POINTERS TO REVIEW FOR FINAL EXAM:

1.Different types of risks - MC, T/F

2.Techniques in Managing Risks - MC, T/F
3.Elements/Components of Internal Control -
MC, T/F
4.Possible Misstatements if given internal control
stated is not present (Application)
5.Fraud Triangle (State whether its an
Opportunity, Pressure, Rationalization)
6.Check if the fraud stated is a defalcation or
financial reporting fraud; how the situation
presents an opportunity to commit fraud.
(Analysis)

CHAPTER 12 – RISK MANAGAMENT

RISK MANAGEMENT – recognized as one of the

most important competencies needed by the
BODs of modern organization.

The levels of risk faced by business firms have

increased because of the fast-growing
sophistication of organization, globalization,
modern technology and impact of corporate
scandals. In addition therefore to compliance with
legal requirements, top management should
consider adequate knowledge of risk
management.

Risk management defined

•-process of measuring or assessing risk and
developing strategies to manage it.
•-identifying, analyzing and controlling areas or
events with a potential for causing unwanted
change.
•-includes risk planning, assessing risk areas,
developing risk handling options, monitoring risks
to determine how risks have changed and
documenting overall risk management program.

•As defined in the International Organization of

Standardization (ISO 31000),Risk Management is
the identification, assessment, and prioritization
of risks followed by coordinated and economical
application of resources to minimize, monitor and
control the probability and/or impact of
unfortunate events and to maximize the
realization of opportunities.

BASIC PRINCIPLES OF RISK MANAGEMENT

STEPS IN THE RISK MANAGEMENT
PROCESS

1. Set up a separate risk management

committee chaired by a board member.
2. Ensure that a formal comprehensive risk
management system is in place.
3. Assess whether the formal system
processes the necessary elements.
4. Evaluate the effectiveness of the various
steps in the assessment of the
comprehensive risks faced by the business
firm.
5. Assess if the management has developed
and implemented the suitable risk
management strategies and evaluate their
effectiveness.
6. Evaluate if management has designed and
implemented risk management capabilities.
7. Assess management’s efforts to monitor
overall company risk management
performance and to improve continuously the
firm’s capabilities.
8. See to it that best practices as well as
mistakes are shared by all. This involves
regular communication of results and
feedbacks to all concerned.
9. Assess regularly the level of sophistication
of the firm’s risk management system.
10. Hire experts when needed.