8/12/2019 Overview for Q a Session

1/8

2012 ARTHUR J. GALLAGHER & CO.

ANSI/ASSE

/ISO31000 and 31004

Dorothy M Gjerdrum, ARM-P CIRM Arthur J. Gallagher & Co.

8/12/2019 Overview for Q a Session

2/8

2012 ARTHUR J. GALLAGHER & CO.

Global Corporate Governance Models

All EU Countries Directives on

Governance

Netherlands Code Tabaksblatt

UK Cadbury Turnbull Greenbury Rpt BS 31100 RM

France Vienot Com. Mrini Report Levy-Long Com.

Italy Draghi

Commission

Australia/New Zeal HB 317 on Risk

Communication Stock Exchange

Listing

New AccountingStandards

Best PracticeStmt Mgmt

US Business Round Table NYSE listing

Requirements Blue RibbonCommission

Sarbanes Oxley Act COSO ERM

FrameworkCanada Toronto Stock

Exchange Committee

Canadian SecuritiesCommittee

Allen committeeReport

COCO CAN/CSA-Q850

South Africa Code of Best Practice King Report I, II, III Stakeholder Communication Public Finance Mgmt Act

Japan Corporate

Governance

Forum of Japan J-SOX

Germany Bill on The Control

and Transparencyof organizations

Kon TraG Bill

INTERNATIONAL (All countries) - Basel I & II; ISO 31000

Developed by Dorothy Gjerdrum , AJG& Mary Peter of Eide Bailly LLP

8/12/2019 Overview for Q a Session

3/8

2012 ARTHUR J. GALLAGHER & CO. 2012 ARTHUR J. GALLAGHER & CO.

The ISO 31000 Series ANSI/ASSE/ISO 31000 (also known as the Z690 series)

ANSI/ASSE/ISO 31000 Risk Management Principles and Guidelines

ANSI/ASSE/ISO 31010 Risk Assessment Techniques Guide 73 Vocabulary for Risk Management

Page | 3

8/12/2019 Overview for Q a Session

4/8

2012 ARTHUR J. GALLAGHER & CO. 2012 ARTHUR J. GALLAGHER & CO.

A Vision for Enhanced Risk Management

Key Outcomes The organization has a current, correct and comprehensive

understanding of its risks. The organization's risks are managed to an acceptable level of

tolerance.

Page | 4

Attributes Continual improvement Full accountability for risks Application of risk management in all decision making

Continual communications Full integration into the organizations governance structure

Excerpt from Annex A: ISO/ANSI/ASSE 31000: 2009

8/12/2019 Overview for Q a Session

5/8

2012 ARTHUR J. GALLAGHER & CO.

ISO 31004 newly published

This Technical Report provides advice on theimplementation of ISO 31000. Its purpose is:

a) To assist organizations in aligning the way that

they manage risk with ISO 31000 (by explainingand providing guidance, examples andillustrations)

b) To assist standards-making organizations so thatthey can harmonize risk management processeswith ISO 31000

8/12/2019 Overview for Q a Session

6/8

2012 ARTHUR J. GALLAGHER & CO.

Overview of ISO 31004 Introduction Implementing ISO 31000

General Integrating risk management into the organization How to implement ISO 31000 Integration into organization

s management processes Continual improvement

Correlation between ISO 31000 & 31004

8/12/2019 Overview for Q a Session

7/8 2012 ARTHUR J. GALLAGHER & CO.

Overview of ISO 31004

Annex A Application of ISO 31000 principles Annex B How to express mandate and commitment

(including the risk mgmt policy)

Annex C How to give effect to monitoring andreview

Annex D Integrating risk management with amanagement system

8/12/2019 Overview for Q a Session

8/8 2012 ARTHUR J. GALLAGHER & CO.

DECEMBER 17, 2013

DOROTHY M GJERDRUMSENIOR MANAGING DIRECTOR,

PUBLIC SECTOR

Page | 8