Using The RIMS ERM Starter Kit 2013

RIMS ERM Trajectory of Success
The five stages of RIMS ERM Trajectory of Success are designed to take an
organization from its initial commitment through design, activation, monitoring and
improving its ERM discipline.
Using the RIMS ERM

Starter Kit
Contents of the Starter Kit
Commit
ERM Program Mini Readiness Checklist
ERM Risk Council Charter
RIMS Risk Maturity Model Assessment (link)
Design
Sample Risk Register
Sample ERM Preparatory Interview Worksheet
Risk Log Template
Risk Mapping Using Impact and Likelihood
Risk Ranking Tool
Demo of Risk Ranking Tool (Auto Risks)
Risk Training for Nonprofessionals Template
ERM Executive Report Template (simple)
Sample Annual Report (extended)
RIMS thanks the following contributors to the starter kit:
Grace Crickette, University of California
Radu Demian, University Hospitals
Carol Fox, RIMS
Rupak Mazumdar, George Weston Ltd.
The starter kit is provided to help you overcome the initial hurdles for commitment
and design by providing you with basic ERM materials that other risk professionals
have used successfully.
For more information and training on the RIMS ERM Trajectory of Success, contact
pd@rims.org about our RIMS Accelerating ERM workshop.
Materials are meant for educational and informational purposes. The examples have been provided by knowledgeable individuals. RIMS makes no representations or warranties,
expressed or implied, regarding the materials. Individuals should consult their advisors regarding specific risk management issues.
Copyright 2013 Risk and Insurance Management Society, Inc.
Using the RIMS ERM

Starter Kit
Starting with Commitment
Commit
ERM Program Mini Readiness Checklist
Use the checklist to gauge your starting point.
When considering your assessment, think about
whether the requirements are imposed
internally by management or externally by
regulators, shareholders or others.
Many organizations, whether regulated or not,
use an internationally recognized voluntary
standard such as ISO 31000 as a requirements
guide. Others subscribe to other recognized
frameworks. See RIMS Executive Report on
Widely Used Standards and Frameworks for
additional background.
The readiness checklist may reveal that you
already have a good start, or it may reveal that
you have significant work to do.
Using the RIMS ERM

Starter Kit
Commit
ERM Risk Council Charter
An important part of the commitment stage is to
articulate the purpose, principles, governance and
strategy for your ERM program. Often this takes the
form of a mandate or charter when establishing an
internal risk committee or council. A charter generally
Establishes a purpose and value outcome for the

enterprise
Establishes the guiding principles by understanding
and acknowledging the organizations risk
philosophy, setting the foundation of risk practices
within the organizational context
Establishes a risk governance model that fits your
unique organization, and finally
Determines an ERM strategy that will get the
organization where it wants to go
RIMS Risk Maturity Model for ERM
Using the RIMS ERM

Starter Kit
Commit
RIMS Risk Maturity Model Assessment
With this free assessment, you can evaluate your
organizations risk maturity levels, and determine
where your program can improve.
The assessment is broken down into seven
sections, each focusing on a different core
attribute of ERM. The assessment takes about
fifteen to thirty minutes to complete.
Over 2,000 organizations have already base-lined
their risk maturity levels with the RIMS RMM.
Many come back periodically for a re-assessment
to gauge progress. The assessment is
complimentary, and your results are kept private.
Access at: http://www.rims.org/resources/ERM/Pages/RiskMaturityModel.aspx
Framing the Conversation
Using the RIMS ERM

Starter Kit
Designing a Program
Risk registers can be extremely simple to quite lengthy. Often, the risks are sorted by
categories.
Design
Sample Risk Register
Risk registers are valuable tools to identify, define
and list risks that may positively or negatively
impact an organizations objectives.
When initially starting an ERM program, it is
helpful to have a frame of reference for those
being asked to assess the risks.
This particular sample is organized under two broad categories: Context Risks and
Resource Risks. Context Risks relate to internal and external factors that impact the
environment in which the organization operates or the way business processes are
conducted. Resource Risks relate to the resources used by the organization to
accomplish its objectives.
Engaging the Experts

The preparatory interview worksheet included in the starter kit assumes that
definitions and ratings have been designed. The worksheets purpose is to provide
your experts with food for thought before the interview / voting process begins.
Using the RIMS ERM

Starter Kit
Designing a Program
Design
Sample ERM Preparatory Interview Worksheet
Who best understands the risks that your organization
may be facing? There are a number of different
techniques you may use to gather assessment
information from these individuals.
Two of the most commonly used are:
The Delphi method entails a group of experts who
reply anonymously to questionnaires and
subsequently receive feedback in the form of a
statistical representation of the "group response,"
after which the process repeats itself. The goal is to
reduce the range of responses and arrive at something
closer to expert consensus.
Expert elicitation is a structured process to elicit
subjective judgments from experts. It is widely used in
quantitative risk analysis to quantify uncertainties in
cases where there are no or too few direct empirical
data available to infer on uncertainty.
Both methods require you to prepare the experts to
engage in the interview process.
Keeping a Risk Log

Documenting assessments and who is accountable for doing what by when keeps your
ERM program from becoming a periodic exercise. Unless you have tracking software at
your disposal, this template may help to organize risk activities based on priorities. This
approach can be particularly helpful when assessing risks associated with new
initiatives, projects or launches.
Using the RIMS ERM

