Essential Readings

Question 1

UK Corporate Governance Code: What is the definition of Corporate Governance?

Answer 1

The system by which companies are directed and controlled. Boards of directors are responsible for the governance of their companies. The shareholders’ role in governance is to appoint the directors and the auditors and to satisfy themselves that an appropriate governance structure is in place

Question 2

UK Corporate Governance Code: What should a company’s culture promote?

Answer 2

integrity and openness, value diversity and be responsive to the views of shareholders and wider stakeholders

Question 3

UK Corporate Governance Code: What should companies be able to demonstrate?

Answer 3

companies can demonstrate throughout their reporting how the governance of the company contributes to its longterm sustainable success and achieves wider objectives.

Question 4

UK Corporate Governance Code: Comply or Explain … explain?

Answer 4

Confirm principles applied or explain the: Background Rationale Impacts (of why a principle not applied)

Question 5

UK Corporate Governance Code: What areas do the principles cover?

Answer 5

1) BOARD LEADERSHIP AND COMPANY PURPOSE (effecitive / set purpose / ensure resources etc.)
2) DIVISION OF RESPONSIBILITIES (mix of exec / non exec / power spread)
3) COMPOSITION, SUCCESSION AND EVALUATION (formal, rigorous appointments, mix of skills)
4) AUDIT, RISK AND INTERNAL CONTROL (ensure independence of auditors, manage risk & internal control) 5) REMUNERATION (supports strategy, formal & transparent procedures)

Question 6

ORANGE BOOK - What does risk management do in successful organisation?

Answer 6

In successful organisations, risk management enhances strategic planning and prioritisation, assists in achieving objectives and strengthens the ability to be agile to respond to the challenges faced.

Question 7

ORANGE BOOK - who does it apply to and what does it do and how?

Answer 7

Who: Government departments and arm’s length public bodies, also useful for all parts of the UK Public Sector

What: Sets out the main and supporting principles for risk management in government.

How:

1) Considers the effectiveness of risk management arrangements, 2) assesses compliance with Corporate Governance Code[2] requirements,
3) Oversees the preparation of the governance

Question 8

ORANGE BOOK - primary audience

Answer 8

1. Directors Exec and non-exec -
2. Audit and RAC members
3. Risk practiciioners
4. Senior leaders & policy leaders,
5. Senior Responsible Officers (SROs)

Question 9

ORANGE BOOK - what should the board do?

Answer 9

The board of each public sector organisation should actively seek to recognise risks and direct the response to these risks.

Question 10

ORANGE BOOK - Comply or Explain?

Answer 10

Each government organisation is required either to disclose compliance or to explain their reasons for departure clearly and carefully in the governance statement accompanying their annual resource accounts.

Question 11

ORANGE BOOK - What does the Risk Management Framework do?

Answer 11

The risk management framework supports the consistent and robust identification and management of opportunities and risks within desired levels across an organisation, supporting openness, challenge, innovation and excellence in the achievement of objectives.

Question 12

ORANGE BOOK - What are the Principles

Answer 12

A. Risk management an essential part of GOVERNANCE & LEADERSHIP,

B. support DECISION-making in achieving OBJECTIVES.

C. be COLLABORATIVE

D. Structured Processes

• IDENTIFICATION & ASSESSMENT - PRIORITISE ;
• TREATMENT
• MONITORING;
• REPORTING

E. Risk management shall be CONTINUALLY IMPROVED through learning and experience.

Question 13

Orange Book - Section D

Answer 13

Risk management processes shall be structured to include:

a. **RISK IDENTIFICATION AND ASSESSMENT** to determine and prioritise how the risks should be managed;
b. **RISK TREATMENT** : the selection, design and implementation of risk treatment options that support achievement of intended outcomes and manage risks to an acceptable level;
c. **RISK MONITORING** the design and operation of integrated, insightful and informative risk monitoring; and
d. **RISK REPORTING** timely, accurate and useful risk reporting to enhance the quality of decision-making and to support management and oversight bodies in meeting their responsibilities.

Question 14

CIMA REPORT

Answer 14

Remember to do the other deck too

Question 15

Orange Book - Describe the Risk Management Framework Diagram

Answer 15

Question 16

Tesco Wheel (CIMA) - Visualised

Answer 16

Question 17

WEF REPORT 2020 - What are the top 5 risks by *impact*

Answer 17

1) Climate Action Failure
2) Weapons of Mass Destruction
3) Biodervisity Loss
4) Extreme Weather
5) Water Crisis

Question 18

WEF REPORT 2020 - Top 5 Risks by *Likelihood*

Answer 18

1. Extreme Weather
2. Climate Action Failure
3. Natural Disasters
4. Biodiversity Loss
5. Human made environment disasters

Question 20

2017 COSO ERM framework:

• What elements does it (better) integrate?

Answer 20

1) It integrates the relationship between risks, strategy and performance.
2) underscores the relationship between risk and value.

Question 21

2017 COSO Framework :

What are the 5 components?

Answer 21

The COSO ERM framework consists of 20 principles that are grouped to support one of five components:

1. governance and culture;
2. strategy and objective-setting; (Risk Appetite is in here)
3. performance; (the process … identify, assess, prioritise, respond (treat))
4. review and revision;
5. information, communication and reporting.