DRAFT

Description

Event Management Company Charter document sample

Shared by: jjb12384

Tags

event management, Event Management Company, event management companies, event management services, corporate events, Event planning, Event Company, Corporate Event Management, conference management, How to

Stats

views:: 29
posted:: 2/1/2011
language:: English
pages:: 9

Public Domain

Document Sample

.
.
.
. DRAFT
.
.
.
.
.
.

Enterprise Risk Management
Workgroup

. . . . . . . . .

Workgroup Charter 2006 - Future

Publish Date: / /2006
Revised Date: / /2006

ERM Workgroup Charter Draft
DRAFT

TABLE OF CONTENTS

A. MISSION STATEMENT ....................................................................................... 3
Elizabeth Busch! 5/29/07 11:15 PM
B. INTRODUCTION.................................................................................................. 3
Deleted: 3
C. RISK MANAGEMENT OVERVIEW…………………………………………………3-
Elizabeth Busch! 5/29/07 11:15 PM
5 Deleted: 3
D. VALUE Elizabeth Busch! 5/29/07 11:15 PM
PROPOSITION………………………………………………………………...6 Deleted: 3
E. WORKGROUP PARTICIPANTS……………………………………………………...6
F. GOALS………………………..…………………………………………………………7
G. CONSTRAINTS ................................................................................................... 7
Elizabeth Busch! 5/29/07 11:15 PM
H. ROLES AND RESPONSIBILITIES ................................................................... 7-9
Deleted: 7
I. SUCCESS CRITERIA .......................................................................................... 9
Elizabeth Busch! 5/29/07 11:15 PM
Deleted: 8

Elizabeth Busch! 5/29/07 11:15 PM
Deleted: 9

ERM Workgroup Charter Page 2 of 9
DRAFT

A. MISSION STATEMENT

“The Enterprise Risk Management Workgroup seeks to implement a coordinated
and strategic approach to risk management within the company that will
provide senior management and the Board of Directors with a holistic view of all the
risks facing the organization.”

B. INTRODUCTION

Risk Management is a core business skill. Nearly all business decisions include
elements of risk and opportunity, with the potential to erode or enhance value.
Decision makers must thoughtfully and methodically identify and analyze risk; and
when the decision to pursue an opportunity is made, controls must be implemented
to optimally manage the risk(s) involved and to ensure an appropriate return.

Enterprise Risk Management (ERM) provides a framework for the routine practice of
making informed risk taking decisions throughout the company, the ability to
understand the interrelationships between the component parts of the business and
an appreciation of the broader impact of individual decisions and actions upon other
parts of the enterprise.

The purpose of this Workgroup is to develop the tools and processes to be used to
identify, analyze and manage risk across the enterprise. The Workgroup seeks to
create a competitive advantage through; identifying and managing risks that our
competition might overlook, accepting and successfully managing risks that others
avoid and managing risk at a total lower cost. This policy applies to all of the
organizations and associates.

C. RISK MANAGEMENT OVERVIEW

Managing Risk is a function of:

• Determining the Company/Business Unit “Risk Appetite”: What is the level
of aggregate financial loss the company/business unit can sustain before
significant, negative consequences are manifested? How much
unreserved/unanticipated loss can the company/business unit absorb before
minimum RBC levels are jeopardized, financial and debt ratings are jeopardized,
budgeted growth targets are jeopardized, etc. Are there any naturally occurring
hedges that can be exploited? (Increased unemployment results in lost group
enrollment but increases individual product enrollment) Once the risk appetite is
quantified, you can actively manage risk financing and mitigation programs
towards a goal of preventing losses from exceeding this threshold.
Elizabeth Busch! 5/29/07 11:15 PM
Deleted: 9

ERM Workgroup Charter Page 3 of 9
DRAFT

• Identifying Risks: When attempting to identify risks, the essential question is
“What can go wrong?” What risks are created by pursuing or failing to pursue a
particular strategic course of action, introducing a particular product, performing a
task in a particular manner or the introduction of a new law or regulation? The
fundamental reason for conducting rigorous and continuous risk identification
exercises is that failure to identify and analyze a risk exposure that is part of the
business environment exposes the company/business unit to an event or series
of events that may dramatically impact its operational and financial viability. The
opportunity to plan and implement appropriate risk mitigation strategies to deal
with the exposure will not occur if the risk is not identified.

Risk Identification Tools: Tools available to management include accessing the
expertise and experience of internal resources (Enterprise Risk Mitigation,
Regulatory Assurance, Special Investigations, Clinical Investigations, Internal
Audit, Ethics & Compliance, Legal Services, Marketing), utilizing external
consultants, conducting brainstorming sessions, conducting research, etc.

