INTEGRATED RISK MANAGEMENT

  1. Purpose

  2. This policy forms part of Oakville Public Library's ("OPL's") risk management and corporate governance arrangements and outlines OPL's underlying approach to risk management, documents the roles and responsibilities of the Board of Directors ("the Board"), the senior management team, and other key parties. It also outlines key aspects of the risk management process, and identifies the main reporting procedures. This policy also describes the process the Board will use to evaluate the effectiveness of OPL's risk management procedures.

  3. Policy

  4. Underlying approach to risk management

    The following key principles outline OPL's approach to risk management:

    • the Board has responsibility for overseeing risk management within OPL
    • an open and receptive approach to solving risk problems is adopted by the Board
    • the senior management team proposes changes, advises and implements policies approved by the Board
    • OPL makes conservative and prudent recognition and disclosure of the financial and non-financial implications of risks
    • the CEO, Directors and Managers are responsible for implementing good risk management practices within their departments/branches
    • key risk indicators will be identified by the senior management team working with the Town of Oakville's Director, Internal Audit on an ongoing basis as needed but at least once within the first quarter of each calendar year
  5. ROLES AND RESPONSIBILITIES

    1. The Board
    2. The Board has a fundamental role to play in the management of risk within the library.

      This role includes:

      • determine the appropriate risk appetite or level of exposure for OPL
      • approve major decisions affecting the institution's risk profile or exposure
      • monitor the management of risks annually review the institution's approach to risk management and approve changes or improvements based on best practices to key elements of its processes and procedures.
    3. Senior Management Team
    4. Key roles of the senior management team are to:

      • implement policies on risk management
      • identify and evaluate the risks faced by OPL for consideration by the Board
      • actively manage identified risks, create a risk management culture and report issues in a timely basis to the Board
      • undertake an annual review of effectiveness of the system of risk management and provide a report to the Board
  6. PROCEDURE:

  7. This system encompasses a number of elements that together facilitate an effective and efficient operation, enabling OPL to respond to a variety of operational, financial, and commercial risks.

    These elements include:

    1. Policies and procedures.
    2. Attached to risks are a series of policies that assist OPL in reducing or mitigating these risks. These policies are set by the Board and implemented, communicated and managed by senior management to staff. Written procedures support the policies where appropriate.

    3. Reporting.
    4. Comprehensive reporting is designed to monitor key risks and their controls. Decisions to rectify problems are made at regular meetings of the senior management team and the Board if appropriate.

    5. Business planning and budgeting.
    6. The business planning and budgeting process is used to set objectives, agree upon action plans, and allocate resources. Progress towards meeting business plan objectives is monitored regularly.

    7. Risk framework
    8. This framework is compiled by the senior management team and helps to facilitate the identification, assessment and ongoing monitoring of risks to the institution. The document is formally appraised annually but emerging risks are added as required, and improvement actions and risk indicators are monitored regularly.

    9. Finance & Audit Committee (FAC)
    10. The FAC is required to report to the Board on risk management and alert Board Members to any emerging issues. In addition, the FAC oversees internal audit, external audit and management as required in its review of risk management.

    11. Internal audit program
    12. Internal audit provides assurances on risk management processes and on the management of those risks classified as "key". It also provides a reliable and appropriate assessment of risks and reporting of risk and control status. Internal audits are performed annually by the Town of Oakville's Director, Internal Audit, including risk management assurance reviews.

    13. External audit
    14. External audit provides feedback to the Audit Committee on the operation of the internal financial controls reviewed as part of the annual audit.

    15. Third party reports
    16. From time to time, the use of external consultants may be necessary.

      Annual Reporting
      The senior management team will prepare a report of its review of the effectiveness of the risk management system annually for the Board.

      Annual review of effectiveness
      The Board is responsible for reviewing the effectiveness of risk management of the library, based on information provided by the senior management team.
Final Approval Date: June 27, 2013
Motion #: 13.06.60 Next Review Date: 2017
Supersedes Policy Dated: New
Motion #: Page 3 of 3
Filed in: Board Manual, Added to website


Loading…