Lesson 8 - System Of Risk Management And Internal Control

Question 1

What is Risk

Answer 1

Risk is the effect of uncertainty on objectives - whether positive or negative

Question 2

Why is risk increasingly important - why?

Answer 2

Ensuring viability in an uncertain world AIRMIC 2017

Increase speed of change
Increased need for transparency
New risk types (rep risk, cyber risk)

Question 3

Explain key elements of corporate governance in Risk

Answer 3

Corp Governance must

1- define the risks of the organization

2-ensure risks are understood and managed

3- ensure robust controls are in place to remain within risk appetite

4- create a Risk Culture

Question 4

Uk Corporate Governance Code and Risk and the boards role

Answer 4

Board should carry out a robust assessment of a company’s principle risks

And should monitor the company’s risk management and internal control systems

And report on the effectiveness in the Annual Report

Question 5

Explain the types of business risk and governance risk

Answer 5

Business risks include

• Reputation risk
• Liquidity risk
• Environment risk

Governance risks considered
* policy governance framework
* new product processes
* MI - financial performance
* MI- risk appetite, etc
*people and culture
top of house accountability & transparency throughout the org

Question 6

Types of controls

Answer 6

Preventative
Detective
Mitigating - corrective

Internal controls should be
-Effective
- Reliable
- Compliant with laws &regulation

Smart
Specific
Measurable
Achievable
Relevant
Time bound

Question 7

Issues with controls

Answer 7

1-poorly designed
2-not applied properly
3-circumvented

Also controls must be SMART

Specific
Measurable
Achievable
Relevant
Time bound

Question 8

Key elements of a risk management and internal control system

Answer 8

Coso (committee of sponsoring Organization)

Enterprise Risk Management - integrating strategy and performance

consists of 5 parts

1-governance and culture
2-strategy & objective setting
3-Performance
4-review and revision
5-info, communicating, reporting

Question 9

How to develop a risk management system

Answer 9

DARMA

Define risk (map, stress test)
Assess risk (likelihood, size, RAG)
Respond (Avoid/mitigate/transfer)
Monitor effective SMART measure
Report on risk at the Board

Question 10

Benefits of risk management system

Answer 10

• achieve business objectives
• monitor & mitigate risk
• ensure regulatory compliance
• protect & enhance value
• build investor confidence
• contribute to informed decisions

Question 11

Role of CoSec in risk

Answer 11

1-develop objectives
2-advise on mitigation risk
3-monitor risk mgt-int control
4-communication- annual report

Question 12

Long term viability

Answer 12

Within the Annual Report the Board should

Explain how it has assessed the prospects of the company over a specific period and why the period is considered appropriate

The board should state whether the company will be able to continue its operation and meet its liabilities drawing attention to qualifications and assumptions

Question 13

Sustainability

Answer 13

Is about ensuring the long term survival of the organization

It requires a balance of current and future needs