Slide 1

2012 ARTHUR J. GALLAGHER & CO. Managing Risk Every Day OPENING SESSION: Dorothy M. Gjerdrum, ARM-P, CIRM Executive Director & Risk Consultant

Slide 2

2012 ARTHUR J. GALLAGHER & CO. Agenda What is risk ?? Why we need to expand our perspective Implications for your operations A new framework for managing risk Managing Risk Every Day

Slide 3

2012 ARTHUR J. GALLAGHER & CO. Page | 3 Definition of risk (n) Bing Dictionary Risk [ risk ] 1.Chance of something going wrong: the danger that injury, damage or loss will occur 2.Hazard: somebody or something likely to cause injury, damage or loss 3.Chance of loss to insurer: the probability of loss to an insurer or the amount that an insurer is in danger of losing Synonyms: danger, jeopardy, peril, hazard, menace, threat

Slide 4

2012 ARTHUR J. GALLAGHER & CO. Page | 4 Risk (n) Concise Encyclopedia In economics and finance Trading or variability risk is the amount that the return may vary, up or down, from the expected return on investment.

Slide 5

2012 ARTHUR J. GALLAGHER & CO. Page | 5 Risk (n) Concise Encyclopedia In economics and finance Trading or variability risk is the amount that the return may vary, up or down, from the expected return on investment.

Slide 6

2012 ARTHUR J. GALLAGHER & CO. Page | 6 Risk (n) Concise Encyclopedia In economics and finance Trading or variability risk is the amount that the return may vary, up or down, from the expected return on investment. And what happens when you take a risk?

Slide 7

2012 ARTHUR J. GALLAGHER & CO. Risk, in one form or another, is present in virtually all worthwhile endeavors. 7 We recognize that not all risk is bad, and our goal is not to eliminate all risk, for by doing so we would cease all productive activity. Rather, our goal is to assume risk judiciously, mitigate it when possible, and prepare ourselves to respond effectively and efficiently when necessary.

Slide 8

2012 ARTHUR J. GALLAGHER & CO. What is risk? Risk = the effect of uncertainty on your objectives Objectives = the outcomes you seek, the highest expression of intent and purpose Uncertainty = the state of not knowing, a deficiency of information ISO/ANSI/ASSE 31000:2009 Risk management Principles and Guidelines

Slide 9

2012 ARTHUR J. GALLAGHER & CO. Page | 9 A closer look at Uncertainty Makes a clear connection to the environment, the world and your context There are many causes and sources, internal and external It recognizes that some/much is out of your direct control Its a broader view implying both positive and negative consequences are possible

Slide 10

2012 ARTHUR J. GALLAGHER & CO. Global Uncertainties Economic Environmental Technological Societal Geopolitical Budget crises Unfunded mandates Aging infrastructure Banking & investment failures Supply chain interdependencies Climate change Natural catastrophes Global pollution Extinction of species Deforestation Use of natural resources Access to clean water Political uprisings & changes in governments Terrorism Cyber warfare Information infrastructure Public data protection Privacy versus security New/emerging technology Religious conflicts Access to education Pandemics Speed of change Migration

Slide 11

2012 ARTHUR J. GALLAGHER & CO. Page | 11 World Economic Forum Global Risks Landscape 2013

Slide 12

2012 ARTHUR J. GALLAGHER & CO.

Slide 13

Page | 13

Slide 14

2012 ARTHUR J. GALLAGHER & CO. Global Uncertainties Economic Environmental Technological Societal Geopolitical Budget crises Unfunded mandates Aging infrastructure Banking & investment failures Supply chain interdependencies Climate change Natural catastrophes Global pollution Extinction of species Deforestation Use of natural resources Access to clean water Political uprisings & changes in governments Terrorism Cyber warfare Information infrastructure Public data protection Privacy versus security New/emerging technology Religious conflicts Access to education Pandemics Speed of change Migration

Slide 15

2012 ARTHUR J. GALLAGHER & CO. Risk is NOT just An event A consequence A likelihood A vulnerability An exposure A risk source A hazard, threat or opportunity But rather, the effect of these upon your objectives

Slide 16

2012 ARTHUR J. GALLAGHER & CO. What is risk? Risk = the effect of uncertainty on your objectives Objectives = the outcomes you seek, the highest expression of intent and purpose Uncertainty = the state of not knowing, a deficiency of information Anything that could harm, prevent, delay or enhance your ability to achieve your objectives = risk ISO/ANSI/ASSE 31000:2009 Risk management Principles and Guidelines

