企 业风险管理基于这样一种理 念 即风险 最 好是自 上 而 下 管理以 � 风险可以多样化并结 合�

企 业风险管理基于这样一种理 念

This preview shows page 12 - 14 out of 37 pages.

业风险管理基于这样一种理 ,即风险 好是自 管理,以 便 风险可以多样化并结 合起 来,以全面了解组织的风 在所有业务活动,部 和组织 孤岛 管理风险,以 便 协调行动并 好地分 的管理资源。 ERM includes the culture, capabilities, and practices that organisations integrate with strategy-setting and apply when they carry out their strategy. 业风险管理包括组织与 战略制 化,能力和实 ,并在实施 战略时 以应用。 COSO’s Five Components of an Enterprise Risk Management framework Governance and Culture: Governance sets the organization’s tone, reinforcing the importance of, and establishing oversight responsibilities for, enterprise risk management. Culture pertains to ethical values, desired behaviors, and understanding of risk in the entity. 治理和 化:治理确定了组织的基调, 化了 业风险管理的重 性,并建立了监 责任 化涉及 道德 行为以及对实体风险的理解。 Strategy and Objective-Setting : Enterprise risk management, strategy, and objective-setting work together in the strategic- planning process. A risk appetite is established and aligned with strategy; business objectives put strategy into practice while serving as a basis for identifying, assessing, and responding to risk. 战略 和目标设定: 业风险管理, 战略 和目标设定在 战略 规划过程 中共同 用。建立风险偏好并与 战略 保持一 ; 业务目标将 战略付 同时作 为识别,评估和应对风险的基础。 Performance : Risks that may impact the achievement of strategy and business objectives need to be identified and assessed. Risks are prioritized by severity in the context of risk appetite. The organization then selects risk responses and takes a portfolio view of the amount of risk it has assumed. The results of this process are reported to key risk stakeholders. 需要 确定和评估可能影响 战略 和业务目标实现的风险。在风险偏好的 背景 ,风险的严重程度 考虑 险。然后,组织 选择 风险响应,并 资组 视图 确定其承 的风险。该过程的结果将报告 风险 利益相 者。 Review and Revision : By reviewing entity performance, an organization can consider how well the enterprise risk management components are functioning over time and in light of substantial changes, and what revisions are needed. 修订 :通过审 实体 ,组织可以 考虑企 业风险管理组件在一 时间内 作情况 ,并 考虑 到实 性变 化,以及 需要进 修订 12
Image of page 12
Information, Communication, and Reporting : Enterprise risk management requires a continual process of obtaining and sharing necessary information, from both internal and external sources, which flows up, down, and across the organization. 信息 ,沟通和报告: 业风险管理 需要 一个持 的过程, 从内 部和外部来源 获取 必要 信息 ,这些 信息 在组 向下流 动。 Benefits of an effective ERM 1. Increasing the range of opportunities: By considering all possibilities—both positive and negative aspects of risk— management can identify new opportunities and unique challenges associated with current opportunities. 加机 会范围:通过 考虑 所有可能性 - 风险管理的 极和消极方面可以识别与 关的 遇和 2. Identifying and managing risk entity-wide: Every entity faces myriad risks that can affect many parts of the organization. Sometimes a risk can originate in one part of the entity but impact a different part. Consequently, management identifies and manages these entity-wide risks to sustain and improve performance.
Image of page 13
Image of page 14

You've reached the end of your free preview.

Want to read all 37 pages?

  • Spring '18

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture