BELRIM Newsletter February 2014
Table of content
- People on Board: our President
- Cloud Computing: Revolution or Nightmare
- Ladies Mind Risk
- Crisis Management
- Closed Exchange – Enterprise Risk Management
- New Effective Member
- New Affiliated Member
- Belgian Cyber Risks Security Guide
- Risk Manager Framework
- COSO Internal Control
People on Board: our President
Gaëtan Lefèvre, President BELRIM
Group Risk & Insurance Manager Cockerill Maintenance & Ingéniérie
Gaëtan Lefèvre joined BELRIM in 1999, first as the representative of InBev where he worked as Risk & Insurance Manager until 2007. He then joined CMI. In 2008 he became a BELRIM board member and three years ago Gaëtan followed Marc Mathijsen as BELRIM’s president.
Under Gaëtan’s presidency BELRIM got a strong, new impulse. As a born leader with a charismatic personality and a legendary taste for good food and wine, he decided to make sure that the monthly exchanges of the association would not only be top class seminars but also first rate networking opportunities. The growing number of attendees can vouch for this.
The flow chart you can download here shows how the board was reorganized by giving each director specific tasks within the association. At the moment, a particular focus lies on its newly established Scientific Committee which is building a bridge with the academic world in order to disseminate Risk Management know-how and techniques to the younger generation and to promote the FERMA/BELRIM Prize to students.
Last year, the BELRIM website got a complete make-over and today the first digital newsletter is launched in an effort to increase the association’s visibility within its member community and beyond.
Contacts with neighbouring risk management associations have been increased and NARIM and AMRAE have joined forces with BELRIM in setting up common activities.
Gaëtan is looking forward to steering the association to the end-of-year celebration of its 40th anniversary and counts on every single member to play an active role in BELRIM’s success story.
Cloud Computing: Revolution or Nightmare
Thursday, 20 March 2014
Fluxys, Kunstlaan/Avenue des Arts 31 1040 Brussel / Bruxelles
We’re living in a virtual world, with all our data in the cloud. This implies new risks and unknown scenarios. A hot topic which we will unravel by introducing the concept, looking at the legal aspects, presenting a procedure to start with cloud computing and, finally, by sharing experiences. The panel will consist of representatives of Microsoft, DLA Piper, PWC, KBC and Belgacom. A Q&A session will allow input from the audience.
Ladies Mind Risk
Tuesday, 16 January 2014
Euroclear, Brussels
Diversity is hot these days and BELRIM couldn’t lag behind on this topic.
A Ladies Mind Risk Event was organized on January 16, 2014 at the EUROCLEAR offices in Brussels. Catherine Van Cauwelaert (EUROCLEAR) and Sabine Desantoine (ING) were the driving forces behind this event.
Lieve Mostrey, Executive Director and Chief Technology and Services Officer of EUROCLEAR was the keynote speaker. She gave an interactive presentation of her personal views and 30 years of experience on diversity in general and on gender diversity in particular and some tips for women on how to move up the corporate ladder:
1. Make sure you are noticed. Be aware of your attitude and your looks. Be seen and heard. Speak up in meetings.
2. Ban perfectionism from your values. It is a threat for ladies and makes you vulnerable for criticism. Don’t care about criticism. Don’t try to be liked by everyone. Take your public relations in your own hands. Don’t be ashamed to say “I have achieved this” instead of “Our team has achieved this.”
3. Look at your career as a long term project (it could be 42 years). Look at the capitalized view. Don’t lose out when you have young children. Manage your career. Don’t sit and wait until you are rewarded.
4. Be yourself, remain authentic.
Lieve underlined that gender is only one aspect of diversity. Culture is another aspect. A culture that valorizes diversity is needed to make wise decisions and that is the core of risk management.
Read more here. A photo gallery is available on our website.
Crisis Management
Thursday, 30 January, 2014
Solvay, Brussels
“There cannot be a crisis today. My agenda is already full” said Henri Kissinger And what about our Risk and Insurance Managers?
Just over 40 BELRIM members wanted to put their knowledge on crisis management to the test and attended the exchange/workshop organized by Sonia Cambier (SOLVAY) and Catherine Van Cauwelaert (EUROCLEAR).
