome Challengeswith coso ERM Comments from independent parties24 Source: IFACSome Challengeswith coso ERM Comments from independent parties25 Source: AIRMIC, ALARM, IRMSome Considerations inChoosing ISO 31000 over coso ERM Standard development process26 The Draft International Standard (DIS) is submitted to ISO Central Secretariat by the committee secretary.

7 It is then circulated to all ISO members who then have 12 weeks to vote and comment on it. (The submission interface should be used to submit the draft).The DIS is approved if a two-thirds of the P-members of the TC/SC are in favor and not more than one-quarter of the total number of votes cast are negativeIf the DIS is approved and no technical changes are introduced in the draft, the project goes straight to publication. However, if technical changes are introduced, FDIS stage is : ISO, TC 262 Some Considerations inChoosing ISO 31000 over coso ERM Standard development process27 Source: ISOSome Considerations inChoosing ISO 31000 over coso ERM Integration with other ISO standards28 ISO 31000 RISK 9001 QualityRisk-based thinkingISO 19600 ComplianceISO 19011 AuditMgtSysISO 21500 Project 27001 ISISO 14001 EnvironmentISO 22301 BCMISO 37001 Anti-BriberyBIAB ribery risk assessmentRisk-based approachRisk assessment methodologyEnvironmental risk assessmentRisk-based auditProject risk managementISO 45001 OSHAS(future)Some Considerations inChoosing ISO 31000 over coso ERM29 Integration with other ISO standards, and supports Malcolm Baldrige criteria (KPKU)Source.

8 KBUMNSome Considerations inChoosing ISO 31000 over coso ERM Compatible with and supports SPIP30 coso Internal Control -Integrated Framework (ICIF)Some Considerations inChoosing ISO 31000 over coso ERM Compatible with and supports SPIP31 Some Considerations inChoosing ISO 31000 over coso ERM Compatible with and supports SPIP32 TARGETSome Considerations inChoosing ISO 31000 over coso ERM Compatible with and supports SPIP33 Some Considerations inChoosing ISO 31000 over coso ERM Participations & supports the endorsement of SNI34 Thank You35"This document is intended only for recipients who are authorized to receive it. It may contains confidential and/ or legally privileged information belong to Center for Risk Management Studies Indonesia (CRMS Indonesia ), therefore the authorized recipients shall protect this confidential information disclosed pursuant to provisions of CRMS Indonesia 's policy.

9 Please also be notified that any disclosure, copying, distribution or taking any action based on the contents of this document is prohibited and may be unlawful."


Related search queries