Public sector risk

management
(THEORIES AND
PRACTICES)

www.irmtz.org
 WHAT WILL YOU LEARN AT THIS
SEMINAR?
Introduction of Public sector Risk Management
Benefits of implementing Public Sector Risk
Management.
Overview of Public Sector Risk Management
IR guidelines.(Tanzania perspective view)
M
T Common Challenges in implementing ERM in public
Sector
Multiple view of public and private sector risk
management
 Introduction

What is the public sector Risk Management?

Concept of PSR is new in Africa with RSA and Ghana leading the fore front of the
same..
Risk management has been growing in all sectors of the economy. In the 1980s, banks
began to appoint CROs in earnest

In 1990s, insurance companies followed suit. Today, public-sector agencies are

beginning to formalize risk-management departments and appoint CROs.
IR These actions stem from the realization that the discipline of risk management can help
M the government make better use of taxpayer funds and more thoroughly evaluate the
T risks and rewards of government policies, to the benefit of us all.
In the year 2010, the Government of the United Republic of Tanzania amended the
Public Finance Act (2001) by establishing the Internal Auditor Generals Division
(IAGD).

One of the key responsibilities of the IAGD is to undertake continuous audit of risk
management.
 Introduction
As the Government seeks to fulfill its purpose of
safeguarding the freedom and well-being of its
citizens, it operates in a world nervous with risk.

Government departments and agencies face

IR enormous risks every day, and the role of most
M
T
government institutions is implicitly or explicitly
rooted in managing risks that the private sector is
either not equipped or not willing to take.
 Why managing risks in public sector?
Shrinking budgets
Staff issues
New regulations
Increased demand for
IR service
M
T Climate change
Technology advancement
Population growth
Higher quality standards
 TANZANIA GOVERNMENT DEBT RISK
TANZANIA'S national debt is forecast to reach alarmingly high levels
by end of December 2016, especially considering that there is
number of increasing borrowings and the October 2015 election.

BOT reported External debt stock as at the end of December 2014,

IR amounted to USD 14,126.8 million, an increase of USD 436.4 million
M from the amount recorded at the end of November 2014. The level
T was equivalent to TZS 30 trillion reported in July 2014.

The IMF conservatives estimates debt to increase up to TZS 33.8

trillion to mid-2016 and TZS 42 trillion by 2017/2018 caused by failure
to generate more revenue and increase public spending.
 GOVT DEBT-CONTD

IR
M
T
 GOVERNMENT DEBT PROJECTIONS

IR
M
T
IR
M
T
 PUBLIC SECTOR RISK MANAGEMENT
IN PRACTICE
Government need to put in place strategy to mitigate risks
associated with the short term and long term planning.
To design guidelines to all public entities and have
implemented.

IR
M Case study.
T
 LESSON LEARNED

a) How the Government build confidence in public debt?

b) Cost cutting strategy in Tanzania environment is investment
potential?
c) How government can manage risks and strategies in years to
IR come?
M
T d) Is PPP necessary for economic growth in risk perspective?
e) What is your comments on risk maturity to Tanzania
environment basing on the tone at the top in managing risk or
crisis via existing Internal control
 Who is accountable in PSO RM?
PS Treasury
Ensuring effective application of risk management process,
procedures and practices in all PSO in Tanzania
Internal Auditor General
Championing RM across PSO
IR
M Issuing guidelines and directives on PSO RM
T Technical support
Conducting reviews and assessment on quality and
effectiveness of RM in PSO
Governing Boards/Councils
Providing direction, guidance and oversight across PSO
 Who is accountable in PSO RM?
Governing Boards/Councils
Approving RM documentation (RM Policy, Plans, structure,
procedures and risk registers)
Setting standards of behavior, tone at the top and effective
IR
performance management systems
M Monitoring the management of high and significant risks
T
Ensuring risks with lower rating are managed with appropriate
controls in place and effective reporting structures
Approving major decisions on risk profile and exposure
 Who is accountable in PSO RM?

Accounting Officer
Oversee the development and implementation of RMF to align
operations, structure and context
IR Setting appropriate tone for RM
M Design, implement and enhance RMF
T
Delegate responsibility of RM to internal formalities so as to
align with PSO Structure, processes, culture and context.
Ensure appropriate action in respect of recommendations of
audit committee, internal audit and external audit with regards
to issues of RM
Providing assurance to stakeholders on RM
 Who is accountable in PSO RM?
CAG
Providing independent assurance on RMF (policy, strategy and
implementation plan)
Assess the adequacy of implementation of RMF
IR Review risk identification process
M Review the assessment process
T
Review the mitigation plans and their implementation
 Public Sector Risk Management
Guidelines
The issued in December, 2012
Covers four main areas
Introduction, purpose and Scope (Definition of risk, risk
management and Risk Management Framework)
Governments Policy Statement and Implementation
IR
requirements
M Risk Management Guidelines (How to develop, implement,
T report, monitor and evaluate risk management framework)
Toolkit
The guideline is not a framework neither a standard or
ready made tool, it provides only structured approach to
development of own framework for RM
 Guidelines for PS RM
First part is dedicated to various definitions of Risk,
Management of broad subject such as accounting officer,
audit committee, control, impact, likelihood, inherent risk,
public sector organization etc
Who is PSO
IR
M All Tanzania PSO such as Parastatals, Public Corporation,
T Regulatory Authorities, GBE, Regional Secretariats, Local
Government Authorities etc
 Part 1- Introduction, Purpose and
Scope
Risk is a possibility of an event occurring that will have an
impact on the achievement of objectives. Risk is measured
in terms of impact and likelihood
Risk Management is the process of identifying, assessing,
IR managing, and controlling potential events or situations to
M
T
provide reasonable assurance regarding the achievement of
organizational objectives.
Benefits of Managing risks are explained.
 Introduction
Risk Management framework
Is a set of components that provide the foundations and
organizational arrangements for designing, implementing,
monitoring, reviewing and continually improving risk
management throughout the organization.
IR Why Risk Management framework
M Assist an organization to manage its risk effectively through
T application of risk management process at varying levels and
within specific context of the organization
What are the components of RMF (Risk Management Policy,
Risk Governance Structure and procedures supporting risk
management process)
 Purpose of the Guidelines
Providing practical guidance to PSO in
Developing
Implementing and
Enhancing their own RMF

