COSO ERM FRAMEWORK

Question 1

It is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the
enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.

Answer 1

Enterprise Risk Management

Question 2

Encompasses the tone of an organization, and
sets the basis for how risk is viewed and
addressed by an entity’s people, including risk
management philosophy and risk appetite,
integrity and ethical values, and the
environment in which they operate

Answer 2

Internal Environment

Question 3

Pertains to ethical values, desired
behaviors and understanding of risk in the
entity.

Answer 3

Culture

Question 4

The possibility that an event will occur and adversely affect the achievement of enterprise and objectives.

Answer 4

Risk

Question 5

The likelihood that the company might incur a
financial loss or suffer a decline in profit, capital,
investment, or cash flows on account of the
occurrence of events and transactions.

Answer 5

Financial Risks

Question 6

The risk that talks about how the borrower might fail to pay on the due date.

Answer 6

Credit Risk

Question 7

The risk that is related to how the business will be unable to meet its financial obligation because of
insufficient cash.

Answer 7

Liquidity Risk

Question 8

Volatility in the market brought
about by factors such as interest rate, fx
currency and market prices.

Answer 8

Market Risk

Question 9

The possibility that the
business may not be able to generate
sufficient revenue, or an increase in
production and increased operating
costs might occur.

Answer 9

Business Risk

Question 10

The risk of selecting an
inappropriate corporate strategy or the
failure of implementing an appropriate
one. This may result to failure to achieve
long term strategic goals, loss of market
share and shrinkage in corporate value.
NONFINANCIAL RISKS

Answer 10

Strategic Risk

Question 11

The risk that the company might fail to comply with applicable laws and regulations.

Answer 11

Legal or Compliance Risk

Question 12

The risk that
unforeseen events could result to
injuries, illnesses or even loss of lives.

Answer 12

Health and Safety Risk

Question 13

The risk that the company might fail to control or
minimize factory wastes, emissions, and
other pollutants arising from business
activities.

Answer 13

Environmental Risk

Question 14

The risk that reputation
or image of the company will be
damaged due to reasons such as
improper acts of corporate officers, poor
financial performance, and bad news.

Answer 14

Reputational Risk

Question 15

The risk that the
financial statement of the company is
incorrect due to errors, lapses or failure
to apply accounting standards such as
the PFRS.

Answer 15

Financial Reporting Risk

Question 16

The risk arising from
deceptive and intentional acts that
result to loss of company assets,
resources and reputation.

Answer 16

Fraud Risk

Question 17

These are the steps in the risk management process.

Answer 17

1. Setting of business objectives
2. Identify the risks
3. Assess the risks
4. Respond to the assessed risks
5. Implement the risk response
6. Monitor the risk management process

Question 18

These are high level goals aligned with and
support the organization’s mission and long-
term vision.

Answer 18

Strategic Goals

Question 19

These are goals that are related to the
effective and efficient use of corporate
resources.

Answer 19

Operational Goals

Question 20

These are goals relating to the reliability and transparency of corporate reports.

Answer 20

Reporting Goals

Question 21

These are goals relating to compliance
and conformity with applicable laws and
regulatory requirements.

Answer 21

Compliance Goals

Question 22

This pertains to the probability that
the event will occur; means the chance of
occurrence.

Answer 22

Likelihood

Question 23

This refers to the significance or
magnitude of the negative effect of the risk to
the company.

Answer 23

Impact