maryland association of boards of education insurance...
TRANSCRIPT
Maryland Association of Boards of Education
Insurance ProgramsENTERPRISE RISK MANAGEMENT
John Magoon, ARM‐(P, E), CBCP, MBCIRisk Management Officer, MABE
[email protected]‐603‐0399
A PERFECT DAY
0
0.2
0.4
0.6
0.8
1
1.2
1 2 3 4 5 6 7 8 9 10
Our Goals
Actual Goal
Maryland Association of Boards of Education 25/11/2015
Your Risk Management Program?
• Do you have a Risk Management Program?• Are Operations Evaluated?• Who Evaluates Proposals?• Who has Authority to Make Decisions?• Is there Leadership?• Management Support?
Maryland Association of Boards of Education 35/11/2015
Traditional Risk Management
• Transfers Risk through buying Insurance• Only Pure Risk not Speculative Risk• Manages Operational and Hazard Risks
– Employee Injuries– Property Losses– Liability Losses– Auto Accidents
• Takes a Defensive Posture
Maryland Association of Boards of Education 45/11/2015
Maryland Association of Boards of Education
TRADITIONAL RISK MANAGEMENT
• RISK FINANCING– Retention– Contractual Transfer for Risk Financing (Insurance)
• RISK CONTROL– Exposure avoidance– Loss Prevention– Loss Reduction– Segregation of exposures– Contractual Transfer for Risk Control
55/11/2015
Maryland Association of Boards of Education
Risk Management• What is Risk? • Its about choices – they can be emotional.• Human behavior is driven by “perception of risk”.
• Perception of risk is personal, but often influenced by other forces.
65/11/2015
Maryland Association of Boards of Education 75/11/2015
Maryland Association of Boards of Education
Risk Management
• ISO31000 defines Risk as….
“The Effect of Uncertainty on Objectives”.
85/11/2015
Maryland Association of Boards of Education 95/11/2015
Maryland Association of Boards of Education 105/11/2015
Maryland Association of Boards of Education 115/11/2015
• 2012 ‐ The institute of Internal Auditors, Inc . and RIMS. Maryland Association of Boards of
Education 125/11/2015
Evolution of ERM• 1987 – ISO 9000 first published• 1992 ‐ COSO publishes Internal Control Framework• 1999
– AS/NZS 4360 ‐ Australian Risk Management Standards
• 2002 ‐ Enron Failed– SOX Section 404 requires companies to provide an assessment of internal risk control measures.
• 2004– Basel II – Established capital requirements for Banks– COSO published ERM Framework
Maryland Association of Boards of Education 135/11/2015
Evolution of ERM
• 2007‐2008 – Financial Crisis –– Dodd Frank requires banks to have Risk Committees– SEC requires companies to disclose board risk oversight activities
– NAIC – “Own Risk and Solvency Assessment”
• 2008 –• BS31100 ‐ British Standard on Risk Management Code
of Practice
Maryland Association of Boards of Education 145/11/2015
Evolution of ERM
• 2009 –– SAS 115 and Solvency II
• SAS 115 ‐ requires public companies to focus on Internal Controls
• Solvency II – EU Regulatory Standard for Insurers
–Basel III• Addresses deficiencies identified after the Financial Crisis
Maryland Association of Boards of Education 155/11/2015
Evolution of ERM
• 2009 – Enterprise Risk Management– ISO 31000:2009 ‐ Principles and Guidelines on Implementation
– ISO/IEC 31010:2009 ‐ Risk Management ‐ Risk Assessment Techniques
– ISO Guide 73:2009 ‐ Risk Management ‐ Vocabulary• 2012 –
– ISO 21500 ‐ Guidance on Project Management – ISO 22301 ‐ Societal Security ‐ Business Continuity Management Systems
Maryland Association of Boards of Education 165/11/2015
ISO’s perspective on Risk Management
Maryland Association of Boards of Education 175/11/2015
Enterprise Risk Management
• For Public Entities?
5/11/2015 Maryland Association of Boards of Education 18
Why ERM?
• The majority of losses are uninsured– Only 20% – 30 % are insurable
• New Global Threats Require a Broad Focus– Pandemics, Cyber Attacks, Global Economy
• We Need all Stakeholders to be Risk Aware– to increase the likelihood of an organization achieving its objectives by being in a position to manage threats and adverse situations and being ready to take advantage of opportunities that may arise.
Maryland Association of Boards of Education 195/11/2015
Enterprise Risk Management
• Use an ERM Framework during Strategic Planning to align an Organizations risk appetite with inherent risks.