After a well-structured overview of both companies’ crisis plans the attendees were invited to take part in a role play on how to cope with a fictitious crisis.
It was an interesting exercise where human and business aspects had to be carefully taken into account, where the importance of efficient internal and external communication was underlined, evidencing that crisis management is about teamwork and meticulous preparation, empathy and word choice, creating and respecting guidelines and lots and lots of practice. As BELRIM’s president stated: to be prepared at all times for all kinds of situations is the key factor here.
After the roundup, Solvay who hosted the event, invited everyone to a networking drink.
A photo gallery is available on our website.
Closed Exchange – Enterprise Risk Management
Thursday, 20 February, 2014
AGC Glass Europe, Louvain-la-Neuve
45 risk managers gathered at the new offices of AGC Glass Europe for the closed exchange on ERM.
The object of the exchange was to share experiences on the implementation of ERM in our member companies.
Jean-Marie Schollaert (UCB) and Malou Gossez (AGC) were the moderators of the event. Moreover, a panel of guest speakers were invited to keep the debate going. Catherine Van Doorslaer and Roland Flahou (ING), Patrick Claude (ARCELOR MITTAL), Xavier Potier (PWC) and Eric Thonnard (BELGACOM) gave their points of view and challenged the audience.
Several questions were put to the test to evaluate both the importance of and the effectiveness within the companies of the ERM Framework, covering Risk Management Objectives, Risk Appetite, Policies and Procedures, Roles and Responsibilities, Risk Language, Embedding in the Workflow, Risk Management Culture, Risk Management Training, Risk Identification etc. An electronic polling system guaranteed the interactivity of the session.
The comparison of both results for each question instigated a lively debate, sometimes indicating important differences linked to the sector of industry or services of the voting members. (More details on the polling results to follow soon.)
One can safely draw the conclusion that Enterprise Risk Management is slowly but surely gaining interest and quality.
BELRIM believes it can play a decisive role in spreading ERM among its members.
A photo gallery is available on our site.
New Effective Member
Ministry of Defence
Major Luc Smeets
Major (Air Force) Luc Smeets is working within the office of the Chief of Defence. As deputy of the director of staff, he handles all matters to improve the internal control maturity of the Belgian Defence.
His previous assignments within the Belgian Defence :
– Flight commander of the Engine shop of the 2 Wing Tac in Florennes
– Flight commander of the Flight in charge with the preventive maintenance of the F-16 aircraft of the 2 Wing Tac in Florennes
– Program manager of the engine and start system of the F-16 in Evere
– Belgian Country representative within the Multi-National Fighter Program F-16 in Oklahoma (USA)
– Process and Financial manager of the sub section Helicopters in Evere
– Squadron Leader of the Squadron Line and Armaments of the 2 Wing Tac in Florennes
– System manager of the sub section Training Aircraft (Alpha Jet, Marchetti and Piper Cup) and Unmanned Aircraft Systems in Evere
– Senior Auditor within the Internal Audit of the Belgian Defense in Evere
Luc has a master in engineering from the Royal Military Academy, a licentiate degree in Safety, Health and Environment from the UCL and is a Certified Internal Auditor.
BELRIM expectations
As underlined by INTOSAI “(…) Internal control is a dynamic integral process that is continuously adapting to the changes an organization is facing. Management and personnel at all levels have to be involved in this process to address risks and to provide reasonable assurance of the achievement of the entity’s mission and general objectives (…) Whatever the mission may be, its achievement will face all kinds of risks. The task of management is to identify and respond to these risks in order to maximize the likelihood of achieving the entity’s mission. (…)”. Being part of the Belgian Risk Management Association is a clear statement of the organization to use all means, resources, expertise available to fulfill the tasks related with risk assessment and risk management in order to provide the Chief of Defence with a reasonable assurance of the achievement of the mission and the general objectives
New Affiliated Member
Jan Van Rooy
Van Ameyde
Jan Van Rooy started his career in the Insurance industry, working for different international insurers in Belgium, for one of the Telecom operators and also for a service provider in insurance related matters (national and international missions).
