Lesson 10 Flashcards

1
Q

1.1 Explain why culture is an integral component of the enterprise risk management framework

A

Culture reflects an entity’s ethics, values, belief, attitudes, desired behaviours and understanding of risk.

ERM helps people understand risk and a risk aware culture stresses the importance of managing risk and encourages transparent and timely flow of risk information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

1.2 Explain the significance of the board’s role in ERM

A

The board has the responsibility for risk oversight and in many countries has a fiduciary responsibility to its stakeholders including conducting reviews of the ERM practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

1.2 Explain the significance of board member independence in ERM

A

Independence allows directors to be objective and evaluate the performance and well being of the entity without any conflict of interest or undue influence of interested parties.

The board should serve as a check and balance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

1.3 Provide 7 examples of things that may impede a board member’s independence

A

Independence may be impeded if a board member:

1) Holds a substantial financial interest in the entity

2) Is currently or has recently ben employed in an executive role by the entity

3) Has recently advised the board of directors of the entity in a material way

4) Has a material business relationship with the entity (supplier/customer)

5) Has donated a significant financial amount to the entity

6) Has business or personal relationships with key stakeholders within the entity

7) Sits as a board member of other entities that represent potential conflicts of interest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

1.4 Explain how the concept of suitability of enterprise risk management influences an entity’s decision about its risk management approach

A

Suitability of ERM refers to an entity’s ability to manage risk to an acceptable amount.

The ERM capability needed for a given entity is influenced by the complexity of the entity which in turn influences its needs and the benefits it wants or expects from ERM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

2.1 Explain how an entity’s choice of governance and operating model influences its risk management practies

A

Risk governance sets the tone, reinforcing ERM and establishing oversight responsibilities.

Different operating models may result in different perspectives of a risk profile.

For example assessing risk within a decentralized model may indicate few risks whereas a centralized model may indicate a concentration of risk - perhaps relating to a certain customer type, foreign exchange or tax exposure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

2.2 Outline factors that influence an entity’s choice of operating model (6)

A

1) The entity’s strategy and business objectives

2) Nature, size and geographic distribution of the entity’s business

3) Risks related to the entity’s strategy and business objectives

4) Assignment of authority, accountability, and responsibility in all levels of the entity

5) Type of reporting lines (direct/solid line vs secondary reporting) and communication channels

6) Financial, tax, regulatory and other reporting requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

2.3 Outline the role and characteristics of risk management oversight structures and explain how these structures differ by type of entity

A

Entities may delegate the responsibility to an oversight committee that gathers information on how risk associated with the strategy occurs across the entity.

Entities with complex legal structures may have several committees with some overlapping members. This committee structure should be aligned with the entity’s reporting structure to allow decisions to be made with full awareness of the risks of those decisions

In smaller entities the structure may be less formal with management more involved in day-to-day execution of the ERM strategy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

3.1 Explain the role of culture in risk aware decision making

A

Culture influences how risk is identified, what risks are accepted and how they are managed.

A culture in which people do the right thing at the right time is critical to an entity being able to pursue opportunities and minimize risk in achieving the strategy and business objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

3.2 Explain the concept of culture spectrum and provide an example of how it works in ERM

A

The culture spectrum goes from Risk averse to risk aggressive. The higher on the spectrum the greater the propensity for and acceptance of the amount of risk necessary to achieve goals

For example a hedge fund is likely a risk aggressive entity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

3.3 Outline factors that influence where an entity falls on the culture spectrum (4 internal 3 external)

A

Internal:
- how EEs interact with one another and managers
- the standards and rules of conduct
- the physical layout of the workplace
- rewards system

External
- regulatory requirements
- expectations of customers
- expectations of investors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

3.4 Describe strategies for fostering a risk aware culture (7)

A

1) Maintaining strong leadership

2) Employing a participative management style

3) Enforcing accountability for all actions

4) Embedding risk in decision making

5) Having open and honest discussions about the risks facing the entity

6) Encouraging risk awareness across the entity

Employees should know what the entity stands for and the boundaries in which they can operate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

4.1 Define organizational “tone” and “tone in the middle”

A

Tone is defined by the operating style and personal conduct of both management and the board. Lead by example

Tone in the middle is a view o tone taken in larger entities that from time to time different markets and challenges may put pressure on different levels of the entity resulting in a change in tone

The more tone can remain consistent throughout the entity the more consistent the performance of ERM strategies will be.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

4.2 Explain the role of standards of conduct in ERM (3 reasons + overall purpose)

A

3 reasons for establishing a code of conduct are:

1) Establishing what is acceptable and unacceptable
2) Providing guidance for navigating what lies between acceptable and unacceptable
3) Reflecting laws, regulations, standards and other expectations that the entity’s stakeholders may have, such as corporate social responsibility

The purpose of a code of conduct is to communicate the entity’s expectations of ethics and desired behaviours, including behaviours relating to ERM and decision making.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

4.3 Explain why responding to deviations in standards of conduct is critical to ERM

A

Appropriate responses ensure that the entity’s culture is not undermined.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

4.3 List 8 reasons why codes of conduct may not be adhered to

A

1) Tone at the top doesn’t convey expectations

2) Board does not provide oversight of management’s adherence to standards

3) Middle management and functional managers are not aligned with the entity’s mission, vision, core values, strategy and risk response

4) Risk is an afterthought to strategy setting and business planning

5) Performance targets create incentives to compromise ethical behavior

6) Process for investigating and resolving excessive risk taking is inadequate

7) Intentional or deliberate non-compliance exists

17
Q

4.4 Explain the role of individual accountability in enterprise risk management

A

Individuals make up the entity and individual accountability is fundamental to ethics and enterprise risk management

18
Q

4.5 Explain how perceptions of communication, transparency and retribution impact ERM

A

Management is responsible for cultivating open communication and transparency about risk and risk taking. Management should make sure that this this is valued .