• Analyzing and Quantifying Risk: The key objectives of risk analysis and
quantification process(es) are to determine the probability, manifestation time,
frequency and severity of identified adverse events. In many instances, it is not
possible to scientifically/mathematically quantify the potential impact of an
event(s). In these situations, rigorous, subjective analysis and the utilization
“expert opinion” must be employed. Thorough risk analysis also includes an
assessment the effectiveness of any current controls/risk mitigation programs,
the aggravating factors that may serve to increase the probability, frequency and
severity of the risk event (I.e. Political factors, lack of action plan/contingency
plan, speed of industry changes, complexity of situation) and the mitigating
factors that may decrease the probability, frequency and severity of the risk
event.

Risk Analysis and Quantification Tools: Risk Mapping (See attachment #),
ROI Calculations, Stochastic Modeling (Financial pro forma modeling based on
“what if” scenarios), Performance benchmarking against industry data, historical
loss/claims experience.

• Implementing Risk Mitigation Controls: The goals of risk mitigation are to
minimize both the frequency and severity of adverse events and decrease their
financial and operational impact on the company/business unit.

Risk Mitigation Tools/Techniques: Elizabeth Busch! 5/29/07 11:15 PM
Deleted: 9

ERM Workgroup Charter Page 4 of 9
DRAFT

Risk Avoidance: Generally not an option unless the risk analysis finds that the
risks significantly outweigh the benefits/opportunities of the contemplated action.

Risk Retention: A company/business unit can knowingly and unknowingly retain
risk. A general “rule of thumb” is that any unidentified risk exposure is a retained
and self-funded exposure. Knowingly retained risks are generally highly
predictable, high frequency, low severity exposures where the company is
comfortable with its ability to prevent and control losses and where the aggregate
amount of anticipated retained loss is less than the cost to transfer the risk to
another party. Risk may also be retained when risk transfer is not available or
the cost to transfer the risk is prohibitive. In these cases, the company must
assure that the risk mitigation programs it has employed to address the exposure
are highly effective.

Risk Transfer: Transferred risks are generally low frequency, high severity
exposures where there is little to no ability to predict the probability of a loss to a
single organization. Again, the cost of the risk transfer mechanism is a key
determinant in a company’s decision. Risk can be transferred to another party
through several means, the most common of which is an insurance policy.
However, risk can also be transferred via a capital market product/vehicle or
through a contractual “non-insurance” transfer to vendor, consultant, etc.

Risk Financing: Risk financing is generally a function of “residual risk transfer”.
A company makes its risk financing decisions based on several factors: Its “Risk
Appetite” (its ability and willingness to retain and effectively manage risk) and the
cost to transfer the risk at the particular point in time when the risk financing
decision is made. Once a risk is identified, analyzed and quantified,
evaluated against the company/business unit “risk appetite” and its potential risk
transfer costs are known, an informed risk financing decision can be made.

Risk Control: Risk Control activities are concerned with minimizing the
frequency and severity of known loss exposures / adverse events. They include
both pre-loss and post-loss activities. The first goal is to prevent the adverse
event from occurring and the second goal is to minimize its financial and
operational impact to the company / business unit if it does happen. (Ex: Driver
screening, driver training vehicle maintenance to prevent auto accidents; use of
seatbelts and purchase of auto insurance to minimize the impact of an accident)
Another risk control technique is the segregation of risk exposure units such that
geographic, business mix, investment vehicle based exposures are adequately
spread or balanced so that an adverse event does not negatively impact all of the
exposure units. (Ex: buildings, stocks and bonds, percentage of business in one
geography or product)

D. VALUE PROPOSITION
Elizabeth Busch! 5/29/07 11:15 PM
Deleted: 9

ERM Workgroup Charter Page 5 of 9
DRAFT

The establishment and persistence of an Enterprise Risk Management Workgroup
will not only meet regulatory and rating agency requirements but also encourage
synergies that will benefit the organization as a whole. The value this Workgroup
delivers is summarized in two broad categories:
1. Maximize efficiencies and reduce costs through scale, standardization and
best practices by:
A. Implementing a single coordinated and standardized approach to risk
assessment and management activities.
B. Develop enterprise-wide risk management policies and parameters.
C. Ensure current risk management policies and processes are consistent with
rating agency standards and industry best practices.
D. Monitor the various local risk management practices and promote
consistency in enterprise-wide risk management processes.
E. Aligning resources for best utilization and eliminating duplicate efforts
whenever possible.
F. Striving for an optimal and uniform enterprise risk management solution
capitalizing on potential business opportunities available through the
acceptance and effective management of risks that our competitors avoid.
2. Provide a coordination point for the Company in regards to the status of
risk management activity by:
A. Enabling the enterprise to capture, store and monitor all risk management
work efforts in an automated manner.
B. Providing a mechanism to communicate progress to date and next steps to
senior management and the Audit Committee.
C. Ensuring a consistent enterprise message regarding the companies’
position and direction on risk management.

