Desktop version

Home arrow Management


In 2003 the Office of the City Auditor (OCA) and Administration jointly created an ERM framework, the Corporate Business Risk Planning (CBRP) model. Using input from several city departments as well as external subject matter experts, the CBRP model was based on the Committee of Sponsoring Organizations (COSO) risk management framework, with modifications to allow for weighting of risks at multiple levels of management. The Conference Board of Canada requested permission to use parts of the framework, in particular the Risk Management Assessment Framework tool. CBRP was presented to senior leadership in 2005 and piloted but not fully implemented; it is believed that Edmonton was not yet ready to undertake the discipline at that time.

City Auditor's Report

In a 2005 audit report,[1] the city auditor reported to the City Council's Audit Committee that:

• Known risks were being managed reasonably well.

• Risks that are strategic in nature were not clearly identified.

• ERM results were not consistently incorporated into business plans.

Administration Response to City Auditor's Report

Following the 2005 city auditor's report, several steps were undertaken to address the issues raised in the report:

• The chief financial officer was appointed sponsor for the ERM program.

• ERM governance was added to the responsibilities of the City Council's Audit Committee, which consists of the mayor, four city councillors, and two members of the public.

• In 2011 a Program Manager and an ERM Working Committee, made up of subject matter experts from throughout the Administration, were appointed to advise on a framework for strategic risk. At this point the 2005 city auditor's report was closed.


• An ERM Program Manager was hired in 2012 to assist the Program Manager. In addition, oversight of the ERM framework selection process was passed to the Transforming Edmonton Committee (TEC), comprised of senior leaders responsible for the goals within the strategic plan (The Way Ahead), and from the ERM Working Committee, although the entire ERM Working Committee was kept abreast of developments.

  • [1] City Auditor Report, "ERM Corporate Business Risk Planning," August 25, 2005.
  • [2] Ibid.
< Prev   CONTENTS   Next >

Related topics