Instructors: Kristina Narvaez, MBA Erike Young, MPPA,...
Transcript of Instructors: Kristina Narvaez, MBA Erike Young, MPPA,...
6/23/2013
1
Instructors: Kristina Narvaez, MBA
Erike Young, MPPA, CSP, ARM
Describe the importance of economic intelligence as applied to enterprise-wide risk management (ERM) program goals
Describe business intelligence system functions that apply to ERM
Describe the phases in the implementation of a business intelligence (BI) system for an ERM program
Describe the governance and output elements of information technology ( IT) BI systems as they relate to ERM program goals
Given the assignment of presenting an ERM case to management, recommend the BI systems, information technology (IT) governance practices, and risk outputs that benefit an organization
6/23/2013
2
Blends and analyzes the macro data available from public and private sources with expert risk assessments to produce informed perspectives on potential loss events
It translates external data into risk management information that is used to detect potential threats and opportunities
Used to evaluate changes in macroeconomic information ( inflation, recession, demographics )
Demographic Information
Policy-Making Information
Market Segment Activity
Corporate Sector Activity
National Income Statistics
Foreign Trade Activities
Infrastructure Project Activity
Public Finance Activity
6/23/2013
3
Population Size
Employment
Labor Costs
Regulations
Prices
Consumption Rates
Patents
Designed to plan and control the decision-making information flows that affect upside and downside or risk analysis
It extracts, transform, and load systems data into an integrated structure
It converts Economic Intelligence into monitoring reports
6/23/2013
4
Key Performance Indicators help an organization define and measure progress towards their long-term organizational goals.
Key Performance Indicators are quantifiable measurements, agreed to beforehand, that reflect the critical success factors of an organization.
KRI is a measure used in management to indicate how risky an activity is
KRI give us an early warning to identify a potential event that may harm continuity of the activity/project.
Key risk indicators are metrics capable of showing that the organization is subject or has a high probability of being subject to a risk that exceed the defined risk appetite.
6/23/2013
5
Strategic Risk-Competitive positioning, Interest rate risk spreads, Unemployment, Bankruptcies/foreclosures
Compliance Risk- Product and service standards, Ethical standards, Capital adequacy
Financial Risk-Credit rating, Foreign exchange, Capital adequacy
Operational Risk- People, Processes and Systems
Environmental Risk- Property and premises, Safety, and Weather conditions
Reputation Risk-Fraud, Employee espionage, Dealing with a disaster
6/23/2013
6
Organization’s management has a responsibility to monitor the ERM program’s data for relevance and accuracy
Corporate governance objectives are key to assure proper accountability in monitoring performance reporting, regulatory compliance and data integrity
Uses data from multiple sources into an integrated performance management framework to ensure that there are consistent definitions and calculations in business reporting and analysis
University of California uses IBM’s ERMIS to help them integrate claims data, corporate data, and other data sources to create a centralized data management environment
6/23/2013
7
Summarizes performance status information from multiple source systems
Enables management to monitor both changes in financial results and progress toward key operational targets that are linked to strategic plans and goals
Generate reports showing metrics that are designed as either KPIs or KRIs
Financial Management- Reports include
metrics that show specific goals for revenue growth, profitability, asset efficiency, and ERM index
Revenue- Reports include metrics that show specific goals for market demand assumptions, services growth, customer retention, and realized net value underlying financial statements
6/23/2013
8
Operational-Reports include metrics that
show specific goals for supply chain ( vendor) costs , operational costs, and overhead costs underlying financial reporting statements
Long-Term Asset Management- Reports include metrics that show specific goals for strategic investment, ROI, staff productivity, information technology ROI, and employee retention
6/23/2013
9
Process of comparing results to industry standards in best practices
Risk Factors-The quantitative and qualitative criteria used to evaluate relative loss exposure level
Leading Indicator-A predictor of change at the beginning of an economic cycle
Lagging Indicator-A consequence of change at the end of an economic cycle
Functional and organizational parameters used to evaluate how information requirements relate to job responsibilities
Active Directory- Controls administer user group role assignments, monitor workflow processes and log those who access the controls
6/23/2013
10
Segregation of Duties- Processes that ensure that no one individual has the physical and system access to control all phases ( authorization, custody, and record keeping) of a business process or transaction.
Decision Role Analysis-A process that determines what kinds of decisions are needed, where in the organizational structure those decisions should be made, and to what extent each manager should be involved
Primary Decision Roles- Originate or complete transactions and have direct impact on expense
Contribution Decision Role-Which are responsible for quality control activities and risk monitoring of work that originates in other work functions
Status Decision Roles- Which are responsible for certifying business results and releasing external reports that cover their areas of organizational responsibility
6/23/2013
11
The multidimensional slices of information that connect system users to performance scorecards and analytics for enterprise-wide decisions
Dimensional Design-A business intelligence method used to convert transaction data into hierarchal structure for enterprise-wide decision analysis
Metadata- The data about data that provide context for analyzing transaction facts with efficient structures for grouping hierarchal information
Performance Benchmarking- A process for comparing results to comparable organizations and best practices
6/23/2013
12
BI Planning Reports-Use scenario analysis to show baseline budgets approved by management and the board of directors include financial contingency plans that anticipate different market conditions
BI Analysis Reports- Show how a drill-down-to-details review of root cause performance issues will cover the highest priorities in an organization’s ERM oversight processes
Data Mining-Process of extracting hidden pattern from data that to used in a wide range of application for research and fraud detection
Notification Log-Control document used to monitor risk threshold alert message and to system users.
6/23/2013
13
A set of processes and tools that consistently defines and manages the non transactional data entities of an organization, also called organization reference data
BI data management testing is used to identify problems that can include poor data quality management practices, inconsistent data classification controls, and gaps in data reconciliation activities.
Internal Controls- General Management senior executive
Risks- Risk management senior executive
Corporate policies-Legal senior executive
Regulation- Compliance senior executive
Organization Positions- Human resource senior executive
System Applications-IT senior executive
General Ledger Accountant-Finance/accounting senior executive
6/23/2013
14
Linking KRI metrics and roles creates the elements for managing risk alert notifications
BI administration creates log reports that show the timing of report information generation and risk notification to responsible parties
Information is used to confirm ERM is a continuous process
Asset cost reduction
Asset utilization
Operational risk management
Asset life cycle planning
Asset tax depreciation documentation compliance
6/23/2013
15
Procedures that cover all key business processes
Monitoring processes to ensure effectiveness
Recordkeeping documentation
Quality control preventative and detective activities
Contingency plans
Continuous improvement management
Disk encryption
Data and system backups
Data masking-Hides sensitive information
System log-in password controls
Single sign-on access rights
Data security laws and regulations
6/23/2013
16
IT governance practices for benchmarking
Risk management culture accountability
Risk factor evaluation for emerging risks
Enterprise risk control validation
EI and risk model testing
Enterprise risk management program assessment
BI data structures create the organizational links that show the underlying processes that support risk assessment and related actions plans
BI program from ERM design means that the board and management at multiple levels of organization are able to view risk management and business performance goals
6/23/2013
17
Organizations need economic intelligence for what purpose?
Business intelligence systems are used to transform economic intelligence information into monitoring reports. What is the purpose of monitoring reports?
Define the terms key performance indicators (KPI) and key risk indicators (KRI)?
List the primary business intelligence ( BI) system functions that apply to ERM practices?
Explain the purpose of performance management scorecards?
Describe the three access review levels for assessing risk management accountability and data privileges?