E. WORKGROUP PARTICIPANTS

Corporate Risk Control and Assurance will provide direction, oversight and
facilitation for the Enterprise Risk Mitigation Workgroup.

Core Group: Ad Hoc Members:
Enterprise Risk Mitigation IT
RA&I Corporate Communications
SOX Compliance Government Relations
Legal Business Continuity
Ethics and Compliance Human Resources
Internal Audit Corporate Strategy
Actuarial Treasury
Insurance Risk Management

Elizabeth Busch! 5/29/07 11:15 PM
F. GOALS Deleted: 9

ERM Workgroup Charter Page 6 of 9
DRAFT

Corporate Risk Control and Assurance in partnership with Workgroup
representatives on behalf of their respective functions have the following initial goals:

Fundamentals

• Define Risk and risk related terms/language for the organization.
(Risk, Risk Tolerance, Risk Management, Etc.)
• Plan and develop a coordinated annual risk assessment process and
methodology.

10-K Risk Factors and Vendor Risk Assessment

• Score and Rank 10-K Risk Factors and results from vendor Risk Assessment
survey.
• For each risk, identify and map current risk control activities into a central
automated database.
• Evaluate effectiveness of existing controls, identify where improvements are
needed, and identify any additional controls that are needed.

S&P: ERM Components

• Determine the companies’ baseline measurements against S&P ERM Process
Evaluation Criteria. (Risk Management Culture, Risk Controls, Extreme Event
Management, Risk and Capital Models, Strategic Risk Management)
• Develop, implement and monitor action plans around each element designed to
bring the companies to an overall S&P ERM Classification Rating of Excellent

G. CONSTRAINTS

1. None at this time.

H. ROLES AND RESPONSIBILITIES
Elizabeth Busch! 5/29/07 11:15 PM
Deleted: 9

ERM Workgroup Charter Page 7 of 9
DRAFT

The following chart depicts roles and responsibilities for the internal constituents
impacted by regulations.

Role Member Responsibility
Program Corporate Risk • Design and implement a Workgroup
Executive Control and structure.
Assurance • Recommends appointment of members to
the Regulatory Advisory and Response
Committee.
• Chairs the Enterprise Risk Management
Workgroup.
• Provides management, leadership and
strategy direction to the Workgroup to meet
all goals.
• Secures funding, resources and corporate
commitment.
• Provides periodic reporting to executive
management and the Audit Committee via
monitoring the status of the Enterprise Risk
Management initiative.
• Coordinates the Enterprise Risk
Management Workgroup meetings and
functions.
• Coordinates Regulatory Advisory and
Response Committee issue resolution
activities.
• Recommends changes to Enterprise Risk
Management initiative scope.
•
Executive Includes but not • Ensures that the Workgroup meets its
Management limited to: objectives and has the necessary funding
• Chief Financial and resources.
Officer • Ensures Workgroup is responsive to the
• Chief business priorities and the appropriate
Compliance business unit staff and level of priority is
Officer assigned.
• General Counsel • The final authority on issues escalated from
the Workgroup.
• Ensures resolution of critical business and
initiative issues.
• Addresses key decisions in a timely fashion.
Program Members of the • Ensures that status reports are prepared
Directors Workgroup who and provided to the Enterprise Risk
manage enterprise Management Workgroup. Elizabeth Busch! 5/29/07 11:15 PM
Deleted: 9

ERM Workgroup Charter Page 8 of 9
DRAFT

Role Member Responsibility
programs. • Ensures that issues are elevated, resolved,
and that the resolution is communicated
appropriately.
• Ensures that scope change requests are
addressed and that the resolution is
communicated appropriately.
• Stays informed on new and changing risk
management related issues and
communicates these changes to the rest of
the company and the Workgroup.
• Reviews, evaluates, and updates risks and
opportunities on a regular basis.

I. SUCCESS CRITERIA

Success of the Enterprise Risk Management Workgroup would result in the following:
• A 2007 S&P ERM Classification of “Excellent”.
• Implementation and documented use of standardized risk related tools,
terms/language across the enterprise for the 2007 annual plan process.
• Implementation of a strategic and coordinated risk assessment and mitigation
planning process for 2007.
• No material losses from previously unidentified risks.

Elizabeth Busch! 5/29/07 11:15 PM
Deleted: 9

ERM Workgroup Charter Page 9 of 9

Related docs