Transcription
FY19 Enterprise Risk Management AssessmentBoard MeetingDecember 5, 2018
CPS Vision and Enterprise Risk Management AssessmentCPS’ Enterprise Risk Management Assessment, as directed by the Board and the CEO, facilitates the identification, measurement, and management of key risks CPSfaces in the course of carrying out its mission. The identification of these risks and key mitigating strategies help to protect our Beliefs and Core Principles.Mission: To provide a high quality public education for every child, in every neighborhood, that prepares each for success in college, career and civic life.Beliefs:Education Must Be HolisticHigh Academic Standards Are for All ChildrenAcademic Rigor Must be Coupled with SupportDiversity Must be CelebratedSchool Options Must Serve All Children WellCommitments:1. Academic Progress2. Financial StabilityCore Principles:Equity is a Moral Imperative3. IntegrityCollective ImpactStrong partnerships with trust earned throughtransparent engagement, allow Chicago’s collectiveexpertise to best support student successHigh Quality, Rigorous InstructionSetting high academic standards for all of our students buildsa strong foundation for a holistic educationTalented and Empowered EducatorsTalented teachers and administrators are a catalyst for student learningFinancial StabilityA “student first” budget builds a stronger financial futureSafety and SupportSafe and supportive schools create an environment for successfullearningObjectives: Improving CurriculumRamping Up InstructionStrengthening Special EducationLaying a Stronger Foundation in Pre-KindergartenImproving High SchoolsImproving Postsecondary Success Teacher Preparation & RecruitmentTeacher Development & RetentionAdministrator Preparation &RecruitmentAdministrator Development & Retention Safe and SupportiveFinancial StabilityIntegrity2
Aligning Core Principles to Risk UniverseHigh Quality, RigorousInstructionAcademicsAccountability & Transparency Communication of Data Data Analytics & Research Data-led Strategic Decisions Interpreting Data SQRP MetricsCore Instructional Programming Advanced Placement/IB/STEM Diverse Learners Early Childhood English Language Learners/World Language ProgramsCore Instructional Support Counseling & Advising School Network Support Social/Emotional/MTSS Student Support &Engagement (OSSE)Educational Strategies Core Curriculum Educational Model andInstructional Strategy High School & ElementarySchool Strategies New Schools StrategyEducational Supports Professional Development StudentAdmission/Enrollment Student AssessmentsSchool Programs Academic Competitions After School Programs Sports / AquaticsSchool Types ALOP/District/Charter Contract/SafeTalented & EmpoweredEducatorsSafety & SupportStudent Safety &WellnessPeopleLabor & Benefits Compensation & Benefits Culture Labor RelationsPipeline, Recruitment &Selection Diversity/Bilingual Recruitment & OnboardingTalent Management Development andPerformance (includingTraining and Compliance) Employee Retention Outsourcing Succession Planning Temporary Staff &SubstitutesTraining & Compliance Background Checks Code of Conduct (Districtwide) Employee DisciplinaryProcedures Mandated ReporterTrainingEmergency & Crisis Planning Crisis Prevention Effective Drill Preparedness Responding to Emergencies Social Unrest Terrorism & Malicious ActsHealth & Wellness Medical Nurses Sports InjuriesSchool Safety & ClimateManagement Discipline Standards Safe Passage / Travel Safe Haven Security Protocols Trauma/Violence Water SafetyStudent Protection Background Checks Bullying Sexual Abuse School Supervision Student Advocacy Transgender StudentsExternal Risks Catastrophic Events / Loss Economic ConditionsFinancial StabilityOperationsFacilities Environmental Safety Facilities Maintenance Safe, Warm & Dry Facilities School CleanlinessInfrastructure Accessibility Construction Maintenance Major Renovations Real Estate & CapitalImprovement ProgramInformation Technology Data Availability & Quality Data Protection and Privacy IT Availability/Continuity IT Infrastructure IT Integrity IT Management IT Security/Access TechnologyImplementationsOperations Nutrition / Food Quality Procurement/VendorStrategy Records Retention Mgmt School Support Center Transportation Emerging Health Hazards Demographics Labor Market ChangesFinancialAccounting Accounts Payable Accounts Receivable Accounting, Reporting, &Disclosure Balance Sheet Valuations Fixed Asset Inventory Internal Reporting Reporting IntegrityFunding/Expense Management Budgeting Capital Funding Expense Management Federal Revenue Compliance Fundraising & Donations Payroll Pension FundingLiquidity and Credit Cash Flow Management Capital Markets Funding Funding Insurance Investments Ratings Working Capital Political Social Unrest / Civil Disobedience Terrorist / Cyber AttacksCollective ImpactStrategyGovernance Board Performance and ApprovalProcess Control Environment Fraud Planning & Execution Policy Management Risk Management Social Responsibility Tone at the TopLegal/ComplianceCode of Conduct