Podcast
Questions and Answers
What is the primary responsibility of the ERM Function in NNPC Limited and its subsidiaries?
What is the primary responsibility of the ERM Function in NNPC Limited and its subsidiaries?
What is the purpose of the ERM Function in engaging process owners?
What is the purpose of the ERM Function in engaging process owners?
What is the role of the ERM Function in risk assessment and prioritization?
What is the role of the ERM Function in risk assessment and prioritization?
What is the purpose of the ERM Function in consulting with process owners?
What is the purpose of the ERM Function in consulting with process owners?
Signup and view all the answers
What is the outcome of the ERM Function's periodic facilitation and validation of risk and control self-assessments?
What is the outcome of the ERM Function's periodic facilitation and validation of risk and control self-assessments?
Signup and view all the answers
What is the purpose of the ERM Function's periodic monitoring and reporting on risk management?
What is the purpose of the ERM Function's periodic monitoring and reporting on risk management?
Signup and view all the answers
What is the role of the ERM Function in the risk management process?
What is the role of the ERM Function in the risk management process?
Signup and view all the answers
What is the outcome of the ERM Function's efforts to foster a corporate risk culture?
What is the outcome of the ERM Function's efforts to foster a corporate risk culture?
Signup and view all the answers
What is one of the responsibilities of the GRC Function in terms of staff development?
What is one of the responsibilities of the GRC Function in terms of staff development?
Signup and view all the answers
What is the purpose of the GRC Function's periodic reviews of documents?
What is the purpose of the GRC Function's periodic reviews of documents?
Signup and view all the answers
Who does the GRC Function recommend training for?
Who does the GRC Function recommend training for?
Signup and view all the answers
What is one of the responsibilities of the GRC Function in terms of reporting?
What is one of the responsibilities of the GRC Function in terms of reporting?
Signup and view all the answers
What is the purpose of the GRC Function's research into emerging best practices?
What is the purpose of the GRC Function's research into emerging best practices?
Signup and view all the answers
What is one of the responsibilities of the GRC Function in terms of staff resourcing?
What is one of the responsibilities of the GRC Function in terms of staff resourcing?
Signup and view all the answers
What is the purpose of the GRC Function's development of SMART performance metrics?
What is the purpose of the GRC Function's development of SMART performance metrics?
Signup and view all the answers
What is one of the responsibilities of the GRC Function in terms of coordination?
What is one of the responsibilities of the GRC Function in terms of coordination?
Signup and view all the answers
What is the mission of the QA Unit in NNPC Limited?
What is the mission of the QA Unit in NNPC Limited?
Signup and view all the answers
What is the scope of the QA Unit?
What is the scope of the QA Unit?
Signup and view all the answers
Who does the Quality Assurance Manager report to?
Who does the Quality Assurance Manager report to?
Signup and view all the answers
What is one of the responsibilities of the Quality Assurance Manager?
What is one of the responsibilities of the Quality Assurance Manager?
Signup and view all the answers
What is the objective of the Quality Assurance Processes and Procedures?
What is the objective of the Quality Assurance Processes and Procedures?
Signup and view all the answers
What is the responsibility of the Quality Assurance Manager regarding the database system?
What is the responsibility of the Quality Assurance Manager regarding the database system?
Signup and view all the answers
What is the role of the Quality Assurance Manager in the GRC Function?
What is the role of the Quality Assurance Manager in the GRC Function?
Signup and view all the answers
What is the organizational hierarchy of the Quality Assurance Function?
What is the organizational hierarchy of the Quality Assurance Function?
Signup and view all the answers
How often will the external assessor collaborate with the GRC Function within NNPC?
How often will the external assessor collaborate with the GRC Function within NNPC?
Signup and view all the answers
Who is responsible for monitoring the GRC Function's Key Performance Indicators (KPI)?
Who is responsible for monitoring the GRC Function's Key Performance Indicators (KPI)?
Signup and view all the answers
What is included in the 'People' category of KPIs?
What is included in the 'People' category of KPIs?
Signup and view all the answers
How often will the KPIs be reported to GRC leadership?
How often will the KPIs be reported to GRC leadership?
Signup and view all the answers
What is the purpose of the KPIs in the 'Processes' category?
What is the purpose of the KPIs in the 'Processes' category?
Signup and view all the answers
What is the minimum number of GRC staff rotated into the business in one year, as per the KPIs?
