Chapter 11-13 Governance.ppt
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Chapter 11-13 Governance.ppt as PDF for free.
More details
- Words: 1,260
- Pages: 23
Loading documents preview...
CHAPTER 11 RISK MANAGEMENT
Risk Management • process of measuring, or assessing risk and developing strategies to manage it. • systematic approach in identifying, analyzing, and controlling areas or events with a potential for causing unwanted change. • act or practice of controlling risk • includes risk planning, assessing risk areas, developing risk handling options, and monitoring risk • identification, assessment and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor and control the probability and/or impact of unfortunate events and to maximize the realization of opportunities. (ISO 31000)
BASIC PRINCIPLES OF RISK MANAGEMENT
Risk management should:
•Create value – resources spent to mitigate risk should be less than the consequence of inaction, i.e., the benefits should exceed the costs;
•Address uncertain and assumptions; •Be an integral part of the organizational processes and decision-making; •Be dynamic, iterative, transparent, tailorable and responsive to change; •Create capability of continual improvement and enhancement considering the best available information and human factors; and
•Be systematic, structured and continually or periodically reassessed.
PROCESS OF RISK MANAGEMENT According to the standard ISO 31000 “Risk Management – Principles and Guidelines on Implementation, “the process of risk management consist of several steps as follows:
•Establish the context; •Identification of potential risks; and •Risk Assessment.
ELEMENTS OF RISK MANAGEMENT The performance of assessment methods should consist of the following elements:
•Identification, characterization and assessment of threats; •Assessment of the vulnerability of critical assets to specific threats;
•Determination of the risk (i.e. the expected likelihood and consequences of the specific types of attacks on specific assets);
•Identification of ways to reduce those risks; and •Prioritization of risk reduction measures based on a strategy.
RELEVANT RISK TERMINOLOGIES 1. Risks Associated with Investments Although a single risk premium must compensate the investor for all the uncertainty associated with the investment, numerous factors may contribute to investment uncertainty. The factors usually considered with respect to investments are:
•Business Risk •Financial Risk •Liquidity Risk •Default Risk •Interest Rate Risk •Management Risk •Purchasing Power Risk
RELEVANT RISK TERMINOLOGIES 2. Risk Associated with Manufacturing, Trading and Service Concerns
RELEVANT RISK TERMINOLOGIES 3. Risk Associated with Financial Institution
POTENTIAL RISK TREATMENTS ISO 31000 also suggests that once the risks have been identified and assessed, techniques to manage the risks should be applied. These techniques can fall into one or more of these four categories:
•Risk Avoidance •Risk Reduction •Risk Sharing •Risk Retention
AREAS OF RISK MANAGEMENT The most commonly encountered areas of risk management include:
• • • • •
Enterprise risk management Risk management activities as applied to project management Risk management for megaprojects Risk management of information technology Risk management techniques in petroleum and natural gas
STEPS IN THE RISK MANAGEMENT PROCESS
To enhance management’s competence in their oversight role on risk management the following steps may be followed:
1.Set up a separate risk management committee chaired by a board member; 2.Ensure that a formal comprehensive risk management system is in place; 3.Assess whether the formal system possesses the necessary elements; 4.Evaluate the effectiveness of various steps in the assessment of the comprehensive risks faced by the business firm;
5.Assess if management has developed and implemented the suitable risk management strategies and evaluate their effectiveness;
6.Evaluate if management has designed and implemented risk management capabilities; 7.Assess management’s efforts to monitor overall company risk management performance and to improve continuously the firm’s capabilities;
8.See to it that best practices as well as mistakes are shared by all; 9.Assess regularly the level of sophistication of the firm’s risk management system; and 10.Hire experts when needed.
CHAPTER 12
PRACTICAL GUIDELINES IN REDUCING AND MANAGING BUSINESS RISKS
Common Areas of Risk Affecting Business
UNDERSTAND WHY RISKS BECOME REALITY The five (5) most significant types of risk catalyst are as follows: 1.Technology 2.Organizational change 3.Processes 4.People 5.External factors
APPLY A SIMPLE RISK MANAGEMENT PROCESS The stages of managing the enterprise-wide risk inherent in decisions are simple. • First, assess and analyze the risks resulting from a decision by systematically identifying and quantifying them. • Second, consider how best to avoid or mitigate them. • Third, in parallel with the second stage, take action to manage control and monitor the risks. A. Risk Assessment and Analysis B. Risk Management and Control a. Avoiding and mitigating risks b. Create a Positive Climate for Managing Risk c. Overcoming the fear of risk C. Controlling and Monitoring Enterprise-wide Risk
PRACTICAL TECHNIQUES TO IMPROVE PROFITABILITY Some practical techniques to improve profitability are as follows: a)Focus decision-making on the most profitable areas; b)Decide how to treat the least profitable products; c)Make sure new products enhance overall profitability; d)Manage development and production decisions; e)Set the buying policy; f)Consider how to create greater value from existing customers and products to enhance profitability; g)Consider how to increase profitability by managing people;
PRACTICAL TECHNIQUES TO ASSESS PROFITABILITY There are many techniques for assessing the likely profitability of an investment. One of the most used is to apply discounted cash flows in evaluating capital investment programs. a. b. c. d. e. f.
