Enterprise Risk Management Policy 45-000 | Effective Date: April 27, 2022

Policy

WorkSafeNB is committed to managing risks that may impact WorkSafeNB’s ability to achieve its goals and objectives. As part of that commitment WorkSafeNB has established an Enterprise Risk Management (ERM) framework and risk management processes.

Risks are identified through the risk management process, which is integrated into WorkSafeNB’s planning processes and management activities. At a minimum, WorkSafeNB engages in a comprehensive, organization-wide risk identification and assessment activity in conjunction with its annual strategic planning process. In addition, projects of significant scope or size require risk identification and management to be incorporated into the project management process. WorkSafeNB periodically reviews its ERM framework and makes changes and updates as required.

WorkSafeNB’s Board of Directors is responsible for oversight of WorkSafeNB’s risk management. The Executive Leadership Team is responsible for ensuring that risk management is integrated into all organizational activities and decision-making.

While the WorkSafeNB ERM framework reflects its unique internal and external environments, it aligns with recognized international standards, such as those published by ISO (International Organization for Standardization) and COSO (Committee of Sponsoring Organizations).

Interpretation

  1. As part of their oversight role the Board of Directors:
    • Defines the risk management philosophy, risk appetite, and risk criteria for WorkSafeNB;
    • Reviews key risks and determines if they are within WorkSafeNB’s risk appetite;
    • Approves the ERM policy and amendments to the policy; and
    • Reviews the risks identified by management.
  1. In its role to ensure that risk management is integrated into all organizational activities and decision-making. The Executive Leadership Team:
    • Delegates risk management to their management teams;
    • Allocates appropriate resources to support the risk management process;
    • Supports and endorses the ERM policy, framework, and process;
    • Ensures integration of risk management into strategic plans and project plans;
    • Develop the organizations risk reports; and
    • Monitors the effectiveness of the risk management process.
  1. Management:
    • Identifies new risks and reports on changes to existing risks when planning projects, launching new initiatives, and when evaluating operations;
    • Incorporates risk management into their planning, processes, and management activities;
    • Develops risk treatment plans for risks that are in excess of WorkSafeNB’s risk appetite;
    • Develops strategies for capitalizing on opportunities; and
    • Monitors and reports on the status of risks and risk management plans. 
  1. Internal Audit:
    • Expected to provide independent assurance that the organization’s risk management processes are effective;
    • Review and report on the management of key risks;
    • Evaluate and give assurance on risk management processes; and
    • Give assurance that risks are correctly evaluated.
  1. The Risk Management Department:
    • Develops and maintains the ERM framework;
    • Provides risk management training, guidance and direction; and
    • Coordinates and facilitates the overall ERM process.
  1. All staff:
    • Develop and maintain an understanding of WorkSafeNB’s risk management principles;
    • Participate in the management of risk within their area of responsibility, and communicate to their supervisor those risks beyond their scope of authority; and 
    • Report identified risks to management.

 

Workplace Health, Safety and Compensation Commission and Workers’ Compensation Appeals Tribunal Act (S.N.B. 1994, c. W-14) 

 8(1) and 10(1)

 

 

 

Enterprise Risk Management (ERM) – ERM is a continuous, proactive and systematic approach to identifying, understanding, managing and communicating risks.

ERM Framework – a set of components that collectively provide definition and structure to an organization’s ERM discipline.

Risk – the effect of uncertainty on an organization’s ability to meet its objectives (positive or negative).

Risk Appetite – the level of risk that an organization is prepared to accept.

Risk Assessment – the overall process of identifying, analysing, and evaluating risk.

Risk Criteria – terms of reference against which the significance of a risk is evaluated.

Risk Identification – the process of finding, recognizing, and describing risk.

Risk Management – coordinated activities to direct and control an organization with regard to risk.

Risk Management Process – a systematic application of risk management policies and procedures which aid an organization in identifying, analysing, evaluating, treating, monitoring, communicating, and reviewing risk. Such as those published by ISO (International Organization for Standardization) and COSO (Committee of Sponsoring Organizations).

 

E-News Sign-up

Connect With Us

Call toll-free in Canada 1 800 999-9775
General Inquiries  
© 2025 WorkSafeNB
Disclaimer