Providing a variety of channels for both management and employees to report concerns about potentially inappropriate risk taking, business conduct or behaviour without fear of retribution or intimidation is evidence of open communication and transparency.

19
Q

5.1 Identify measures that provide evidence of enforcement of accountability for enterprise risk management (4)

A

1) Management and the board of directors are clear on the expectations

2) Management ensures that information on risk flows through the entity - how decisions are made and how risk is considered as part of decisions are communicated

3) Employees are committed to collective business objectives (individual targets and objectives align)

4) Management responds to deviations from standards and behaviours (corrective actions are taken)

20
Q

5.2 Explain how performance incentives and rewards influence ERM

A

Performance is significantly influenced by the extent to which EEs are held accountable and how they are rewarded.

Incentives should align with the ERM strategy

21
Q

5.3 Describe how pressure affects individuals in an entity

A

Pressure can motivate individuals to meet expectations or cause them to fear the consequences of not achieving strategy and business objectives

22
Q

5.3 List 7 things that excessive pressure can be associated with

A

1) Unrealistic performance targets, particularly with short term results

2) Conflicting business objectives of different stakeholders

3) Imbalance between rewards for short term financial performance and those for long term focused stakeholders such as corporate sustainability targets

4) Certain points during the regular cycles of specific tasks

5) Unexpected external factors such as a sudden dip in the economy

6) Change in the business context such as increased market competition or other market competitor action

7) Change in strategy, operating model, acquisition or divestiture activity

23
Q

5.4 Explain how an entity’s compensation structure can influence enterprise risk management

A

Aligning an employees compensation to the organizational structure can help achieve strategy and business objectives.

If these are not aligned an entity can end up encouraging detrimental behaviour.

24
Q

6.1 Outline HR factors considered by an entity when developing ERM competence

A

1) Knowledge, skills and experience with ERM

2) Nature and degree of judgement and limitations of authority to be applied to a specific position

3) Costs and benefits of different skill levels and experience

Succession planning should also take place

25
Q

7.1Define judgement and describe how sound judgement enhances board risk

A

Judgement is the process of reaching a decision or drawing a conclusion when there are a number of possible alternative solutions.

An effective judgement process is logical, flexible, unbiased, objective and consistent.

A sounds judgement process shows where decision makers are vulnerable to predictable traps and appropriately challenges their own judgements and the judgements of those that they oversee.

The challenge for board members is to both effectively challenge the judgements of corporate officers and enhance the quality of their own judgements

26
Q

7.2 Identify the 5 steps of the KPMG professional judgement framework

A

1) Define the problem and identify the fundamental objectives

2) Consider alternatives

3) Gather and evaluate appropriate amounts and types of information

4) Arrive at an informed conclusion

5) Articulate and document the rationale for the conclusion. This also provides an opportunity to reflect on that rationale

27
Q

7.3 Explain the board’s role in managing the impact of organizational bias on ERM

A

It isn’t unusual to find evidence of groupthink,

The question is not whether bias exists but how bias within ERM is managed. The board should understand the potential organizational biases and challenge management to overcome them

28
Q

7.4 List 6 common threats to good judgement from the KPMG professional judgement framework

A

1) Rush to solve

2) Judgement triggers - initiate the necessity for a decision - can cause person to move forward without completing all the steps in the process

3) Overconfidence

4) Confirmation bias - inability to look at all information objectively

5) Anchoring - primarily affects the gathering of information step

6) Availability - this limits alternatives considered

29
Q

7.5 Describe steps that can be taken to mitigate the effects of judgement traps and biases (4)

A

1) Be aware of possible sources and recognize situations where decision makers might be vulnerable. Pause and ask what and why questions

2) Seek opposing and disconfirming evidence - try to make the opposite case

3) Question expert opinions to mitigate overconfidence

4) encourage opposing points of view

5) consult with others

29
Q

7.5 Describe steps that can be taken to mitigate the effects of judgement traps and biases (4)

A

1) Be aware of possible sources and recognize situations where decision makers might be vulnerable. Pause and ask what and why questions

2) Seek opposing and disconfirming evidence - try to make the opposite case

3) Question expert opinions to mitigate overconfidence

4) encourage opposing points of view

5) consult with others

30
Q

7.6 What are actions that boards can take to mitigate: overconfidence bias (4)

A

1) be aware
2)

31
Q

7.6 What are actions that boards can take to mitigate: overconfidence bias (4)

A

1) be aware

2)Challenge experts’ or advisors’ estimates of potential causes of unexpected outcomes and estimates of unexpected outcomes.

3) Challenge extremely high or low estimates

4) Challenge underlying assumptions

32
Q

7.6 What are actions that boards can take to mitigate: confirmation tendency (3)

A

1) Be aware

2) Make the opposing case and consider alternatives

3) Seek and consider disconfirming or conflicting information

33
Q

7.6 What are actions that boards can take to mitigate: Anchoring tendency (4)

A

1) Be aware

2) Make an independent judgement or estimate

3) Consider relevant alternative anchors

4) Solicit input from others

34
Q

7.6 What are actions that boards can take to mitigate: availability tendencies (4)

A

1) Be aware

2) Consider why something comes to mind (recent events)

3) Make the opposing case

4) Consult with others