2.Techniques in Managing Risks - MC, T/F 3.Elements/Components of Internal Control - MC, T/F 4.Possible Misstatements if given internal control stated is not present (Application) 5.Fraud Triangle (State whether its an Opportunity, Pressure, Rationalization) 6.Check if the fraud stated is a defalcation or financial reporting fraud; how the situation presents an opportunity to commit fraud. (Analysis)
CHAPTER 12 – RISK MANAGAMENT
RISK MANAGEMENT – recognized as one of the
most important competencies needed by the BODs of modern organization.
The levels of risk faced by business firms have
increased because of the fast-growing sophistication of organization, globalization, modern technology and impact of corporate scandals. In addition therefore to compliance with legal requirements, top management should consider adequate knowledge of risk management.
Risk management defined
•-process of measuring or assessing risk and developing strategies to manage it. •-identifying, analyzing and controlling areas or events with a potential for causing unwanted change. •-includes risk planning, assessing risk areas, developing risk handling options, monitoring risks to determine how risks have changed and documenting overall risk management program.
•As defined in the International Organization of
Standardization (ISO 31000),Risk Management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor and control the probability and/or impact of unfortunate events and to maximize the realization of opportunities.
BASIC PRINCIPLES OF RISK MANAGEMENT
STEPS IN THE RISK MANAGEMENT PROCESS
1. Set up a separate risk management
committee chaired by a board member. 2. Ensure that a formal comprehensive risk management system is in place. 3. Assess whether the formal system processes the necessary elements. 4. Evaluate the effectiveness of the various steps in the assessment of the comprehensive risks faced by the business firm. 5. Assess if the management has developed and implemented the suitable risk management strategies and evaluate their effectiveness. 6. Evaluate if management has designed and implemented risk management capabilities. 7. Assess management’s efforts to monitor overall company risk management performance and to improve continuously the firm’s capabilities. 8. See to it that best practices as well as mistakes are shared by all. This involves regular communication of results and feedbacks to all concerned. 9. Assess regularly the level of sophistication of the firm’s risk management system. 10. Hire experts when needed.