Employee, Student andFamily Debarment Ethics Illegal Acts Sexual AbuseLegal Anti-Corruption Arrangements/LeasesMission Driven Initiatives Contracts Equity Initiatives Investigations Measurement & Monitoring Liability Strategic Partnerships & Collaborative LitigationArrangements Strategic Planning/ContinuousRegulatoryImprovement Board Reporting Vision & Direction Environment Federal & State GrantsPlanning & Resource Allocation FMLA/Work. Comp. Budgeting & Forecasting FOIA Requests Funding & Elected Official Alignment Government Relations Instructional Support Health & Safety Operational & Business Planning State/Local Entities Title I, II, III, VI, & IXStakeholder Communications Bilingual Advisory Council Citywide Multilingual Parent Council Crisis Communications Employee Communication Family & Community Engagement Local School Council Relations Media Relations Violence & Crime3
What is Enterprise Risk Management?Enterprise Risk Management (ERM) defined by COSO:*A continuous process, effected by an entity’s board of directors,management, and other personnel, applied in a strategic settingacross the organization, designed to identify potential events thatmay affect the entity, manage risk to be within its risk appetite,and to provide reasonable assurance regarding the achievement ofentity objectives. Why is it Important? “Mission, vision and core values define what an entity strives to be and how it wants to conduct business. They communicate tostakeholders the purpose of the entity.”*“Risk affects an organization’s ability to achieve its strategic and business objectives.”*An organization “must engage in decision-making with an awareness of both the opportunities for creating value and the risks thatchallenge the organization in creating value.”*While ERM needs to be driven from the top to establish clear “ownership” by leadership, key risk mitigation strategies need to beembedded in management activities, such as the Continuous Improvement Plan, to have an effective ERM strategy for riskmitigation Enterprise Risk Management Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission (COSO), September 2004* Enterprise Risk Management - Integrating with Strategy and Performance. Committee of Sponsoring Organizations of the Treadway Commission (COSO), June 20174
FY2017 vs. FY2019 RMA ProcessFY2017FY2019Objective: Identify, evaluate and prioritize the critical risks to developingthe FY2017 Internal Audit Plan through interviews, surveys,and facilitated sessionObjective: Identify, evaluate, and prioritize through interviews and facilitated session thecritical risks impacting the organizational objectives and key mitigationactivities that lessen the impact of the identified risks Link strategies and specific organizational plans to the associated risks Establishment of risk management program that will allow us to sustainablyidentify, analyze and manage our risks is critically important to theachievement of our mission and strategy and our long-term success. Effectiverisk management allows us to remain effective and better serve our students,employees and the community.Process: Inspected Prior Audit/Risk Management Assessment Results Conducted 31 initial interviews (48 individuals) - 29 departments represented Conducted 39 validation interviews (47 individuals) - included seeking feedbackand validation on presentation materials - 25 departments represented Conducted 2 facilitated sessions - included risk voting/prioritizationProcess: Inspected Prior Audit/Risk Management Assessment/SurveyResults Conducted 9 interviews (15 individuals) - 10 departmentsrepresented Conducted 1 facilitated session (9 individuals) - included riskvoting/prioritizationOutput: Prioritized list of key risks facing CPS that informed areas offocus for FY2017 Internal Audit PlanOutput: Prioritized list of key risks facing CPS with: Established dialogue, culture and ownership around Enterprise RiskManagement Opportunities and mitigation strategies for management to monitor on anongoing basis and to embed in strategic planning and operations Informed areas for the FY2019 Audit Plan5
Key Risks and OpportunitiesTransparency& IntegrityCyber &InformationSecurityEnrollmentTalentStudentSafety &ProtectionStandardizingBest PracticesEquityTo provide a highquality publiceducation for everychild, in everyneighborhood, thatprepares each forsuccess in college,career and civic life.Federal, State& reProcurementOrder is not intended to reflect a ranking6
