CHAPTER 13 - FUNCTIONS OF RISK MANAGEMENT COMMITTEES
24. Functions of the Risk Management Committee
(1) The Risk Management Committee is appointed by the Accounting Officer to assist in the discharge of their responsibilities for risk management.
(2) The membership of the Risk Management Committee should comprise both management and external members with the necessary blend of skills, competencies and attributes, including the following critical aspects:
a) an intimate understanding of the Institution’s mandate and operations;
b) the ability to act independently and objectively in the interest of the Institution, and
c) a deep understanding of risk management principles and their application.
(3) The chairperson of the Risk Management Committee should be an independent external person, appointed by the Accounting Officer.
(4) The responsibilities of the Risk Management Committee should be formally defined in a charter approved by the Accounting Officer.
(5) In discharging its governance responsibilities relating to risk management, the Risk Management Committee should:
a) review and recommend for the Approval of the Accounting Officer, the:
(i) risk management policy;
(ii) risk management strategy and implementation plan, and
(iii) risk appetite framework.
b) evaluate the extent and effectiveness of integration of the risk management framework within the Institution;
c) evaluate the effectiveness of the mitigating strategies implemented to address the priority risks of the Institution;
d) review the material findings and recommendations by assurance providers on the system of risk management and monitor the implementation of such recommendations;
e) develop key performance indicators for its own performance for approval by the Accounting Officer;
f) collaborate with the Audit Committee on all matters concerning risks and risk management, and
g) provide timely and useful reports to the Accounting Officer and Audit Committee on the state of risk management, together with recommendations to address any deficiencies identified.
(6) In instances where the scale, complexity and geographical dispersion of the Institution’s activities dictate the need for the Risk Management Committee to work through sub-committees, the Risk Management Committee should ensure that:
a) approval is obtained from the Council for the establishment of the sub-committees;
b) the terms of reference of the sub-committees are aligned to that of the Risk Management Committee, and
c) the Risk Management Committee exercises control over the functioning of the sub-committees.