IR
M It provides a framework for continuous journey of
T improvement no matter of maturity level (Nave, Risk
aware, Risk defined, Risk Managed and Risk Enabled)
 Purpose of the Guidelines
Communication of the Government direction on ERM
Sensitization tool for Accounting Officer, staff and
management
Provides steps for development of customized risk
management framework
IR
M Provides benchmarking criteria for evaluating the
T Institutional RMF
Help in development of risk management culture and
practices
Assist internal auditors in providing an independent
assurance
 Risk Management Policy Statement
The government of Tanzania recognizes that risk is inherent in each
objective of all PSO
It considers the management of risk as integral part of sound public
sector governance because it provides assurance to the achievement
of government objectives across different sector
This in turn leads to the effectiveness and efficiency in government
IR performance towards providing services to the citizens and
M increased public confidence
T Government is committed to ensuring that ERM is adopted,
implemented and enhanced across the PSO
Government takes an active role in providing and setting broad
guidance and support on the development, implementation and
enhancement of risk management practices across the Tanzanian
public sector
Government charges the accounting officers of all PSOs to adopt
and implement risk management practices in their organizations.
 Which model/standard to use?
PSO have different RM Maturity levels
Any international recognized risk management
standard is allowed
There include; COSO, ANZ 4360 or ISO 31000
IR
M No matter of the model adopted, it must meet the
T
basic requirements of the guidelines on Risk
Management in order to create uniformity in the
public sector.
 Minimum Standard for institutional
guidelines
RMF should have a policy, culture and structures to facilitate risk
management
Risk management process must be in line with international
standards such as ISO 31000 or COSO
Risk management process should be part of the strategic,
IR
operational and annual business planning activities of the
M organization
T Risk registers to record, rate, monitor and report risks should be
in place
There should be an established process for monitoring reviewing
and enhancing risk management and governance systems
There should be clearly defined roles and responsibilities of
various players in RM in PSO
 How to develop your RMF

What is RMF
a set of components that provide the foundations and
organizational arrangements for designing, implementing,
monitoring, reviewing and continually improving risk
IR management throughout the organization.
M
T
Components of RMF
Risk Strategy (Policy)
Risk architecture (or governance structure)
Risk protocols ( or procedures)
 How to develop your RMF

IR
M
T
 Steps in Developing RMF

Formation of risk management policy

Design the risk management governance
structure
Develop risk management procedures
IR
M Document the RMF
T
Getting top management approval and
sponsorship
Creating risk management awareness and getting
people buy in
 Risk Management Toolkit
Template 1: Indicative Risk Management roles and
responsibility
Template 2: Model Risk Management Governance
structure in Ministries and LGAs
IR Template 3: Sample Risk Management implementation
M plan
T
Template 5: List of common examples of risks
Template 6: Risk Identification and analysis sheet

Template 9: Format of risk management

 Common challenges in implementing
ERM in public sector
1) Inadequate risk awareness amongst Senior Management in
particular.
2) Weak Risk Management Framework
A more comprehensive framework is required to support
IR implementation within the broader public management and
M strategic planning spheres.
T
3) lack of capacity and resources to effectively ensure roll out
Effective implementation of measures is hampered by the
inability of institutions to provide persons at the operational pos
levels with the required back ground information, knowledge,
skills and work tools.
 CONTD
4) Frequent leadership changes and vacant leadership
positions

05) Limited risk culture and risk mind-set.

IR Government workers are usually motivated primarily by the mission of their

M organization, and they often have the perception that the government could bail out
T their program should a risk event occur. As such, risk management has historically
taken a back seat in decision making. In the rare occasions that risk analysis is
conducted, it is usually after the fact and done by outsiders such as the Office of the
Inspector General and the Government Accountability Office.
 CONTD

06) Inadequate budget to finance operationalization of

ERM in public sector
IR
M
T
 What does a Risk Management Policy &
IR
M
Framework help to achieve?
T
 CONTD

A systematic and consistent approach to considering risk and

opportunity integrated into all planning and business
activities.
IR
M
T Cultural change Reactive to Proactive to become
embedded into the departmental culture.
 DIFFERENCES BETWEEN PRIVATE
AND PUBLIC SECTOR
The principles governing risk management to all parties are the
same, regardless of either private or public sector.
There are some areas which indicates some differences such
as:
IR
M
T
a) Objectives of each part
b) Responsibility
c) How much risk to take
 View Of Public vs Private Sector Risk
Management

IR VIDEO CASE
M
T
 EQUIVALENCES BTN PRIVATE AND
PUBLIC SECTOR

IR
M
T
A decision that
does not involve risk
is probably not a
decision

THANK YOU FOR LISTENING

GOD BLESSYOU