Key Risks and OpportunitiesRisksOpportunity/GoalsKey Mitigating StrategiesCyber & Information Security: Risk of student andemployee personally identifiable information beingreleased and of unauthorized access, hacking and virusattacks on the CPS IT infrastructure.Safeguard information and systems protections tobuild internal and external stakeholder trust andconfidence in sharing information. Enrollment: Risk that CPS continues to lose enrollment, inaddition to the 150,000 unfilled seats, affecting academicaccomplishments, financial stability, development of atalented workforce, equity of allocation of resources, andschool utilization.Achieve CPS enrollment that aligns with national andurban trends. Develop and communicate a broaderstrategy of resource allocation and academicinvestments to adjust for changing demographics.Engage community stakeholders and civic partnerson decisions arising from enrollment trends. Equity: Risk of non-equitable allocation of programming,capital improvements and funding, which negativelyimpacts student outcomes and drives an achievementgap, especially for underrepresented subgroups.Equitable allocation of programming and funding isimperative to driving our mission forward andproviding children with access to high qualityeducation. Federal, State & Local Compliance: Risk ofnoncompliance with federal state and local laws and nonefficient use of state and federal grant funds.(Refer to related risks and mitigating strategies of Equity& SPED)Maximize efficient use of federal and state revenuesand align CPS procedures with State and Federalvalues (e.g., ADA, Equity, and Diverse Learning). Conducted system-wide analysis/monitoring for detecting hacking, malware & virusesIntrusion detection system and operations center to better monitor potential systemweakness Cyber Liability Insurance coverage obtained along with accompanying supportsProgram Application RFP/Annual Regional AnalysisGoCPS provides families with an online platform facilitating enrollment processCity/State/Sister Agency/Non-Profit Partnerships to address broader socio-economicissues that impact enrollment Effective immigration and transportation policies to encourage enrollment External partnership funded 1M marketing program for schools Expansion of full day Pre-K programEstablishment of Equity Office and Chief Equity OfficerProgram Application RFP/Annual Regional AnalysisCreated a small schools fund in budget to help under-enrolled schoolsOpportunity Schools and other talent initiativesSocial Worker expansions including related service providersOffice of Student Protections and Protecting Chicago’s Children (PCC) will help topromote federal compliance New Student Information System will increase data availability & quality Created Federal Compliance Training Manual Extensive audit of compliance with federal programs including Title I, II, and III. FY2017ISBE review of federal programs resulted in no findings. Budget & Grants works closelywith schools to ensure compliance.Order is not intended to reflect a ranking7
Key Risks and OpportunitiesRisksOpportunity/GoalKey Mitigating StrategiesFunding: Risk that CPS cannot resolve structuralbudget gap, build up sufficient reserves, and/or meetfinancial obligations.Obtain equitable State funding and maximizeFederal funding. Develop a long-term sustainablefinancial plan to address the District’s budgetarychallenges. Infrastructure: Challenges in maintaining safe, warmand dry facilities addressing building condition needsunder extensive deferred maintenance andaffordability constraints. Addressing utilizationchallenges (both over- and under-utilization).Provide children with safe, warm & dry facilities byaddressing maintenance and capitalimprovements concerns in a timely manner tosupport students’ well-being and academicprogress. Procurement: Challenges to strengthen vendorselection and management processes may result innot receiving the highest quality and value goods andservices for the District. This includes providingtraining associated with CPS procurement policiesand procedures.Strong vendor due diligence, selection, andmanagement processes ensure the properdelivery and quality of good and services.Maximize efficient use of District resources andadhere to relevant laws, Board rules, policies, andprocedures. Special Education: Challenges to provide support tostudents based on developing adequate IndividualEducation Plans (IEPs), limited pipeline of certifiedsupport personnel, administering reimbursementprocedures uniformly, rising costs and budgetconstraints.Provide tools and support to ensure that allDiverse Learners receive a high-quality publiceducation. Create and monitor IndividualEducation Plans (IEPs), as well as work withschools, staff, and families to fulfill these planstowards greater student development andachievement. Secured 900M in additional revenue FY17-18; Continued advocacy for fully funded EvidenceBased State Funding Secured rating agency upgrades, reduced short-term borrowing by 455M, reduced interestcosts and refinanced outstanding debt for savings Identify efficiencies internally to lower operating expendituresFY19 989M capital program includes deferred maintenance, overcrowding relief andprogrammatic investments Increased accountability around school cleanliness (Quality Assurance Program andMonitoring) Enhanced implementation of vendor review through due diligence, background, conflict ofinterest and contract complianceImplementation of on-boarding checklist to ensure vendors meet all requirementsContracting Risk Matrix to identify priority areas to focus on due diligence proceduresBoard Review Process