Governance assurance and oversight
Material on risk management and its links with governance, oversight, internal audit and assurance processes in organisations, investments and projects
Embedding risk management at the top
The purpose of risk management is to create and protect value by helping us achieve better business outcomes. It should be part of our day-to-day activities. When it is integrated closely into the way we manage our business, it helps us be more effective and efficient, make better decisions, capture opportunities and avoid unpleasant surprises. This short tutorial describes how we can embed risk management at the executive level, to lead its wider adoption in our operations.
Read moreAdapting governance for complex projects
This paper offers insights into methods for dealing with governance in complex projects. This is not a primer on complexity or strategies for dealing with it in general; rather it points readers towards interesting concepts and areas so they can develop their own ideas.
Read moreControls 4: Monitoring risks and controls
Monitoring is an important process in most organisations. It is critical for the effectiveness of risk management and control assurance. Risk owners monitor the business environment and indicators associated with the causes of risks to help ensure their perspectives of and assumptions about the risks for which they are responsible remain valid. Control owners, and assurance providers at Line 2 and Line 3 of the three lines of assurance, monitor indicators of control effectiveness, particularly for critical controls.
Read moreControls 5: Developing an assurance program
This tutorial is for directors and managers who need assurance that critical controls are in place and working, and that they will work in the future if they are needed. To be effective, assurance must be a planned and deliberate activity. This tutorial discusses how to develop an assurance plan that is appropriate for your organisation.
Read moreControls 3: Conducting a simple control self-assessment
This tutorial is for managers who need assurance that critical controls are in place and working, and that they will work in the future if they are needed. The approach described here will be useful for risk owners, for the key controls associated with their risks; for control owners, for the controls for which they are accountable; and for those managers who conduct assurance activities.
Read moreControls 2: Introduction to control design
This tutorial is for line managers who are also risk owners, first to help them to think about where new or modified controls might be necessary, and then to select the most appropriate kinds of controls to address the risks for which they are responsible.
Read moreControls 1: Introduction to control assurance
This tutorial introduces important concepts associated with controls and control assurance. The ideas and definitions provided here form a basis for more detailed material discussed in other related Broadleaf tutorials.
Read moreGetting the most out of risk assessment
Dr Stephen Grey made a presentation on recent developments in qualitative risk analysis to the Melbourne Chapter of the Project Management Institute on 29 April 2014. It covered 3 topics; recent developments in approaches to risk management, the benefits a risk assessment can bring to a project team outside of the core risk management activity, and what we can learn from the relationships between risks.
Read moreGovernance oversight and the risk management framework
The risk management framework is the foundation for effective risk management. The new ASX Principle 7 requires organisations to implement a sound framework and for boards to carry out annual assessments of the effectiveness of these frameworks. This means that organisations have to move on from sending reports containing 'lists of risks' to Boards to provide them with information on their framework and its effectiveness. This presentation describes a risk management framework and its components and shows how companies can report to a board on the effectiveness of its approach to risk management.
Read moreEffective risk management and governance
The third version of the ASX *Corporate Governance Principles and Recommendations* contains significantly revised requirements for the demonstration and assurance of effective risk management. Grant Purdy recently led two breakfast seminars that discussed and provided advice on how listed companies can comply with the new requirements.
Read moreSetting priorities for risk treatment and assurance of controls
In an organisational setting, risk assessment processes often identify many risks, but managers usually have limited time and resources available for dealing with them. Managers need to be able to set priorities to focus their attention on the areas where the application of effort will produce the most effective risk treatment and assure the effectiveness of controls.
Read moreEffective risk management under PGPA
Broadleaf has developed a range of innovative risk management services to assist Commonwealth entities in meeting their risk management obligations under the new *Public Governance, Performance and Accountability Act 2013* (the PGPA Act).
Read moreEvaluating the effectiveness of risk management
This guide describes a systematic way of finding how effective is an organisation’s current approach to managing risk, leading to a realistic improvement program. It stresses how management must be involved in all stages to ensure success.
Read moreControl effectiveness
This note discusses control effectiveness, a measure of the aggregate effectiveness of all the controls that act on a specific risk.
Read moreRelationship between internal audit and risk management
This short tutorial note addresses the relationship between the internal audit and risk management functions in organisations.
Read moreInvestment opportunity management and governance
All organisations must invest effort and capital to grow, but sustained growth does not happen by accident. Organisations need prudent processes to assemble, progress and manage a portfolio of investment opportunities.
Read more