He built up a large experience in managing Operational departments, focusing on quality of service improvements along with important efficiency gains.
Challenging missions in that area are the red line in his career: He calls himself more a “builder and organiser” then a functionary. As people are the corner stone of a well-functioning operation, open communication, clear job and role definition, well followed-up performance management and coaching are well known and practised skills. Process management, change management, project management, business development and business /budget planning have no secrets for him.
Belgian Cyber Risks Security Guide
Clarity on cyber risks
A new Belgian guide to cyber risks designed for entrepreneurs will help risk managers communicate the enterprise wide issues involved to senior managers. The guide is the work of a small team of experts with guidance from the Secretary General of the International Chamber of Commerce, Rudi Thomaes.
BELRIM board member Sabine Desantoine comments, “BELRIM knows that cyber risks are high on the list of top risks for Belgian risk managers (and in any country actually), as data is key to any organisation and business, and we have been active in alerting members on the subject. The guide is indeed interesting and has been prepared by some important experts in the cyber risks domain.”
One of the authors of the guide is Marc Vael, chief auditor at the non-profit IT company SMALS and a member of the Belgian IT security professionals industry body ISACA. He describes it as “a guide written by experts but challenged by entrepreneurs.”
During the course of creating the guide over several months in 2013, Rudi Thomaes acted as a sounding board for the technical experts who came from leading companies and organisations in the sector. Says Marc, “Sometimes we are a bit biased toward technology. He wanted something that an entrepreneur could understand and we wanted them to read beyond page one.”
The absence of technical jargon is evidence of the approach the team took. “I think Mr Thomaes finally allowed us to keep the word ‘malware’. We persuaded him that business people would know what it means.”
The report contains top 10 security principles, top 10 must do security actions, a self-assessment questionnaire and security case studies. It is available free to download here.
FERMA President Julia Graham, who is FERMA’s spokesman on cyber risks, said: “We are drawing members’ attention to The Belgian Cyber Security Guide because it addresses cyber risks as an enterprise issue and is written in clear language. It does not set out to make us all experts but provides the risk manager with some comfort about the subject.
“The pace of change in cyber security risk is exceeding the ability of most organisations to keep up with managing it and so the risk gap is widening. There is a general lack of confidence in the subject at the boardroom table and with some risk managers. Guides like this help us start to move the subject out of the IT department and into the enterprise level where it belongs.”
Risk Manager Framework
For the first time, the AMRAE, the French association for Risk Managers, has defined the framework for the position of Risk Manager: Activities, Tasks, Skills.
A Professional Reference Tool: with what objectives?
Right from now, this Reference Tool constitutes an essential point of reference within companies
For Risk Managers: By defining the very concepts of Risk Management and Risk Manager, the Reference Tool enables Risk Managers to enhance recognition of their position and legitimise their action in coordinating the overall risk management process vis-à-vis their General Management and all other stakeholders.
For General Management: By setting out the outlines and the contents of the position, the Reference Tool enables members of General Management to grasp the added value of the Risk Manager and the potential interactions with other positions within the company.
For Board Members: By carrying on the work undertaken towards clarification of the missions of each party (see the position put forward by the AMRAE / IFACI), the Reference Tool enables proper identification of the actors in charge both of the implementation of the coordination, and of the effectiveness of the risk management arrangements.
For Human Resources and Training Departments: By setting out a reference framework for activities, broken down into tasks and requirements linked to the expected skills and qualities, the reference tool facilitates the hiring, performance assessment and evolution of the Risk Manager (skill- and career-management).
For other positions and their Professional Associations: By clarifying the respective responsibilities and missions, the Reference Tool encourages the implementation and fostering of the necessary contacts and interactions for the implementation of the risk control process.
Download the document here.
COSO Internal Control
Integrated Framework (2013)
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) recently released its updated Internal Control – Integrated Framework (2013 Framework).
The changes made to update the 1992 Framework are evolutionary, not revolutionary. The 2013 Framework takes into account changes in the business environment and operations over the last 20 years. The 2013 Framework retains the definition of internal control and the COSO cube, including the five components of internal control: Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities.
Download the entire document here.