Slide 17

2012 ARTHUR J. GALLAGHER & CO. An opportunity for grant money for a new curriculum Traditional RM review the contract (indemnification, hold harmless, waiver, etc.) and place insurance ERM (or a broader approach to risk) gather stakeholders, assess risks, make decision, then manage risks An Example a New Way to Consider Risk

Slide 18

2012 ARTHUR J. GALLAGHER & CO. A Fictitious Scenario re School Facility Use Page | 18 After several years of their varsity football team winning state, high school coaches create a series of summer camps for both players and other coaches Will use school facilities for sleepovers, food service and sports fields Camp will include an outing to visit the professional team facility Teaching coaches will be paid by camp fees and school contract District will receive some money for facility use Risk Assessment Process

Slide 19

2012 ARTHUR J. GALLAGHER & CO. Reasons to Pursue the Activity Page | 19 Good exposure of the school and district to prospective students and parents Revenue generator (and could bring increased enrollment) It will enhance the athletic program Good for kids; a good summer activity Support kids athletic development Increased school activity would reduce vandalism and graffiti opportunities Opportunities/Benefits

Slide 20

2012 ARTHUR J. GALLAGHER & CO. Potential Damage to School & Program Objectives Page | 20 Unqualified drivers Who will chaperone? Food allergies What if canceled? 504 and IEP issues Student injury Whos responsible? Reputation risk (if bad) Insurance coverage? Threats Equipment & facility ready for this? District will get blamed if something bad happens Potential damage to facility Custodial & logistics support Conflicts with facility use, scheduled repair, construction What if school was needed for an emergency purpose?

Slide 21

2012 ARTHUR J. GALLAGHER & CO. Risk Management helps you discover both threats and opportunities

Slide 22

2012 ARTHUR J. GALLAGHER & CO. (Or a Broader Approach to Managing Risk) To manage risk more effectively to support opportunities To identify, assess and prepare for what could go wrong To focus on whats most important to the organization and its stakeholders and link key risks to key goals & objectives The intent of ERM

Slide 23

2012 ARTHUR J. GALLAGHER & CO. Why we need to manage risk The purpose of managing risk is to increase the likelihood of an organization achieving its objectives by being in a position to manage threats and adverse situations and being ready to take advantage of opportunities that may arise. National Guidance on Implementing ISO 31000:2009 From NSAI in Ireland

Slide 24

2012 ARTHUR J. GALLAGHER & CO. ISO (International Organization for Standardization) is the world's largest developer and publisher of International Standards. Established in 1947, ISO is a network of the national standards institutes of 159 countries, one member per country, with a Central Secretariat in Geneva, Switzerland, that coordinates the system. Framing the Process ISO 31000:2009 International Standard on the Practice of Risk Management ISO 31004: 2013 Technical Report on the Implementation of ISO 31000

Slide 25

2012 ARTHUR J. GALLAGHER & CO. Adopted as the US Standard by ANSI Available from ASSE at www.asse.orgwww.asse.org 25

Slide 26

2012 ARTHUR J. GALLAGHER & CO. ANSI/ASSE/ISO 31000 Risk Management Principles and Guidelines Introduction Organizations of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. The effect this uncertainty has on an organizations objectives is risk. All activities of an organization involve risk Page | 26 Managing Risk Every Day

Slide 27

2012 ARTHUR J. GALLAGHER & CO. Making Risk Management Effective Benefits to Implementing ISO 31000 You engage stakeholders (internal & external) You focus on objectives or key strategies You consider opportunities as well as threats Communication is consistent and constant You continually learn and improve Everyone is a risk manager! Page | 27

Slide 28

2012 ARTHUR J. GALLAGHER & CO. Components of the ISO standard The framework manages the overall process and its full integration into the organization The process for managing risk focuses on individual or groups of risks, their identification, analysis, evaluation and treatment Monitoring & review, continual improvement and communication occur throughout The principles provide the foundation and describe the qualities of effective risk management in an organization

Slide 29

2012 ARTHUR J. GALLAGHER & CO. Principles Mandate & Commitment Design framework for managing risk FrameworkRM Process Implement risk management Monitor and review the framework Continually improve the framework Establish the context Communicate and consultMonitor and review Risk identification Risk analysis Risk treatment Risk evaluation Risk assessment Creates value Integral part of organizational processes Part of decision making Explicitly addresses uncertainty Systematic, structured & timely Based on best available info Tailored Takes human & cultural factors into account Transparent & inclusive Dynamic, iterative & responsive to change Facilitates continual improvement & enhancement of the org From ANSI/ASSE/ISO 31000

Slide 30

2012 ARTHUR J. GALLAGHER & CO. Why ISO Specifies the Framework Maps out how the management of risk will be integrated across the organization Assures that the corporate-wide process is supported, iterative and effective Details how risk management will be an active component in governance, strategy and planning, management, reporting processes, policies, values and culture Provides for reporting & accountability

