Transcript American Airlines Presentation Masters

AMR Corporation
Risk Assessment Methodology
A Little About AMR
World’s largest scheduled passenger airline
Headquartered in Ft. Worth, Texas
88,400 Employees
2006 Annual Revenue $22.6 B
2006 Annual PROFIT!!!!!!! $231M
2
A Little About AMR
Serving 172 cities worldwide
2600 flights per day
92 million passengers flown in 2006
14 million pounds of cargo DAILY
3
4
AMR Corporation
Gerard Arpey
Chairman, President & CEO
Executive Assistant
Executive Assistant
Sr. VP Government
Affairs
Executive VP Finance &
Planning & CFO
Sr. VP & General
Counsel
Sr. VP Customer
Services
Sr. VP Human Resources
Sr. VP Technical
Operations
Sr. VP International
Sr. VP Miami/Caribbean
Latin America
Executive VP Marketing
5
President
Sr. VP Info Tech/Chief
Info Officer
Internal Audit Department
Gary Kennedy
SVP, General Counsel
and Chief Compliance Officer
Bonnie Roe
Natalie Smith
Diane Speir
Carolyn Gibson
Managing Director
Technology Audits
Paul Hutson
Duane Lopriore
John Neyman
Lifang Niu-Brown
Daniel Olayinka
Marc Schimek
Kathleen Stucker
Audit
Committee
Angie Owens
General Auditor
Sean Gaven
Manager
Corporate Audits
David Pulford
Manager
Corporate Audits
Celeste Beran
Lou Camungol
Joanna Schmehl
Carrie Sturdivant
BJ Taylor
Scott Villarreal
Open
Mandy Biggs
Angelica Figueroa
April Molina
Akinbayo Ojo
Priti Patson
Candi Smith
Brian Yim
6
Tracey Westhoff
Manager
M&E Audits
Ann Cavlovic
Carrie Dohogne
Managing Risks Daily
At AMR, risk assessment and management is deeply
embedded in the corporate culture and manifests itself at all
layers of the organization in a variety of forms, including:
–
Relevant presentations to the Audit Committee
– Weekly the CEO meets with “Executive Committee”
• Agendas include standing items as well as detailed discussions
about the most germane current events
• Substantial time at EC is devoted to the discussion of risk in a
variety of context
Each officer is responsible for incorporating risk assessment
and management into daily activities
7
CEO / Executive Committee
SVP Human
Resources
CIO
General
Counsel
SVP
Planning
SVP Government
Affairs
CFO
President
Eagle
EVP Marketing
SVP Technical
Operations
SVP MCLA
SVP Customer
Services
ESCALATE ISSUES
Risk Identification
Vice Presidents
ACCOUNTABILITY
Managing Directors
Analysis
Management
Cascading
Goals and
Managers
RISK COVERAGE AND OVERSIGHT
AUDIT COMMITTEE
Internal Audit
External Auditor – E&Y
Other Risk Advisors (External Counsel and Consultants)
8
Objectives
“The
Audit Committee should discuss the
company’s major financial risk exposures and the
steps management has taken to monitor and
control such exposures”
- NYSE Corporate Governance Rules
9
How is the Rule Interpreted?
Our unscientific research indicates:
Interpretations run the gamut from very formal
Enterprise Risk Management programs to discussion
item on Audit Committee agenda
KPMG:
“Many organizations engage in a wide variety of risk
assessment and monitoring activities but are unable
to point to the specific value derived from them”
10
AMR’s Approach
2004 Internal Audit took ownership of defining a process
that would satisfy the NYSE requirement
We asked 50 senior managers to identify:
Top 20 risks
Business unit
Corporate level
And provide assessment of:
Probability
Controllability
Level of Preparedness
Impact (Financial, Operational, Reputation)
11
AMR’s Approach
Overall, good participation
Results were predictable
250 individual risks identified
Challenges
Analyzing/Comparing 250 risks
Expert bias
Non expert opinions
Lack of quality impact data
Occasional “non responsive” response:
“We are in an inherently risky business”
12
AMR’s 2005 Approach
Changes
Included more attorneys in the survey
Attempted to gather department’s risk mitigation
activities
Issues
Attorney opinion’s skewed the data
Various levels of detail for mitigation activities
All activities cannot be captured
13
AMR’s 2006 Approach
Changes
Survey included top 18 corporate risk categories
Participants were identified as experts about certain
risks
Asked for top 5 mitigating activities if applicable
Removed financial impact question
14
Catastrophic Event
Any large event that causes loss of life, property, or equipment, excluding terrorist actions.
Please place an "X" in the box below indicating your assessment of this risk for the probability it
will occur, the company's range of control over the risk, the company's level of preparedness, and
the overall impact:
LOW
PROBABILITY
MED
HIGH
x
CONTROL
x
PREPAREDNESS
x
IMPACT
x
RISK MANAGEMENT ACTIVITIES
Please list the 5 most important activities your department does to manage these risks (if
applicable):
Additional Comments –
15
Risk Categories
Catastrophic Event
Competitor Actions
Cost Containment
Customer Retention
Data Privacy and
Security
Disaster
Recovery/Business
Continuity
Economic Downturn
Fleet Mix/Age
Illegal Activity
Infrastructure
Reliability
IT System Reliability
Labor Relations
Litigation
Regulatory
Safety Performance
Talent Retention
Terrorist Act
Vendor Loss/Supply
Interruption
16
AMR’s 2006 Approach
Outcome
More standardized responses
Data easier to compare
Expert’s responses given more weight
17
Reporting Results
CFO and Chief Legal Counsel
Chairman/CEO
Audit Committee
18
Chart Highest Probability and Greatest Impact
Less than $250M
Impact
More than $650M
Management’s assessment of the most probable/highest impact risks was
consistent with expectations and subject matter expert responses did not vary
significantly from all others
AMR Risk Survey
Corporate Consolidation
3.00
2.00
11
1
1.00
1.00
Very Unlikely
2.00
Probability
19
Will Likely Happen
3.00
Chart Exposure = Impact x Probability x Inverse Preparedness
Exposure
When factoring in preparedness, again the results were as expected:
20
Conclusions
The magnitude of exposure has not changed measurably year over year
Risk assessments reported by subject matter experts did not vary significantly
from other responses indicating that the management team is well informed
about the company’s risks
After completing the 2006 survey process, we concluded that AMR’s risk
management process is:
– Driven by a highly regulated, dynamic, and fiercely competitive
environment
– Managed and monitored within each senior executive’s organization
– Channeled through Executive Committee, when necessary
…and that AMR’s risk management process continues to provide the
company with adequate risk management
21
Then What Happens?
A number of key risks are regular topics of discussion
during Board meetings, including:
State of the economy
Pricing and other competitive
information
Fuel and other cost containment
activities
Litigation
Labor relations
Talent Retention
Significant regulatory items
Fleet Plans
Audit considers survey results when building the annual
audit program
22
What Have We Learned?
Must have Senior Management Support
The survey methodology is economical but has its
challenges:
Comparable responses
Accurate wording of the questions
Allow time to follow-up on individual responses
Prepare for push back from unlikely places
23
Questions?
24