Starter Kit
Designing a Program
Design
Risk Log Template
The Risk Log Template provided can be used as

an inventory of risks as they are assessed, and as
decisions are made whether to accept, avoid,
transfer, mitigate and/or exploit the risk.
This is particularly useful in the initial stages of
organizational project or initiative plans, where
the actual treatment plans are as yet
undeveloped. Assignments (accountability) can
be made and monitored for rollout.
Depicting Risk Assessments

Once risk registers have been completed and the risks have been assessed, commonly
the next step is to map risks into a grid highlighting those that require the greatest
management attention. Most commonly, this is done based on impact (severity) and
likelihood (or probability).
Using the RIMS ERM

Starter Kit
Designing a Program
Design
Risk Mapping Using Impact and Likelihood
Impact and likelihood are two of many criteria
that may be used to map risks. Other qualitative
measures to consider might include:
Timing (speed to onset, trigger, duration )

Capacity
Controllability
Visibility (for monitoring)
Interdependencies
Readiness
Degree of confidence
The risk mapping document in the starter kit takes you through a sample, providing
possible definitions for each of these two criteria.
See RIMS Strategic Risk Management Implementation Guide

2012 for other possible approaches.
Beyond Frequency and

Severity
Using the RIMS ERM

Starter Kit
In addition to the blank template, we have

included a demo of the Risk Ranking Tool
for consideration of auto risks in the RIMS
ERM Start Kit. This demo illustrates how the
tool might be used for consideration of
specific risks.
Designing a Program
Design
Risk Ranking Tool
Demo of Risk Ranking Tool (Auto Risks)
The Risk Ranking Tool used at the University of
California is an Excel workbook that includes
macros to assess potential risks, likelihood, time,
financial and reputation severity. The tool
provides a summary worksheet and a chart of
events.
The tools have been provided as is, in

accordance to their original development
and use within the UC system. You may
need to modify the tool somewhat to meet
your organizations terminology and
descriptions.
Explaining Risk Management and ERM to Others
Using the RIMS ERM

Starter Kit
Designing a Program
Design
Risk Training for Nonprofessionals Template
One of the keys to building risk management
capabilities within an organization is to provide
some basic training.
A simple 20-slide power point presentation is
included in our starter kit to explain risk
management - and the risk management process
- to others in your organization. The training can
be delivered in 30-45 minutes.
For more information and training on ERM and specific techniques , contact
pd@rims.org about our RIMS Techniques of Risk Management: Gaining a Competitive
Advantage.
10
Reporting on Risk
Using the RIMS ERM

Starter Kit
Designing a Program
Design
ERM Executive Report Template (simple)
Sample Annual Report (extended)
As part of the risk management process, risks and
controls should be monitored , reviewed and reported
on a regular basis to verify that
assumptions about risks remain valid;
assumptions on which risk assessments are based,
including the external and internal context, remain
valid;
expected results are being achieved within the
organizations risk appetite and tolerance levels;
selected risk treatments are effective;
the appropriate risk information is shared.
Two examples are provided in the starter kit. One is a
template that you can modify for your own purposes.
The other an example extended report from the
University of Californias Office of Risk Services.
11
RIMS ERM Trajectory of Success
Using the RIMS ERM

Starter Kit
The five stages of RIMS ERM Trajectory of Success are designed to take an
organization from its initial commitment through design, activation, monitoring and
improving its ERM discipline.
In Conclusion
Other RIMS Resources for Getting Started
Be sure to check out RIMS Strategic and
Enterprise Risk Center for practical articles,
reports, tips, tools and templates successfully
used by leading risk professionals to advance
your organizations risk capabilities.
The starter kit is provided to help you overcome the initial hurdles for commitment
and design by providing you with basic ERM materials that other risk professionals
have used successfully.
For more information and training, contact pd@rims.org.
12

Using The RIMS ERM Starter Kit 2013

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Using The RIMS ERM Starter Kit 2013

Încărcat de

Drepturi de autor:

Formate disponibile

RIMS ERM Trajectory of Success

Using the RIMS ERM

Copyright 2013 Risk and Insurance Management Society, Inc.

Using the RIMS ERM

Copyright 2013 Risk and Insurance Management Society, Inc.

Using the RIMS ERM

Establishes a purpose and value outcome for the

Copyright 2013 Risk and Insurance Management Society, Inc.

RIMS Risk Maturity Model for ERM

Using the RIMS ERM

Copyright 2013 Risk and Insurance Management Society, Inc.

Framing the Conversation

Using the RIMS ERM

Copyright 2013 Risk and Insurance Management Society, Inc.

Engaging the Experts

Using the RIMS ERM

Copyright 2013 Risk and Insurance Management Society, Inc.

Keeping a Risk Log

Using the RIMS ERM

The Risk Log Template provided can be used as

Copyright 2013 Risk and Insurance Management Society, Inc.

Depicting Risk Assessments

Using the RIMS ERM

Timing (speed to onset, trigger, duration )

See RIMS Strategic Risk Management Implementation Guide

Copyright 2013 Risk and Insurance Management Society, Inc.

Beyond Frequency and

Using the RIMS ERM

In addition to the blank template, we have

The tools have been provided as is, in

Copyright 2013 Risk and Insurance Management Society, Inc.

Explaining Risk Management and ERM to Others

Using the RIMS ERM

Copyright 2013 Risk and Insurance Management Society, Inc.

Using the RIMS ERM

Copyright 2013 Risk and Insurance Management Society, Inc.

RIMS ERM Trajectory of Success

Using the RIMS ERM

Copyright 2013 Risk and Insurance Management Society, Inc.

S-ar putea să vă placă și