Beruflich Dokumente
Kultur Dokumente
was visible during our visit ... every person engaged during the visit was
able to speak logically about risk and control and more importantly how
it impacted their work environment.”
Independent Auditor, ABC Mining, 2012
It is a great success when risk is handled smartly across all levels of a complex
business. ABC Mining (not its real name) had been striving to leverage best-
practice risk, compliance, operations and maintenance knowledge to improve
material risk management and general business performance.
Significant technical and administrative effort had been expended to align a
range of risk management data sources and processes across all operations, but
the tools used were fragmented and only increased the burden on risk practition-
ers and compromised risk governance, with failures evident in data collection,
alignment and distribution; dual accountability and gaps in the risk governance
Alex Apostolou, processes.
Meercat, 2012
Using the RiskView solution, Meercat and ABC Mining were able to col-
laborate on a new strategy to guarantee the integrity of risk management. After
implementing this step change, the Auditor’s Report stated the most notable
achievements as follows:
- The improvement in Risk governance and the control environment was significant
over an 18 month period.
- Standardisation of Risk Management, risk documents, risk governance and assur-
ance processes.
- Improvement in Critical control effectiveness
- Performance standards capability to link with the ERP (through a URL) as part of
the wider ERP roll-out project, hence ensuring no duplication and/or data integ-
rity issues with the transition into the ERP.
- Appointment of Critical control owners, and assignment of accountabilities within
RiskView under the My Controls and My Risks sections.
ABC Mining is a fully integrated mine to market business comprising mines,
and processing plants:
Site A – an open-cut mine and other facilities.
Site B – an underground mine and other facilities
Site C – a processing plant.
Site D – a second processing plant.
ABC Mining was so impressed with the achievements they prepared a detailed
case study for circulation within their broader corporate community. That case
study is presented here, with minimal changes to protect our client’s identity.
Case Study
Risk Management Change at ABC Mining
During the CY2010 company-wide audits, risk manage- Nine months later, the results in terms of speed of take-up,
ment at two of our Operations (Site D and Site B) were simplified processes, data uniformity, increased risk aware-
rated Require major improvement, and two (Site C, Site A) ness and accountability and improved performance are
were rated Require minor improvement. being realised.
Overall these gaps related to significant weaknesses in the An Independent Audit in March 2011, rated ABC Mining
risk management systems and processes, data integrity and Risk Management as Well-Controlled. The audit report stated
standardisation. as follows:
With the identified failures in data collection, alignment The Risk Management function at ABC “has undergone
and distribution, and risk management process integrity, significant positive change in the period leading up to our
a new strategy was developed with the objective to imple- internal audit”.
ment a step change to the risk management process at ABC The opportunity afforded by a restructuring of the func-
Mining. tion that was necessary to align with the Corporate operat-
The maturity curve below (on page 3) was re-assessed and ing model, and in response to previous audit findings of the
the new risk management strategy aligned to ensure top operations, ABC initiated a detailed project plan to improve
quartile risk management performances are achieved at the and standardise their risk management processes.”
end of FY15 (vs FY17 previously). In addition, ABC Mining Risk Management Group re-
During November 2010, the ABC Mining Risk Manage- ceived three comendations, of which one was the implemen-
ment Team began the process of consolidating all risk data, tation of RiskView.
optimising risk processes, and configuring RiskView to “To facilitate the required improvement in their Risk
deliver the business outcomes required, ensuring standardi- Management processes, ABC have approved the purchase
sation of the Risk Management system across all Operations. and implementation of RiskView, an integrated Risk Man-
The design principles of RiskView were aligned to the agement solution.
ABC mantra of Clarity, Ownership and Efficiency. During the audit, we were provided with the opportunity
With a host of early successes during the implementa- to assess the system’s capabilities in supporting ABC’s risk
tion, the Management Team made the decision to include management activities and maintaining compliance with
all other general business risks, with the result that we now ABC’s overall Risk Management framework.
have a simple, consistent, integrated and open platform The system can be accessed directly from the user’s desk-
which is shared with all employees across all operations. top, and provides the following functionality:
Employees now help themselves to risk and risk-related data,
accessing bowtie diagrams, reports, initiating Critical Con- a) a consolidated database of all risks, causes, impacts
trol Performance Standard reviews and the like, with little or and controls (separated into preventative and mitigating)
no training. identified within the business, which eliminates duplication
Nov-10
Nov-11
Mar-11
Mar-12
May-11
May-12
Jul-10
Jan-11
Jul-11
Jan-12
Sep-10
Sep-11
e) formal risk reporting for both
internal and Risk and Audit Committee
purposes.”
During the recent follow up audit at ABC Mining, four 1) The risk assessment process is used in all operational
recommended practices were noted. Three of these related areas and consistently by all levels of the business;
to Risk Management improvements, they are: 2) All risks analysis and evaluation processes in accord-
a) Standardised Risk Management processes across all ance with the defined risk assessment process.
operations 3) Management of risk controls has been streamlined
b) Documentation of Risk controls and performance with ownership being clearly demarcated, ratings
standards standardised, improvement tasks devised and tracked
where appropriate, and very importantly, all stakehold-
c) Implementation of Risk management plans across all
ers involved in risk management are focussed on the
operations
same issues, using the same criteria and focussing on
The ABC Management Team visited Site C in March 2012. solving the same problems.
Following numerous material risk reviews, the following
Alignment with other Corporate Policies included:
feedback was provided to the Board:
a) Ensuring single point of accountability and compliance
“I was very impressed with the level of risk management
maturity that was visible during our visit to Site C. Every b) Alignment to Corporate reporting requirements, and
person engaged during the visit was able to speak logi- simplification of the monthly reporting processes
cally about risk and control and more importantly how it c) Inclusion of the IMT, EMT and Business Continuity
impacted their work environment. Perhaps most impres- management processes
sive was the immediate response to queries about the risk
process specific risk/control which always lead to an in depth d) Compliance with aviation risk requirements
conversation of improvement. It was very exciting to see the e) Catastrophic and fatal risks protocol requirements
ABC risk vision in action and playing an important part in integrated with risk management (incl. Performance
business success.” standards)
The key driver of all these improvements has been f) Standardised and integrated Corporate HSE reporting
achieved through the implementation and application of
g) 5 year planning process adopted for Risk Management
standardised risk management processes through RiskView.
process; and
Going forward, ABC Mining will further leverage its risk
h) Internal audit process compliance.
management process to simplify the management of our
business, to sustain performance improvements across the
compliance spectrum, to optimise change management in
Clarity
1) Simplified our risk management processes to make
achieving compliance a goal that can be shared by all
employees
2) Protecting long-term shareholder value by increasing
visibility and manageability of all risks, allowing the
prioritisation of resources based on simple, accountable
and sustainable principles
3) Risk management system runs of the Portal, accessible
to all employees
4) Very basic training required to operate and navigate
through RiskView
5) Reporting simplified to run “real-time” exportable to
MS Office and Adobe PDF