Group 4 Flashcards
Systematic and integrated approach to the mngt of total risk that a company faces.
ERM
Firm-wide strategy to identify and prepare for hazard with a company’s finances, operation s, and objectives.
ERM
In what year erm emerged as a concept and as mngt function w/in corp.
Mid 1990’s
Emergence can be traced to two main causes:
- Following a # of high-profile company failures and preventable large losses
- Shareholder value are playing a greater role in strat planning.
Company received as dividends and stock price appreciation as a result of better-decision making by mngt that ultimately results in a company’s growth in sales and profit
Shareholders’ value
GRC?
Governance, Risk, and Compliance
Structured way to align IT w/ buss. goals while managing risk and meeting all industry and government regulations.
GRC
Why is GRC important? 3
- Data-driven decision-making
- Responsible operation
- Improved cyber security
Set of policies, rules, or frameworks that a company used to achieve its buss. goals.
Governance
Buss. face diff. types of risk, including financial, legal, strategic, and security risks
Risk Mngt
Act of ff rules, laws, and regulations. Applies the legal and regulatory requirements set by industrial bodies and also for internal corporate policies.
Compliance
Duties and responsibilities of GRC
- Implement security control
- Documents and report control failures and gaps to stakeholders
- Defines and documents buss. process responsibilities and ownership of the control in GRC tool
- Identify and manage risk
- Performs other related duties as assigned
Corporate executive tasked w/ assessing and mitigating significant competitive, regulatory, and technological threats to an enterprise’s capital and earnings
CRO (Chief Risk officer/Chief Risk Mngt Officer/Risk Mngt Officer)
CRO focuses on four broad categories of risk that face any org.
- Compliance Risk
- Operational Risk
- Reputational Risk
- Strategic Risk
Involves the org. mechanism for identifying and meeting its responsibilities under the laws, rules and regulations that apply to it
Compliance Risk
Includes elements such buss. interruption, labor issues, technology problems and vendor turnover that could impact its ability to transact buss.
Operational Risk
Any element that could harm the org.’s brand image, recognition, standing and value among its employees, shareholders, customers and public at large
Reputational Risk
Encompasses anything that could impact the org’s ability to execute strategy
Strategic Risk
Has overall responsibility for monitoring and approving the risk policies and associated practises of the company.
Risk Committee
Responsible for reviewing and approving risk disclosure statements in any public documents or disclosures.
Risk Mngt Committee
Risk Mngt Committee shall what? (2)
- Shall be appointed by and will serve at the discretion of the board
- Shall consist of no fewer than three members
