Escolar Documentos
Profissional Documentos
Cultura Documentos
TNB EWRM
Outline of Presentation
Introduction
GWRA Process
Issues discussed at GRMC
Q&A
Introduction
Regulatory Requirement
Risk
identification Terminate
TNB Risk
Information Reduce
Risk
measurement System (TRIS) Mitigation
Plan Accept
(Monitoring
Risk control system) Pass on
Risk profiling
Management
Reporting of Response
information
‘Portfolio of key risks’
Guideline Principal
Risk Advisory
To represent the department at the TNB EWRM forum and TNB
Group risk management committee meetings (if required);
To keep abreast with new developments in EWRM and
Acting as a focal point for all EWRM support and advice within their
respective departments.
Roles & Responsibilities - Risk Managers &
Risk Coordinators
Risk Communication
Communicating the enterprise wide risk management strategies,
policies and processes to all management and staff within the
operating division; and
Engaging in dialogue and discussion with management and staff
within the operating Division.
Roles & Responsibilities - TNB Management
2
Risk
Identification Identify Risk Determine Causes Determine Impact
3
Risk Assessment
Controls
Determine Control
Identification Identify Controls Effectiveness
Weak
Existing Some Weaknesses
Proposed Satisfactory
4
Risk
Determine Residual Determine Gross Determine Residual Generate Risk
Rating Profile
Likelihood & Impact Likelihood & Impact & Gross Risk Rating
5
Risk
Determine Risk Develop Mitigation
Treatment Plan
Treatment
Post Risk Assessment
6
Risk
Reporting & Monitor Risk Profile Prepare Risk
Review Risk Profile
Monitoring Assessment Report
Revised Group-Wide Risk Assessment Process
1
Business
Determine Risk
Assessment
2
Risk
Identification Identify Risk Determine Causes Determine Impact
3
Risk Assessment
Controls
Determine Control
Identification Identify Controls Effectiveness
Weak
Existing Some Weaknesses
Proposed Satisfactory
4
Risk
Determine Residual Determine Gross Determine Residual Generate Risk
Rating Profile
Likelihood & Impact Likelihood & Impact & Gross Risk Rating
5
Risk
Determine Risk Develop Mitigation
Treatment Plan
Treatment
Post Risk Assessment
6
Risk
Reporting & Monitor Risk Profile Prepare Risk
Review Risk Profile
Monitoring Assessment Report
Define Entity Level Business Model (ELBM)
EXTERNAL BUSINESS DRIVERS AND STAKEHOLDERS
Overseas:
Overseas:
- Generation Resource Management Processes
Core
Markets Business Processes Alliances / Customers
Products/
Suppliers
Services
Prepare Business Process Analysis - Template
Business Process Analysis – Template (cont’d)
Business Process Analysis – Template (cont’d)
Revised Group-Wide Risk Assessment Process
1
Business
Determine Risk
Assessment
2
Risk
Identification Identify Risk Determine Causes Determine Impact
3
Risk Assessment
Controls
Determine Control
Identification Identify Controls Effectiveness
Weak
Existing Some Weaknesses
Proposed Satisfactory
4
Risk
Determine Residual Determine Gross Determine Residual Generate Risk
Rating Profile
Likelihood & Impact Likelihood & Impact & Gross Risk Rating
5
Risk
Determine Risk Develop Mitigation
Treatment Plan
Treatment
Post Risk Assessment
6
Risk
Reporting & Monitor Risk Profile Prepare Risk
Review Risk Profile
Monitoring Assessment Report
Risk Categories
Compliance Integrity
RISKS
Information Operational
Human
Financial
Resource
Broad Risk Categories
No. Broad Risk Sub Broad Risk
Uncompetitive remuneration
Poaching by competitors
Poor training and development
Perceived end of career opportunities
Determine impact
Business interruption
Loss of morale
Damage to reputation
Revised Group-Wide Risk Assessment Process
1
Business
Determine Risk
Assessment
2
Risk
Identification Identify Risk Determine Causes Determine Impact
3
Risk Assessment
Controls
Determine Control
Identification Identify Controls Effectiveness
Weak
Existing Some Weaknesses
Proposed Satisfactory
4
Risk
Determine Residual Determine Gross Determine Residual Generate Risk
Rating Profile
Likelihood & Impact Likelihood & Impact & Gross Risk Rating
5
Risk
Determine Risk Develop Mitigation
Treatment Plan
Treatment
Post Risk Assessment
6
Risk
Reporting & Monitor Risk Profile Prepare Risk
Review Risk Profile
Monitoring Assessment Report
Identify controls
2
Risk
Identification Identify Risk Determine Causes Determine Impact
3
Risk Assessment
Controls
Determine Control
Identification Identify Controls Effectiveness
Weak
Existing Some Weaknesses
Proposed Satisfactory
4
Risk
Determine Residual Determine Gross Determine Residual Generate Risk
Rating Profile
Likelihood & Impact Likelihood & Impact & Gross Risk Rating
5
Risk
Determine Risk Develop Mitigation
Treatment Plan
Treatment
Post Risk Assessment
6
Risk
Reporting & Monitor Risk Profile Prepare Risk
Review Risk Profile
Monitoring Assessment Report
Determine Likelihood
Likelihood of
Occurrence
Almost S S H H H
certain
Likely M S S H H
Moderate L M S H H
Unlikely L L M S H
Rare L L M S S
Magnitude of Impact
Generate Risk Profile
Illustrative residual risk profile Tenaga Nasional Berhad
Failure of
Increase in Ineffective
business
Likely theft of manpower
ventures
Dependence electricity planning
on gas-fired
plants
Likelihood
Credit
risk
Lack of
performance-
based culture Loss of
Unlikely key personnel High
Significant
Loss of Moderate
assets
Low
Rare
Magnitude of Impact
Revised Group-Wide Risk Assessment Process
1
Business
Determine Risk
Assessment
2
Risk
Identification Identify Risk Determine Causes Determine Impact
3
Risk Assessment
Controls
Determine Control
Identification Identify Controls Effectiveness
Weak
Existing Some Weaknesses
Proposed Satisfactory
4
Risk
Determine Residual Determine Gross Determine Residual Generate Risk
Rating Profile
Likelihood & Impact Likelihood & Impact & Gross Risk Rating
5
Risk
Determine Risk Develop Mitigation
Treatment Plan
Treatment
Post Risk Assessment
6
Risk
Reporting & Monitor Risk Profile Prepare Risk
Review Risk Profile
Monitoring Assessment Report
TNB Risk Treatment Strategy
Ri
s k Risk Treatment Options
pr
of
il e
Terminate
Reduce
Management
Risk action
appetite
Accept
Pass-on
Risk treatment option – “Terminate”
Determine policy
Update
Clarify performance
accountabilities contracts
Task Focus
Owners Identify the personnel to undertake the
mitigation plans
2
Risk
Identification Identify Risk Determine Causes Determine Impact
3
Risk Assessment
Controls
Determine Control
Identification Identify Controls Effectiveness
Weak
Existing Some Weaknesses
Proposed Satisfactory
4
Risk
Determine Residual Determine Gross Determine Residual Generate Risk
Rating Profile
Likelihood & Impact Likelihood & Impact & Gross Risk Rating
5
Risk
Determine Risk Develop Mitigation
Treatment Plan
Treatment
Post Risk Assessment
6
Risk
Reporting & Monitor Risk Profile Prepare Risk
Review Risk Profile
Monitoring Assessment Report
Risk Monitoring & Review