Session 11: Improving the Health of your
University Risk Programs
Presented by:
• Toni Casey
• Harry Rosenthal
University of Queensland
Unimutual
Improving the Health of your
University Risk Programs
Tools for Diagnosis
Therapies for Rehabilitation
ANZUIAG 2010
Toni Casey, UQ
Harry Rosenthal, Unimutual
Risk Program Diagnosis Tools
• Universities have numerous risk related programs:
BCP, risk register reviews, risk assessments, compliance activities, quality assurance activities
• IA can play a useful role in improving the risk
programming and ensuring it is focused on reducing the
most important business risks the university faces.
• Chinese saying: To obtain wisdom you must:
– Read 10,000 books and
– Walk 10,000 miles
In summary success & wisdom is the result of
understanding the 2 dimensions of each endeavor:
The inherent nature of the task itself
Who you are
Diagnosis: The View of Risk Programs
“What Does the Client/Division/Business Unit
Think of Risk Programs/Projects?”
Compliance
Exercise
Typical Characteristics
Management
Excellence
Typical Characteristics
•Requirement made by others
•Aligns to strategic direction
•Part of a growing list of things to do
•Improves efficiency/ effectiveness of
organisation
•Something you will be audited for later
•Not connected to core business
•Meets expressed and un-expressed
objectives of stakeholders
Diagnosis: The View of Risk Professionals
Characteristics
Professional
Life Coach
• Works to understands client needs
and objectives
•Acts as a guide on a journey
•Will constantly support with advice
and direction
•Grows with you
“Who Are
You” Continuum?
Characteristics
•Just following orders.
•Not part of the decision making
process
•Contributes little to “Big Picture”
•One trick pony
Bureaucratic
Apparatchik
Consultant
Quadrant 3 Characteristics
•Low Division engagement but desire
to complete tasks.
•Risk staff: will complete task but
may feel underutilized, frustrated.
Quadrant 4 Characteristics
•
Division engagement, required
nurturing/relevance.
•
Risk staff: will feel energized.
•
Good ground for IA to become
welcome consultants help develop
along continuum. Capture best
practices.
•Good ground for IA to help develop
Division along continuum.
3
4
Compliance
Management Excellence
1
2
Quadrant 2 Characteristics
Quadrant 1 Characteristics
Division will go through motions
with adequate coaxing/threats
•
Risk staff: will feel like a
taskmaster
•
IA should recognise this is a toxic
mixture. Wear protective clothing.
.
Bureaucrat
•
•
Division engagement, but will look for
others to assist and support.
•
Risk staff: will feel overwhelmed with
admin detail, but uninformed &
anxious.
•
Good ground for IA to become
supportive of process, assessing skills
of participants.
Consultant
3
4
Compliance
Management Excellence
1
2
Bureaucrat
Therapy for
the Risk Program
Design; make it simple and fit the organisation
Relevance; user must be able to see it in their
world
Useful; must be tangible benefits for the
organisation
Growth; the process should improve and change
over time
Sensible; the process should encourage use of
common sense
Therapy for the
Risk Professional
Deliver tools that help deliver benefits
Include & involve; make risk part of
decisions
Encourage; support educated risk taking
Teach & learn; it’s not a one way street
Sell the value of risk to the business (not
just another thing to do).
Internal Audit support for
Lifelong Health
Embed risk in Internal Audit Plans
eXplore how risk is considered in practice
Engage with your risk professionals
Review & report on the framework against good
practice
Communicate the need for improved risk
oversight in audit reports
Indicators; keep your eye on indicators of
emerging risks
Support the risk professionals to sell the benefits
Encourage a culture of risk awareness