260 likes | 426 Vues
Join Nasumba Kizito Kwatukha for insights on asset management principles, benefits, risk mitigation, audit roles, and data as an enterprise asset. Learn about operational and legal risks, and effective data stewardship practices for business success.
E N D
ASSET MANAGEMENT CONFERENCE Presentation by: Nasumba Kizito Kwatukha CPA,CIA, CISA,CFE,CISSP,CRMA,CISM,DIP-IIK Director : Risk-com Ltd Uphold public interest
Assets: • Is a resource controlled by the entity as a result of past events and from which future economic benefits are expected to flow to the entity-create value • Concept of Ownership and Control and use of Substance over form • Concept of Control over work force and footballers-Diego Costa case Introduction
Asset Management • Set of interrelated activities and elements of an organization whose function is to develop processes needed to ACHIEVE objectives • It involves Policies, Framework and Process formulation. • Independent Assurance and review is critical
Benefits of Asset Management • Enables achievement of objectives through effective and efficient management of its asset • Achievement of objectives is through the linkage of the Overall Strategy to the organization Assets which are the core Revenue generators • What constitutes value is the linkage between Assets and Strategy with clear Measurable on Asset Performance • Resultant benefits are Financial and Non-financial
Influencers of Assets to Keep • Nature and of purpose of the organization: E.g. Financial Industry players should not hold Properties • Operating Context: Assessment of your key principal Activities: E.g. Manufacturing • Needs and Expectations of Stakeholders : Risk Appetite and Integrated Reporting • Regulatory Environment: Matching Assets to Liabilities
Risk Management Defined • Process of ensuring Organization goals are achieved through Identification, Assessment and Mitigation of Risk: • Key to Asset Management because Asset is the sole generator of Revenue • Assessment involves Looking at the Likelihood and Impact: • Risk Management helps in the linking of Asset Performance to the Strategy of the organization • Mitigation involves making a decision on whether to self Insure; Retain or to transfer the risks attached to the asset.
Role of Audit in Risk Mgt • Independent Assurance on the Asset Risk Management Process • Process Owners are responsible for the Risk Management Activities • Is there a role of the Risk and Compliance Department ?
Operational Risks: ISO 55001 • 2. Legal and Compliance Risk • 3. Data Management : ISO 27001 Risks Associated with Assets
Failures due to Systems, Processes and People : • Obsolescence or impairment of assets • Restructuring charges related to changes in the nature of the business • Incorrect recording of assets, hidden by complex ownership structures designed to keep assets (and related liabilities) off the books • Incorrect valuation of assets acquired as part of a group purchase • Improper recording of capital leases as operating leases Operational Risks
Operational Risks-Fraud • Increased Purchases • Complex Purchases • Employees Homes are like a second Institution • Alteration of Documents-Self copy is Incorrect • Shrinkages in physical Assets • Real Estate fraud: Land Rates, Idle land, copies missing, DOVE
DOVE: Objective Market Values • Surprise Checks • Insurance :Standard Fire and Business Interruption Policies • Proper Approvals; understand Insurable Risks and Exclusions • Roles and Rights • Statistical Sampling • Review of Risk Maps and Assessments Mechanisms to Mitigate Risks
Legal and Compliance Risks • Proper Asset Document and Referencing Register • Due Diligence on DOVE • Income tax Requirements: CAP 470 and CAP 476 • Depreciation and Capital Allowances • Determination on when to Capitalize Expenses
Data- the True Asset In God we trust All others must bring Data
Data is getting … • … bigger, faster, in more shapes and formats, from more sources … more complex to control • … more important for business, both for operational and analytical purposes • Business wants to keep focusing on the business • Data is in databases and servers, so IT is covering it • Complexity increase makes current approach tedious, error prone and unsustainable • Tweets, Facebook, IG Data at a glance
Data Should be treated as an enterprise asset • Data Quality should be part of everyone’s job description and a parameter of performance evaluations and incentive packages • Employees should be assigned responsibility of data • Stewardship responsibility including • Establishing and implementing of the policies • Defining data quality parameters and standards • Data classifications and processing • Address the major reasons for the failure to fill this role • Data is not recognized as an asset • Political or cultural consideration (e.g. who should be responsible for customer data) • The difficulty involved and other priorities • Data should be modeled like other assets • Data should be modeled via business or enterprise data model • Compromise between accuracy and availability of data Data as an Enterprise- Corporate Asset
Organizational Structures & Awareness • Stewardship • Policy • Value Creation • Data Risk Management & Compliance • Information Security & Privacy • Data architecture • Data Quality Management • Classification and metadata • Information Lifecycle Management • Audit Information, Logging & Reporting Data Governance
Intake / Proposal • Review, approval, voting • Escalation • Issue management • Data Sharing • Security classification • Policy audit Process of Data Management
Domain Expert – Function consultant/ ICT • Information architect • Data steward • Data Analyst • Business Analyst Roles/ Competencies Involved
Q& A Nasumba Kizito Kwatukha CPA,CIA, CISA,CFE,CISSP,CRMA,CISM,DIP-IIK Director : Risk-com Ltd Q & A