Enterprise Risk Management Policy 45-000 | Effective Date: April 27, 2022

Policy

WorkSafeNB is committed to managing risks that may impact WorkSafeNB’s ability to achieve its goals and objectives. As part of that commitment WorkSafeNB has established an Enterprise Risk Management (ERM) framework and risk management processes.

Risks are identified through the risk management process, which is integrated into WorkSafeNB’s planning processes and management activities. At a minimum, WorkSafeNB engages in a comprehensive, organization-wide risk identification and assessment activity in conjunction with its annual strategic planning process. In addition, projects of significant scope or size require risk identification and management to be incorporated into the project management process. WorkSafeNB periodically reviews its ERM framework and makes changes and updates as required.

WorkSafeNB’s Board of Directors is responsible for oversight of WorkSafeNB’s risk management. The Executive Leadership Team is responsible for ensuring that risk management is integrated into all organizational activities and decision-making.

While the WorkSafeNB ERM framework reflects its unique internal and external environments, it aligns with recognized international standards, such as those published by ISO (International Organization for Standardization) and COSO (Committee of Sponsoring Organizations).

Interpretation

1. As part of their oversight role the Board of Directors:

• Defines the risk management philosophy, risk appetite, and risk criteria for WorkSafeNB;
• Reviews key risks and determines if they are within WorkSafeNB’s risk appetite;
• Approves the ERM policy and amendments to the policy; and
• Reviews the risks identified by management.

2. In its role to ensure that risk management is integrated into all organizational activities and decision-making. The Executive Leadership Team:

• Delegates risk management to their management teams;
• Allocates appropriate resources to support the risk management process;
• Supports and endorses the ERM policy, framework, and process;
• Ensures integration of risk management into strategic plans and project plans;
• Develop the organizations risk reports; and
• Monitors the effectiveness of the risk management process.

3. Management:

• Identifies new risks and reports on changes to existing risks when planning projects, launching new initiatives, and when evaluating operations;
• Incorporates risk management into their planning, processes, and management activities;
• Develops risk treatment plans for risks that are in excess of WorkSafeNB’s risk appetite;
• Develops strategies for capitalizing on opportunities; and
• Monitors and reports on the status of risks and risk management plans. 

4. Internal Audit:

• Expected to provide independent assurance that the organization’s risk management processes are effective;
• Review and report on the management of key risks;
• Evaluate and give assurance on risk management processes; and
• Give assurance that risks are correctly evaluated.

5. The Risk Management Department:

• Develops and maintains the ERM framework;
• Provides risk management training, guidance and direction; and
• Coordinates and facilitates the overall ERM process.

6. All staff:

• Develop and maintain an understanding of WorkSafeNB’s risk management principles;
• Participate in the management of risk within their area of responsibility, and communicate to their supervisor those risks beyond their scope of authority; and 
• Report identified risks to management.