improvementsImproved reporting and analysis of MBE/WBE primary vendors and subcontractorsPrincipal Professional Learning Communities (PLCs): Principal training to improve delivery ofspecial education services in each network. A year-long series with over 130 principals. Improved parent engagement related to delivery of special education services, including Parent Universities for parents with students with IEPs: Providing 6 trainings in 6locations and providing translation supports to families Created 3 Citywide Parent Specialists who are themselves parents and can help withaddressing special education needs of parents and students Diverse Learners Parent Advisory Council provides opportunity for discussion and inputon policy, training and programming Multi-Tiered System of Supports (MTSS) providing students with adequate and expandedinterventions (counselor, therapist, 504 plan, nurse, case managers) Continued training for teachers/case managers on instructional interventions/IEPrequirements Continued relationship with ISBE-appointed monitor to ensure state and federal compliance8Order is not intended to reflect a ranking
Key Risks and OpportunitiesRisksOpportunity/GoalKey Mitigating StrategiesStandardizing Best Practices: Policies/Procedures/Training/Compliance: Risk to employees, students, families,and the District if CPS policies and procedures are notclearly communicated. This includes areas such asattendance, cash handling, ethics, information/datahandling, integrity and privacy, payroll, procurement, andworkplace behavior, and applies to all schools across theDistrict including charters.Promote the values of principal autonomy andtailoring school management to each community,while enforcing critical policies, procedures,training and compliance to prevent fraud andpromote efficiency, employee training,community relations, and clear communications. Student Safety and Protection: Challenges to keepingchildren safe from other people, their environment,external event risks and ensuring emergency preparednessprocedures are in place.Safe and supportive schools create anenvironment for successful learning. Protecting Chicago’s Children (PCC) / Background ChecksProvide training to ensure student safety & protectionContinue to reinforce emergency preparedness procedures and trainingCoordination with other city agencies (e.g., CPD, CHA)/ Safe PassageTalent: Challenges in hiring and retaining talented anddiverse educators, amidst a national shortage, especially inhard to staff areas (ODLSS, ESL/Bilingual, Nursing, NetworkChiefs, PE, Bus Drivers).Develop a diverse, highly effective workforce oftalented and experienced educators andadministrators with appropriate developmentand leadership opportunities for all of CPS. Teacher Residencies (Special Education, Bilingual, Early Childhood)Teacher Leadership InitiativesTeacher Advisory Council/Principal Advisory CommitteeOpportunity SchoolsPerformance Management Systems (RISE, REACH)Transparency & Integrity: Risk of not building andmaintaining public trust, which can impair CPS’effectiveness in carrying out the Mission. This includesaccuracy of data/information shared, integrity ofprocurement of goods/services, timely responses to FOIArequests, tone and nature of dialogue with community andkey stakeholders.Demonstrate integrity and being transparentfurther strengthens relationship with keystakeholders and builds momentum towardbroader engagement in the Mission. Annual Law conference for principalsContinue to develop and improve training and compliance programsBoard Policy Working Group - Comprehensive review of CPS policies; Integrity Memosdeveloped and communicated to principalsRegular Network Chief Communications (Monthly calls/weekly memos); ISPcollaborationDevelopment of parent and student handbookDeveloped uniform employee handbook for distribution to employeesCPS is Service: Service Excellence Training focusing on customer service skilldevelopment“Tone at the Top” - evolved culture of CPS promoting transparency and trustIntegrity in Vision, Integrity Memos, CPS is ServiceTown Halls, ARA Focus Groups, PACs, Bilingual Advisory Council, and ChicagoMultilingual Parent Council (CMPC), Principal, Teacher, and Student Advisory Councils Transparency in data sharing - Educational Facilities Master Plan (EFMP), Parents Guideto Budget, Popular Annual Financial Report (PAFR), Timely FOIA responsesOrder is not intended to reflect a ranking9
Next Steps Phase II of Enterprise Risk Management - Continueddevelopment of mitigation strategies to address key risks Embed Risk Assessment in Existing Annual Reviewprocesses (including Continuous Improvement) Development of Audit PlanSource: PwC Ethics & Compliance Framework10
What is Enterprise Risk Management? 4 Enterprise Risk Management (ERM) defined by COSO: A continuous process, effected by an entity's board of directors, management, and other personnel, applied in a strategic setting across the organization, designed to identify potential events that may affect the entity, manage risk to be within its risk .