Avoiding pitfalls; Financial expertise must be widely available; Consider the impact of financial decisions; Avoid weak budgetary control; Understand the impact of cash flow; and Know where the risk lies.
CHAPTER 13 OVERVIEW OF INTERNAL CONTROL
NATURE AND PURPOSE OF INTERNAL CONTROL Internal Control is the process designed and effected by those charged with governance, management and other personnel to provide reasonable assurance about the achievement of the entity’s objectives with regard to reliability of financial reporting, effectiveness of operations and compliance with applicable laws and regulations. Internal Control System means all policies and procedures (internal control) adopted by the management of an entity to assist in achieving the management’s objective of ensuring, as far as practicable, the orderly and efficient conduct of its business, including adherence to management policies, the safeguarding of asset, the prevention and detection of fraud and error, the accuracy and completeness of the accounting records, and the timely preparation of reliable financial information.
ELEMENTS OF INTERNAL CONTROL The internal control system extends beyond these matters which relate directly to the functions of the accounting system and consists if the following components: a.
The control environment
Several factors comprise the control environment, including: 1. Communication and enforcement of integrity and ethical values 2. Commitment to competence 3. Participation by those charged with governance 4. Management‘s philosophy and operating style 5. Organizational structure 6. Assignment of authority and responsibility 7. Human resources policies and procedures
ELEMENTS OF INTERNAL CONTROL b. The entity’s risk assessment process Risk can arise or change due to circumstances such as the following: a)Changes in operating environment b)New personnel c)New or revamped information systems d)Rapid growth e)New technology f)New business models, products or activities g)Corporate restructurings h)Expanded foreign operations i)New accounting pronouncements
ELEMENTS OF INTERNAL CONTROL c. The information system, including the related business process, relevant to financial reporting and communication An information system consists of infrastructure (physical and hardware components), software, people, procedures and data. Make information systems make extensive use of IT 1. The information system, including related business processes, relevant to financial reporting; 2. Journal entries; 3. Related business processes; and 4. Application to small entities.
ELEMENTS OF INTERNAL CONTROL d. The control activities The major categories of control procedures are: 1. Performance review 2. Information process controls 3. Physical controls
e. Monitoring of controls Monitoring is the process that an entity uses to assess the quality of internal control over time. Monitoring activities may include using information from communications from external parties that may indicate problems are highlight areas in need of improvement.
Risk Management • process of measuring, or assessing risk and developing strategies to manage it. • systematic approach in identifying, analyzing, and controlling areas or events with a potential for causing unwanted change. • act or practice of controlling risk • includes risk planning, assessing risk areas, developing risk handling options, and monitoring risk • identification, assessment and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor and control the probability and/or impact of unfortunate events and to maximize the realization of opportunities. (ISO 31000)
BASIC PRINCIPLES OF RISK MANAGEMENT
Risk management should:
•Create value – resources spent to mitigate risk should be less than the consequence of inaction, i.e., the benefits should exceed the costs;
•Address uncertain and assumptions; •Be an integral part of the organizational processes and decision-making; •Be dynamic, iterative, transparent, tailorable and responsive to change; •Create capability of continual improvement and enhancement considering the best available information and human factors; and
•Be systematic, structured and continually or periodically reassessed.
PROCESS OF RISK MANAGEMENT According to the standard ISO 31000 “Risk Management – Principles and Guidelines on Implementation, “the process of risk management consist of several steps as follows:
•Establish the context; •Identification of potential risks; and •Risk Assessment.
ELEMENTS OF RISK MANAGEMENT The performance of assessment methods should consist of the following elements:
•Identification, characterization and assessment of threats; •Assessment of the vulnerability of critical assets to specific threats;
•Determination of the risk (i.e. the expected likelihood and consequences of the specific types of attacks on specific assets);
•Identification of ways to reduce those risks; and •Prioritization of risk reduction measures based on a strategy.
RELEVANT RISK TERMINOLOGIES 1. Risks Associated with Investments Although a single risk premium must compensate the investor for all the uncertainty associated with the investment, numerous factors may contribute to investment uncertainty. The factors usually considered with respect to investments are:
•Business Risk •Financial Risk •Liquidity Risk •Default Risk •Interest Rate Risk •Management Risk •Purchasing Power Risk
RELEVANT RISK TERMINOLOGIES 2. Risk Associated with Manufacturing, Trading and Service Concerns
RELEVANT RISK TERMINOLOGIES 3. Risk Associated with Financial Institution
POTENTIAL RISK TREATMENTS ISO 31000 also suggests that once the risks have been identified and assessed, techniques to manage the risks should be applied. These techniques can fall into one or more of these four categories:
•Risk Avoidance •Risk Reduction •Risk Sharing •Risk Retention
AREAS OF RISK MANAGEMENT The most commonly encountered areas of risk management include:
• • • • •
Enterprise risk management Risk management activities as applied to project management Risk management for megaprojects Risk management of information technology Risk management techniques in petroleum and natural gas
STEPS IN THE RISK MANAGEMENT PROCESS
To enhance management’s competence in their oversight role on risk management the following steps may be followed:
1.Set up a separate risk management committee chaired by a board member; 2.Ensure that a formal comprehensive risk management system is in place; 3.Assess whether the formal system possesses the necessary elements; 4.Evaluate the effectiveness of various steps in the assessment of the comprehensive risks faced by the business firm;
5.Assess if management has developed and implemented the suitable risk management strategies and evaluate their effectiveness;
6.Evaluate if management has designed and implemented risk management capabilities; 7.Assess management’s efforts to monitor overall company risk management performance and to improve continuously the firm’s capabilities;
8.See to it that best practices as well as mistakes are shared by all; 9.Assess regularly the level of sophistication of the firm’s risk management system; and 10.Hire experts when needed.
