Compliance MONASH BUSINESS SCHOOL 35 A General Taxonomy of Business Risks

Compliance monash business school 35 a general

This preview shows page 34 - 43 out of 47 pages.

Compliance
Image of page 34
MONASH BUSINESS SCHOOL 35 A General Taxonomy of Business Risks (source: EY) § An illustrative guide. Businesses will typically construct their own.
Image of page 35
MONASH BUSINESS SCHOOL 36 The Risk Register is a firm’s record of a risk Need to clearly identify risks All risks should be incorporated into a risk register Need for continuous monitoring and reviewing
Image of page 36
MONASH BUSINESS SCHOOL 37 5. Inherent risk vs. residual risk • The risk level prior to taking into account existing controls and any existing risk responses Inherent risk • The remaining risk level after taking into account existing controls and any existing risk responses Residual risk “Gross Risk” “Net Risk” After management actions to reduce risk
Image of page 37
MONASH BUSINESS SCHOOL Risk management architecture Principles, Framework and Process
Image of page 38
MONASH BUSINESS SCHOOL 39 Why we need to manage risk The purpose of managing risk is to increase the likelihood of an organization achieving its objectives by being in a position to manage threats and adverse situations and being ready to take advantage of opportunities that may arise. National Guidance on Implementing ISO 31000:2009 Risk management involves balancing the conflicts inherent in exploring opportunities on the one hand and avoiding losses, accidents and disasters on the other
Image of page 39
MONASH BUSINESS SCHOOL 40 The outcomes of implementing risk management § The risk management approach adopted by an organization will: provide the framework for embedding the risk management process and effectively managing risks at all levels of an organization provides the overall context for risk management in the organization along with the various instruments required to design, implement, monitor, review and continually improve risk management throughout all levels of an organization in a cohesive and consistent manner. Identify instruments including policies, objectives, plans, relationships, accountabilities, resources, processes and activities which are used for designing, implementing, conducting, monitoring, reviewing and continually improving risk management throughout the organization.
Image of page 40
MONASH BUSINESS SCHOOL 41 Risk management and the Organisational Structure Source: Dicjenson,G., (2001) “Enterprise Risk Management: Its Origins and Conceptual Foundation”, The Geneva Papers on Risk and Insurance Vol. 26 No. 3 (July 2001) 360±366
Image of page 41
MONASH BUSINESS SCHOOL 42 Steps to achieve successful risk management § For an enterprise to become successful in its implementation of risk management, the top management needs to be involved, and activities must be put into effect on many levels. § Some important points to ensure success are: § Establishment of a strategy for risk management, that is, the principles of how the enterprise defines and runs the risk management.
Image of page 42
Image of page 43

You've reached the end of your free preview.

Want to read all 47 pages?

  • Spring '19

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture