Chp 2: Managing risks Flashcards

1
Q

What are six tasks that the risk committee could be responsible for?

A
  1. Ensure system exists
  2. Set risk policy
  3. Assess risks
  4. Review internal audit work
  5. Review risk register
  6. Advise the board
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are six disclosures that should be presented in a company’s annual report?

A
  1. Audit committee work description
  2. Accounts represent a fair and true assessment of the company
  3. Confirmation that emerging and principal risks have been been assessed
  4. The effectiveness of internal controls
  5. Assessment of the going concern status
  6. Explanation of the company’s prospects
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the difference between risk aversion and risk seeking attitudes?

A

Risk aversion - focus on the risk level; activites should not be undertaken if it results in higher risk

Risk seeking - focus on the return level; activites should be undertaken if they result in higher returns, regardless of the risk level increasing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the five COSO ERM components and their principles?

A
  1. Governance & culture - the importance fo the board leading the way
  2. Strategy & objective setting - use an effective planning process for strategy
  3. Performance - effectively manage an organisations risks
  4. Review & revision - a classic feedback loop
  5. Information, communication & reporting - ERM is supported by good information shared across the organisation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the three parts to ISO 31000?

A
  1. Risk management principles
  2. Risk management framework
  3. Risk management process
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the eight risk management principles in ISO 31000?

ISO 31000

A

Design has five - PACED
1. Proportionate to the level of risk
2. Aligned with other activites
3. Comprehensive
4. Embedded in the organisation
5. Dynamic to emerging risks

Operation has three
1. Limitations in available information actively considered
2. Influence of human and cultural factors
3. Continual improvement through learning experience

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the four elements to the risk management framework of ISO 31000?

A
  1. Design
  2. Implement
  3. Evaluatin
  4. Improvement
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the three supporting activites that underpin the risk management process in ISO 31000?

A
  1. Communication and consulation
  2. Monitoring and review
  3. Recording and reporting
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the three lines of defecne in assurance mapping?

A
  1. First line - Management and internal controls
  2. Second line - Financial control, security, risk management, compliance, inspection etc.
  3. Third line - internal audit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly