Beruflich Dokumente
Kultur Dokumente
Management
A new focus
Presented by:
Phumi Madlala
eThekwini Municipality
Agenda
The Risk Management Process:
Definitions
Preparation
Definitions
- Risks are uncertain future events that could influence
achievement of objectives
Risk Management:
- Management tool of creating awareness & managing
obstacles that have a potential of preventing the
organization from achieving its objectives;
- Is also about assessing, both quantitatively and qualitatively
the opportunity for success of business initiatives;
- Is composed of methodologies and processes which are
designed to develop information critical to achieving the
strategic objectives of the organization
Legislative mandate
1. MFMA, S 62 (1) ( c ) states:
the accounting officer must ensure that the municipality has and maintains effective, efficient and transparent
systems of financial and risk management and internal control
2. S 78 and 105 further assigns the responsibilities to other officials to ensure effective, efficient, economical and
transparent use of financial and other resources within that officials area of responsibility
3. S 165 (2) (b) requires internal audit unit to advise the AO on matters related to(iv) risk and risk management
4. S166 (1) requires audit committee to advise municipal council, political office-bearers, AO and management staff
on matters related to (ii) risk management
5. King III Code on Corporate Governance and Public Sector Risk Management Framework states:
The Council/ Board is responsible for the total process of risk management, as well as for forming its own opinion
on the effectiveness of the process.
MANAGEMENT
ASSURANC
E
GOVERNANCE
OVERSIG
HT
Risk Management
Committee
First Line of
Defence
Second Line of
Defence
DCM Forum
Third Line of
Defence
Internal Audit and
External Auditors
Management of
Operations
Risk Champions
Analyse Risks
Likelihood
Impact
Monitor / Review
Identify Risks
Corruption Risk
Assessment
Corruption Risk
Management
Corruption Risk
Assessment
Risk Assessment:
The process of identifying risk exposures and assessing their impact and
likelihood that they would have on the achievement of objectives. The
process also involves evaluating suitable ways to mitigate the risks to
corruption and assessing effectiveness of controls.
ERM:
Fraud/corruption risk forms one category of the risks that are significant
within Ethekwini municipality, which is managed separately at a strategic
level.;
Top down approach strategic risks are cascaded down to operations
Link between risk categories:
Some risks are inter-linked, e.g. failure to manage fraud/corruption risk
results in high exposure to compliance risk and by default
operational risk (due to weakness in controls) which might lead to
reputational risk.
Role of compliance in
fraud/corruption prevention
Highly compliant organizations
Preparation by facilitator
13
Corruption Risk
Register
Outcome:
Risk register with identified strategic/operational corruption risks;
Risk owners strategic (City Manager/Executives)/ operational (Dpt
Heads);
Impact & likelihood for each risk- per methodology;
Assessment of current controls i.t.o. effectiveness ( IA & other Assurance
providers );
Tasks to improve our exposure to each risk:
Ongoing monitoring of
corruption risk
Independent annual review of Anti-corruption strategy and its
effectiveness in reducing corrupt activities by Internal Audit;
Anti-corruption/Fraud Prevention Committee reporting on
implementation of strategy & anti-corruption/ fraud prevention
initiatives;
Governance audit of committees on implementing action per TORs;
Monitoring progress of tasks on corruption risk registers ( strategic
&operational);
References
Quotes have been taken from various
risk management & anti corruption
standars, best practice & guidelines.
18
THOUGHT PROVOKING
QUOTES:
The true measure of a man is who he is when
nobody is watching;
Perception is more powerful than fact when it
comes to fraud/corruption;
If you dont invest in risk management , it does not
matter what business you are in, its a risky
business
The greatest contributions of risk managers is just
carrying a torch around and providing
transparency
19