Chapter 2 - Risk Management Flashcards
Risk management can be seen as the dual combination of…
Conformance - controlling threats
Performance - maximising returns
Enterprise Risk Management is
A holistic and integrated approach to risk
Whole business
Everybody is responsible
Led by senior management
The Coso Cube is made up of 3 parts
Objectives
Organisation levels
Components
Coso organisation levels
Subsidiary
Business unit
Division
Entity
Coso Objectives
Strategic
Operating
Reporting
Compliance
Coso 8 components
Internal environment Objective setting Event identification Risk assessment Risk response Control activity Communication of information Monitoring
Risk and NPV
Static NPV of existing business (risk mgt protects this)
ADD
Value of future options (risk mgt maxes this)
Why is ERM good?
Better structured decision making
Focus on risks
Common language
Financial rewards
Coso Helix
Mission
Strategy development
Objective formulation
Performance
Enhanced value
Risk appetite
How much risk will we accept
Risk capacity
Ho much risk can we absorb
Risk attitude
Are we risky or safe?
Features of a risk strategy
- Statement of risk attitude
- Risk appetite defined
- Risk management objectives
- Risk culture
- Responsibilities
- Control systems
- Review criteria
Risk identification comes from
Pro-active and Reactive - swot vs complaints
Internal and external - internal audit vs audit
Value at risk
Standard deviation x Z score
Standard deviation is the amount x volatility