CHAPTER 12
PRACTICAL GUIDELINES IN REDUCING AND MANAGING BUSINESS RISKS
Common Areas of Risk Affecting Business
UNDERSTAND WHY RISKS BECOME REALITY The five (5) most significant types of risk catalyst are as follows: 1.Technology 2.Organizational change 3.Processes 4.People 5.External factors
APPLY A SIMPLE RISK MANAGEMENT PROCESS The stages of managing the enterprise-wide risk inherent in decisions are simple. • First, assess and analyze the risks resulting from a decision by systematically identifying and quantifying them. • Second, consider how best to avoid or mitigate them. • Third, in parallel with the second stage, take action to manage control and monitor the risks. A. Risk Assessment and Analysis B. Risk Management and Control a. Avoiding and mitigating risks b. Create a Positive Climate for Managing Risk c. Overcoming the fear of risk C. Controlling and Monitoring Enterprise-wide Risk
PRACTICAL TECHNIQUES TO IMPROVE PROFITABILITY Some practical techniques to improve profitability are as follows: a)Focus decision-making on the most profitable areas; b)Decide how to treat the least profitable products; c)Make sure new products enhance overall profitability; d)Manage development and production decisions; e)Set the buying policy; f)Consider how to create greater value from existing customers and products to enhance profitability; g)Consider how to increase profitability by managing people;
PRACTICAL TECHNIQUES TO ASSESS PROFITABILITY There are many techniques for assessing the likely profitability of an investment. One of the most used is to apply discounted cash flows in evaluating capital investment programs. a. b. c. d. e. f.
Avoiding pitfalls; Financial expertise must be widely available; Consider the impact of financial decisions; Avoid weak budgetary control; Understand the impact of cash flow; and Know where the risk lies.
CHAPTER 13 OVERVIEW OF INTERNAL CONTROL
NATURE AND PURPOSE OF INTERNAL CONTROL Internal Control is the process designed and effected by those charged with governance, management and other personnel to provide reasonable assurance about the achievement of the entity’s objectives with regard to reliability of financial reporting, effectiveness of operations and compliance with applicable laws and regulations. Internal Control System means all policies and procedures (internal control) adopted by the management of an entity to assist in achieving the management’s objective of ensuring, as far as practicable, the orderly and efficient conduct of its business, including adherence to management policies, the safeguarding of asset, the prevention and detection of fraud and error, the accuracy and completeness of the accounting records, and the timely preparation of reliable financial information.
ELEMENTS OF INTERNAL CONTROL The internal control system extends beyond these matters which relate directly to the functions of the accounting system and consists if the following components: a.
The control environment
Several factors comprise the control environment, including: 1. Communication and enforcement of integrity and ethical values 2. Commitment to competence 3. Participation by those charged with governance 4. Management‘s philosophy and operating style 5. Organizational structure 6. Assignment of authority and responsibility 7. Human resources policies and procedures
ELEMENTS OF INTERNAL CONTROL b. The entity’s risk assessment process Risk can arise or change due to circumstances such as the following: a)Changes in operating environment b)New personnel c)New or revamped information systems d)Rapid growth e)New technology f)New business models, products or activities g)Corporate restructurings h)Expanded foreign operations i)New accounting pronouncements
ELEMENTS OF INTERNAL CONTROL c. The information system, including the related business process, relevant to financial reporting and communication An information system consists of infrastructure (physical and hardware components), software, people, procedures and data. Make information systems make extensive use of IT 1. The information system, including related business processes, relevant to financial reporting; 2. Journal entries; 3. Related business processes; and 4. Application to small entities.
ELEMENTS OF INTERNAL CONTROL d. The control activities The major categories of control procedures are: 1. Performance review 2. Information process controls 3. Physical controls
e. Monitoring of controls Monitoring is the process that an entity uses to assess the quality of internal control over time. Monitoring activities may include using information from communications from external parties that may indicate problems are highlight areas in need of improvement.
Related Documents
Chapter
January 2021 2
Chapter 12
January 2021 1
Chapter 12
February 2021 1
Chapter 5
February 2021 2
Chapter 1a
March 2021 0
Chapter 1
March 2021 0More Documents from "Carlo Baculo"
