Assurance Mapping CIPFA CiM Audit Training...
16
Risk Engineering - Strategic Risk Practice CONFIDENTIAL Assurance Mapping CIPFA CiM Audit Training Seminar October 2013 Sally-Anne Woulidge
-
Upload
phungquynh -
Category
Documents
-
view
232 -
download
3
Transcript of Assurance Mapping CIPFA CiM Audit Training...
Risk Engineering - Strategic Risk Practice
CONFIDENTIAL
Assurance Mapping
CIPFA CiM Audit Training Seminar
October 2013
Sally-Anne Woulidge
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
AgendaObjectives of the session:
1What is an assurance and assurance mapping?
2 Who benefits and why?
3 Critical success factors
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Assurance
What is an assurance?
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
AssuranceComes in many shapes and forms
1Assurances are processes or activities that
monitor and measure the effectiveness of the
controls.
2 Assurances can be both positive and negative.
3The important point is that they must provide the
Board with sufficient information to make
informed decisions.
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Assurance
Who can provide assurance?
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
AssuranceIs provided through many avenues
Visible
Business as usual
Business Units
Corporate
Oversight
IndependentAssurance
3 Lines of Defence
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Assurance MappingWhat is an Assurance Map?
Assurance Map
A colour coded representation of quality/level
of assurance coverage
against key risks
A mechanism to review gaps
in risk & assurance
programmes in line with an
organisation’s appetite
A visual representation
of assurance concentration
or gaps
Consideration of all assurance activity in one
location
A pictorial reporting tool
Assessment of efficient use of
resources
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Assurance MappingExamples …..
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Assurance Mapping
Who would benefitfrom this information and
why?
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Assurance MappingThose that would benefit from this insight are…
Stakeholders
MembersMembersMembersMembers & & & & Executive Executive Executive Executive TeamTeamTeamTeam
Independent Members
Assurance Committees
Senior ManagementProject leads/owners
Other assurance providers
Regulatory Bodies
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Assurance MappingWhy do they benefit?
BENEFITS Why do it?
One view of
Business Risk
Control
Environment
One co-ordinated visual tool which, alongside the
strategic risk profile and appetite, enables an
organisation to identify potential risk exposures and
ineffective use of assurance resources.
� Informs annual governance
statement
� Consolidates multiple sources of
reliable assurances
� Highlights:
a) Concentrated sources of
assurance
b) Providers and possible
ineffective use of
assurance initiatives
c) Gaps in the assurance
programme
d) Opportunities for future
design/focus of assurance
provisions
Drives Value Ensures the right level/type of assurance is provided
over the right risks in support of management’s
successful achievement of objectives.
Potential Cost
Reduction
One view of the costs for control and assurance
programmes. If coupled with the Total Cost of Risk,
creates a powerful tool to enable organisations to
reduce costs in an era of austerity.
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Assurance Mapping
What needs to be mapped?
Start at the highest
level and then once
obtained buy in,
culture and ‘tone at
the top’ work
through organisation
Assurance
Key Risks
Sources of assurance
Business
Operations
Corporate
Oversight
Independent
Assurance
Inherent Residual
Risk
Assessment
Strategic risks
Operational/
Business risks
Process and
Procedures
Assurance MappingMapping depends on the organisation but a full map would….
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Critical Success FactorsTo embedding an assurance mapping process.
CSF
Relevant language
Buy in
Governance structure
Clear accountabili
ties
Robust risk
identification
Integrated approach
Know assurance providers
Know your assurance
Factual not opinion
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
Your views count…
Any thoughts,
view and/or questions?
© Z
uri
ch
In
su
ran
ce
Co
mp
an
y L
td
CONFIDENTIAL
This document is confidential and should not be provided to any third party without prior written consent from Zurich Insurance plc. It provides general information for discussion only and is not intended, and should not be relied on, as specific advice or as a substitute for taking advice on your circumstances. Neither Zurich Insurance plc nor any company in the Zurich Insurance Group will accept any responsibility for any actions taken or not taken on the basis of the information contained in this presentation. Thank you for your help.
Zurich Municipal is a trading name of Zurich Insurance plc, a public limited company incorporated in Ireland Registration No. 13460. Registered Office: Zurich House, Ballsbridge Park. Dublin 4, Ireland. UK Branch registered in England and Wales, Registration No. BR7985. UK Branch Head Office: The Zurich Centre, 3000 Parkway, Whiteley, Fareham, Hampshire PO15 7JZ. Authorised by the Central Bank of Ireland and subject to limited regulation by the Financial Conduct Authority. Details about the extent of our regulation by the Financial Conduct Authority are available from us on request, FCA registration number 203093. These details can be checked on the FCA’s register by visiting their website www.fca.org.uk or by contacting them on 0845 606 1234. Communications may be monitored or recorded to improve our service and for security and regulatory purposes.