What is the minimum number of GRC staff rotated into the business in one year, as per the KPIs?
Signup and view all the answers
What is the purpose of the external assessor in the GRC Function?
What is the purpose of the external assessor in the GRC Function?
Signup and view all the answers
What is included in the 'Processes' category of KPIs?
What is included in the 'Processes' category of KPIs?
Signup and view all the answers
What is considered in the annual self-assessment by the QA Unit?
What is considered in the annual self-assessment by the QA Unit?
Signup and view all the answers
Who is involved in the customer satisfaction survey?
Who is involved in the customer satisfaction survey?
Signup and view all the answers
What is the purpose of the QA plan?
What is the purpose of the QA plan?
Signup and view all the answers
How often does the QA team present the consolidated report(s) from ongoing internal assessments?
How often does the QA team present the consolidated report(s) from ongoing internal assessments?
Signup and view all the answers
What is the minimum number of GRC engagement reviews selected for quality assurance in each calendar year?
What is the minimum number of GRC engagement reviews selected for quality assurance in each calendar year?
Signup and view all the answers
What is the purpose of consolidating the report(s) from ongoing internal assessments?
What is the purpose of consolidating the report(s) from ongoing internal assessments?
Signup and view all the answers
What is the alternative to conducting a customer satisfaction survey?
What is the alternative to conducting a customer satisfaction survey?
Signup and view all the answers
What is the role of the QA Unit in developing the QA plan?
What is the role of the QA Unit in developing the QA plan?
Signup and view all the answers
Study Notes
Second Line of Defence – Risk Oversight
- The ERM Function at NNPC Limited and its subsidiaries performs various risk management activities, including:
- Periodic scans of the operating environment for emerging risks
- Developing and implementing tools and templates to embed ERM
- Maintaining and monitoring the risk inventory by engaging process owners
- Fostering a corporate risk culture through training and serving as an internal ambassador
- Facilitating risk assessment and prioritization by management
ERM Processes and Procedures
- The ERM Function is responsible for:
- Coordinating and reviewing risk input from risk owners
- Identifying and proposing key risk indicators, threshold limits, and mitigating strategies
- Periodically facilitating and validating risk and control self-assessments
- Monitoring and reporting on risk management to the BAC and Management Risk Committees
GRC Function
- The GRC Function is responsible for:
- Coordinating budgeting and financial administrative activities
- Overseeing the resourcing of staff, including job rotation and management development programs
- Developing SMART performance metrics to drive and improve the effectiveness and efficiency of the Function
- Coordinating the development of standardized policies, procedures, and manuals
Quality Assurance Processes and Procedures
- The Mission of the QA Unit is to provide assurance that all GRC activities have been conducted in accordance with standard practices across NNPC Limited and its subsidiaries.
- The QA Unit shall support the management of the GRC Function to coordinate quality assurance activities.
- The QA Unit shall cover NNPC Limited and its subsidiaries.
Structure of the QA Unit
- The QA Unit reports to the Head of Global Compliance and ultimately to the Chief Compliance Officer.
- The Quality Assurance Manager is responsible for implementing and monitoring compliance with the internal quality management system.
Objective and Policy
- The objective is to consolidate and standardize the tasks and responsibilities to ensure effective execution of QA reviews in line with standards and stakeholder expectations.
- The QA Unit shall collaborate with an external assessor every three years to assess the GRC Function within NNPC Limited.
Key Performance Indicators (KPIs)
- The QA Unit shall be responsible for monitoring the KPIs for the GRC Function, which include:
- Staff satisfaction, retention, and quality of development
- Percentage of certified staff
- Training cost as a percentage of GRC budget
- Minimum training hours per GRC staff
- Minimum number of GRC staff rotated into the business in one year
- Minimum number of process owners rotated into GRC in one year
- The QA Unit shall report the KPIs to GRC leadership annually.
QA Planning and Resourcing Strategy
- The QA Unit shall develop an annual plan for ongoing internal assessments and define the approximate resources and strategy necessary to accomplish the scope.
- The QA plan shall ensure that at least one GRC engagement review from each subsidiary and one GRC engagement within each division at NNPC Limited is selected for quality assurance in each calendar year.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
This quiz is about the risk oversight function of NNPC Limited and its subsidiaries, including risk management activities such as identifying emerging risks, implementing ERM tools, and maintaining a risk inventory. It covers the Enterprise Risk Management (ERM) function at NNPC Limited.