• ERM can: – identify risks and minimize threats– allow an organization to select the most effective methods of deploying Capital
– reduce the cost of Capital – optimize Capital Allocation
• ERM identifies and allows opportunities to be pursued
Maryland Association of Boards of Education 205/11/2015
Peter Drucker, 1963
3 Components of an Effective Manager1. Analyzing available opportunities to produce
results and developing an understanding of their costs.
2. Committing resources to pursue the most promising opportunities.
3. When some lead to results and others do not, deciding which should receive more resources and which should be abandoned.
5/11/2015 Maryland Association of Boards of Education 21
DIRTFT
• Establish a Culture of:“Do it Right the First Time”
Maryland Association of Boards of Education 225/11/2015
5/11/2015 Maryland Association of Boards of Education 23
5/11/2015 Maryland Association of Boards of Education 24
5/11/2015 Maryland Association of Boards of Education 2525
Uninsured Costs (examples)• Employee benefits & wage continuation• Investigation• Supervisory time• Claims handling time• Reports and paperwork• Equipment damage and third‐party liability• Rescheduling staff• Overtime• Retraining• Reduced productivity and morale• Increased workers’ compensation costs• Hiring and selection costs• Reputation
Maryland Association of Boards of Education 265/11/2015
ISO 31000
• A voluntary Standard, not auditable/certifiable• 31000 ‐ Risk Management Principles & Guidelines
• 31004 – Implementation Guide for ISO 31000• 31010 – Risk Assessment Methods• Guide 73 – Risk Management Terminology
Maryland Association of Boards of Education 275/11/2015
ISO 31000 ERM Framework
Maryland Association of Boards of Education 285/11/2015
Maryland Association of Boards of Education
The Program Needs to be Based on Certain Principles
The Program Needs to be Based on Certain Principles
The Framework requires Support, defines who does what, and provides a continuous process of managing risk
The Framework requires Support, defines who does what, and provides a continuous process of managing risk
295/11/2015
The Process
• After establishing the “Context”, Apply the “Risk Assessment” Process, and continually monitor, review and improve
Maryland Association of Boards of Education 305/11/2015
SWOT Analysis Table
Strengths Weaknesses
Internal List assets, competencies, or attributes that
enhance competivenessPrioritize based on the quality of the strength and the relative importance of the strength
List lacking assets, competencies, or attributes that diminish competiveness.
Prioritize based on the seriousness of the weakness and the relative importance of the
weakness.
Opportunities Threats
External
List conditions that could be exploited to create a competitive advantage.
Prioritize based on the potential of exploiting the opportunities.
List conditions that diminish competitive advantage.
Prioritize based on the seriousness and probability of occurrence.
Note strengths that can be paired with opportunities as areas of competitive
advantage
Note weaknesses that can be paired with threats as risks to be avoided.
Maryland Association of Boards of Education 315/11/2015
http://www.ucop.edu/enterprise‐risk‐management/index.htmlMaryland Association of Boards of
Education 325/11/2015
Enterprise Risk Management
• It requires Leadership• Collaborate – Use a Risk Committee?• ERM is a Silo Buster! • ERM = “Everyone is a Risk Manager”
• Board, Superintendant, Directors, Staff• Consider “Total Cost of Risk”
– Use: • Key Performance Indicators (KPI’s – Trailing) • Key Risk Indicators (KRI’s ‐ Leading) to measure performance.
Maryland Association of Boards of Education 335/11/2015
Maryland Association of Boards of Education
Risk and Organizational Goals
• What does “Risk” mean to an Organization?– Governance– Public Perception/Image– Ability to reach goals, or its “Mission”
• Budget efficiency• Ability to provide services ‐ productivity• The quality of services provided• Continuous Improvement?
• Risks are; STRATEGIC – FINANCIAL – OPERATIONAL –COMPLIANCE ‐ REPUTATIONAL
345/11/2015
Questions and Answers
• What can you do?– Elevator speech to sell ERM– Identify and break down Silo’s– Gain Support from Management– Promote the passage of a Policy– Assess Risks– Use measures to track goals and objectives
Maryland Association of Boards of Education 355/11/2015
Maryland Association of Boards of Education
Insurance ProgramsENTERPRISE RISK MANAGEMENT
QUESTIONS?
John Magoon, ARM‐(P, E), CBCP, MBCIRisk Management Officer, MABE
[email protected]‐603‐0399