Slide 31

2012 ARTHUR J. GALLAGHER & CO. The Framework Includes: The organization & its context Risk Management Policy Accountability Integration into organizational processes Resources Communication & reporting internal Communication & reporting - external

Slide 32

2012 ARTHUR J. GALLAGHER & CO. Components of the Framework Understanding the organization & its context Establishing RM policy Accountability & Authority Integration into organizational processes Determining appropriate resources Establishing internal communication & reporting mechanisms Establishing external communication & reporting mechanisms ISO 31000:2009 Risk management Principles and guidelines

Slide 33

2012 ARTHUR J. GALLAGHER & CO. Framework Example: Context External Context Social, cultural, political, legal, regulatory, financial, technological, economic, natural and competitive environment Key drivers and trends that will have an impact on your organization Relationships with and perceptions & values of external stakeholders Internal Context Governance, organizational structure, roles & accountabilities Policies, objectives & strategy Capabilities & resources Info systems Organizational culture Contractual relationships Relationships with, perceptions & values of internal stakeholders ISO 31000:2009 Risk management Principles and guidelines

Slide 34

2012 ARTHUR J. GALLAGHER & CO. Example of Framework - External Uncertain funding sources Affluent county but revenue is low New state mandates (re students and teachers) but no new funding Teacher associations & NEA are strong Diversified geography State politics: a purple state Large exodus of knowledge with retirements Active and aggressive community population PERA Poverty vs wealth lots of variation by district Emerging trend: fee for service Influence of the media Increase in construction A pro-charter school state

Slide 35

2012 ARTHUR J. GALLAGHER & CO. Example of Framework - Internal Each school district is different Districts compete with each other for teachers, students, etc. NEA The pool has both very large and very small districts Decision making is affected by public perception (e.g. reactions after Sandy Hook) When budgets get tight, safety & maintenance get cut Constant leadership changes Only some districts do strategic planning; we need more strategic thinking Long-term planning is difficult A push for innovations re learning lots happening Unpredictable school boards Keeping up with changing technology is a challenge (both infrastructure & skills)

Slide 36

2012 ARTHUR J. GALLAGHER & CO. The Risk Management Process Applies to portfolio of risks and individual risks Begins with the context always tailored to the organizational environment Emphasizes continual: Communication & consultation Monitoring & review Establish the context Communicate and consultMonitor and review Risk identification Risk analysis Risk treatment Risk evaluation Risk assessment

Slide 37

2012 ARTHUR J. GALLAGHER & CO. Select Definitions Risk management = the coordinated activities to direct and control an organization with regard to risk Risk owner = the person with the accountability and authority to manage the risk Stakeholder = Person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity.

Slide 38

2012 ARTHUR J. GALLAGHER & CO. Risk Mgmt & Other Initiatives RM supports strategic initiatives, mission and goals and links to them RM can support management processes (e.g. balanced scorecard, performance management measures) RM will help build success of key initiatives by identifying barriers and risks and ways to mitigate them Managing Risk Every Day

Slide 39

2012 ARTHUR J. GALLAGHER & CO. Key concepts of ISO 31000 Risk Management is about supporting opportunities as well as preventing problems It is tied to business objectives & strategies and supports them It works within the entitys culture and will become integral to decision making It will ensure that Risk Management applies to all levels of the organization and to all activities

Slide 40

2012 ARTHUR J. GALLAGHER & CO. The Benefits of (Enterprise) Risk Management Increase likelihood of achieving objectives Encourage proactive management Be aware of the need to identify and treat risk throughout the organization Improve the identification of opportunities & threats Effectively allocate and use resources Comply with relevant legal and regulatory requirements and international norms Improve mandatory and voluntary reporting Improve operational effectiveness & efficiency Improve stakeholder confidence and trust Establish a reliable basis for decision making & planning Improve controls Improve governance ISO/ANSI/ASSE 31000:2009 Risk management Principles and Guidelines

Slide 41

2012 ARTHUR J. GALLAGHER & CO. In a nutshell All organizations exist to achieve their objectives. The purpose of risk management is to manage the barriers to those objectives and support their achievement.

Slide 42

2012 ARTHUR J. GALLAGHER & CO. Questions? Dorothy Gjerdrum, ARM-P, CIRM Executive Director Arthur J. Gallagher & Co. Public Sector 651.642.2999 dorothy_gjerdrum@ajg.com

Slide 43

2012 ARTHUR J. GALLAGHER & CO. SEPTEMBER 12, 2013 Page | 43