Slide 1

Victorian Managed Insurance Authority APCO Presentation Risk Management in the VPS Jonathon Masom Risk Management Adviser

Slide 2

Page 2 The VMIA Statutory Authority - VMIA Act 1996 Captive insurance provider and risk management advisor for the State of Victoria Provide risk management and insurance services to 4000 public and non government organisations in Victoria

Slide 3

Page 3 The VMIA: Mission & Vision Vision Victoria manages its risk, enhances its value and improves the quality of life for all Victorians. Mission To take a leadership role in reducing Victorias total cost of risk.

Slide 4

Page 4

Slide 5

Page 5 Snapshot- What we do? Insure approximately $110 billion of client assets Manage assets and liabilities in excess of $1 billion Collect premium of over $200 million and pay claims Train over 2500 people per annum Review 60 agencies Risk frameworks per annum Produce publications, tools and enablers Support risk management initiatives across the State

Slide 6

Page 6 Key Drivers

Slide 7

Page 7 VMIA Business Model

Slide 8

Page 8 Statewide Risk Management Run workshops, forums and scenario planning exercises on key risks to the state Develop the Statewide Risk Register Advise the Minister and the Government on statewide risks and key mitigation issues Produce a bi annual risk report for the Minister on global, national and statewide risk and insurance trends and performance

Slide 9

Page 9 Primary Risk & Insurance Service Lines Statewide Risk Management Training & Education Publications & Guidelines Risk Management Services Risk Management Partnership Program Insurance Services

Slide 10

Page 10 Training & Education Provide a risk and insurance training and education program to over 2500 VPS staff annually Deliver key forums and events (round tables, leadership seminars etc) Hold bi ennial Risk Leadership Conference and Risk and Insurance Forums Facilitate risk and insurance networks across the State Currently developing business case for risk and insurance recognition/accreditation program for the State

Slide 11

Page 11 Publications & Guidelines Develop risk and insurance publications for clients across the state: Riskybusiness Risk insights and updates Provide tools and guidelines such as: Guide for Developing & implementing Risk Frameworks BCM tools Developing on line content over 2011

Slide 12

Page 12 Risk Management Services Provide risk support services to targeted clients through 5 core risk streams: Business continuity management Project risk Risk culture Client assessments (RFQR, SRS, SERA) Strategic & Emerging Risk Deliver clinical risk management training, education and support to the health sector

Slide 13

Page 13 Risk Partnership Program Risk Partnership Program supports risk mitigation and innovation across the state Since 2001 has supported in excess of fifty projects with 14 projects currently underway Cross divisional multi agency program

Slide 14

Page 14 Insurance Services Provide insurance policies, programs and support to 4,000 clients Deliver strategic insurance advice and reviews to clients Progress leadership and application of the Total cost of Risk model Provide the State with asset security through a global reinsurance program

Slide 15

Page 15 Risk Framework Quality Review (RFQR) The RFQR is a review of the quality, comprehensiveness and maturity of an organisations risk management framework. In operation since 2006 and now in its third iteration Benchmarks for exemplary performance progressively getting higher Majority of clients have established substantive risk Increasing emphasis on cultural aspects over form and function management frameworks

Slide 16

Page 16 Submission of supporting documentation A review process completed by the VMIA Interviews with Departmental secretaries/CEOs, audit/risk committee chairpersons, risk managers Provision of a client report Audit Committee Presentations Comprises sections on governance, application of ISO31000, statewide, interagency and emerging risk and risk management outcomes and includes:

Slide 17

Page 17 Integrating Business Planning with Risk Management Aligning Internal Audit or assurance activities & Risk Management Moving from a compliance approach to risk to a cultural focus Quality & Content of Risk Registers Developing Key Risk Indicators Supporting Business Continuity Planning Improving Project Risk Management Practices Common Client Improvement Opportunities

Slide 18

Page 18 Organisations scoring in excess of 90% exhibited: Commitment from Executive & Board Integration of risk & corporate planning processes Well defined governance framework Strong reporting processes Risk support systems, processes and infrastructure for managing risk Clearly defined roles and responsibilities Strong risk culture Characteristics of RFQR High Achievers

Slide 19

Page 19 Competing objectives: delivering more with less Risk Compliance competes with Risk Culture Public sector risk management expertise is improving but is not at the requisite organisational level The public and private sector are becoming more connected requiring a whole-of-government approach to risk management Attaining ERM maturity is a long road Public Sector ERM Challenges

Slide 20

Page 20 Key Principles of Risk Management Processes Time Stakeholder Value Chaos Silos Specialists Systemic Risk Mature Evolution of Risk Maturity Compliance Culture Operational Strategic

Slide 21

Page 21 Start with the basics and implement progressively Delivering risk management within government is complex but the benefits are tangible ERM must be driven from the top down & across the organisation and be supported by a strong risk management culture VMIA see this as a cultural journey, focus on people & principles as much as the methodology It is important to identify the value drivers of risk management as a key to success Key Lessons

Slide 22

Page 22 Thankyou Any Questions?