Course Hero Logo

Lesson 2_Risk Management_Additional Materials.pdf - ACT1110...

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 14 out of 33 pages.

ACT1110Fundamental Concepts ofRisk Management
Learning Objectivesa)Explain different definitions of Risk and Risk Managementb)Discuss globally accepted frameworks on risk managementinternal control (i.e., COSO, ISO 31000, CoCo, COBIT)c)Discuss the Risk Management Process according to COSO
VISION/MISSION/GOALSPeople/stakeholdersCapitalization, resources,fundingProcess/system/proceduresOverview
Overview
CONTROLSIncrease the likelihoodof achieving objectivesRISKSPossibility of an event occurring that will have animpact on the achievement of objectivesOBJECTIVESDefined, intendedoutcomesGOVERNANCEEnsure entity effectively and efficiently directs towardmeeting the objectivesOverview
IllustrationObjectiveWake up at 4:30am to go to school as early as possible
RiskqOversleepingqInsomniaControlsqSet up alarm clockqDrink milk or take herbal sleeping medicineqInform other peopleGovernanceqParents advise you before you sleepqSermonIllustrationObjectiveWake up at 4:30am to go to school as early as possible
ConceptsWhat is Risk?
Definition of TermsqEffect of uncertainty on objectives which could be positive,negative, or a deviation from the expected. Also, risk is oftendescribed by an event, a change in circumstance or a consequence.(ISO Guide 73)qRisk is the combination of the probability of an event and itsconsequence. Consequences can range from positive to negative.(Institute of Risk Management)qThe uncertainty of an event occurring that could have an impact onthe achievement of objectives. Risk is measured in terms ofconsequence and likelihood. (IIA)
Definition of TermsRiskThe possibility of an event occurring that will have an impact on theachievement of objectives. Risk is measured in terms of impact andlikelihood.- COSOLikelihood:-Frequency of occurrence-Number of instances(how many times)If realized, would affectthe company.Occurring over a predefinedtime periodFactors that define impact rating- Financial effect (how much)- Reputation- Ability to achieve key objectives
Definition of TermsResidual Risk-after a risk responseOpportunity-event will occur and positively affect the achievement of objectivesRisk Appetite-amount of risk is willing to accept in pursuit of valueRisk Tolerance-specific maximum risk that an organization is willing to take regarding eachrelevant risk
RecognitionHow “Risk”should be stated?-something went wrong plus the impactExample:Unauthorized changes are made to the payroll master data resultingin payments to fictitious employeesRisk should not be:-A negative control or absence of control-A process
Risk ManagementqA process to identify, assess, manage, and control potential events or situations toprovide reasonable assurance regarding the achievement of the organization'sobjectivesDefinition of TermsqA coordinated set of activities and methods that is used to direct anorganization and to control the many risks that can affect its ability to achieveobjectives.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 33 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
JWu
Tags

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture