100%(2)2 out of 2 people found this document helpful
This preview shows page 14 - 17 out of 36 pages.
- Ensures risk management is embedded into all processes and activities. - Reviews the firm’s risk profileThe Board and CEO’s responsibilities are to: -Determine the strategic approach to risk and set risk appetite- Establish the structure for risk management.- Understand the most significant risks.- Manage the organization in a crisis.Question 3 Discuss:
“An essential part of the communication strategy supporting the risk identification step, is to adopt, at the outset, a common language of riskthat is tailored to the business practice of the organization that can be applied across all activities”. 支持风险识别步骤的沟通策略的一个重要部分是，从一开始就采用一种通用的风险语言，这种语言是为组织的业务实践量身定制的，可以应用于所有活动A risk taxonomy should be agreed at the beginning of the risk process. It defines what risks will be evaluated and how they are defined and categorised. These definitions carry forward into the risk identification, risk assessments, risk treatments, reporting and appetite statements. It is essential that it be tailored to the firm in order for risk management to be properly integrated into the activities of the firm. It also forms an essential part of stakeholder disclosuresto investors (eg. Annual reports) and regulators.Factors to consider: root cause or impact method of classifying risks, organisational structure, and regulatory risk measurement and reporting requirements in design of the taxonomy.Week 5 Question 1Discuss:(a) “It is unnecessary to understand an organization’s objectivesbefore determining risk criteria”; 在确定风险标准之前，没有必要了解组织的目标Risk criteria refers to the rules established by the organisation to evaluate the significance of risk measured in terms of likelihood and severity of consequence.(a) False. The criteria should reflect the organization’s values, objectives and resources, or from regulatory and statutory requirements. (b) “Because the external risks facing an organization are numerous, management should not attempt to design unique criteria for the organization”. 由于组织面临的外部风险很多，管理人员不应该试图为组织设计独特的标准(b) False. It is uneconomic to eliminate all risks, so risks must be rated and prioritised in significance as determined by the risk criteria. It helps the organisation deal with numerous risks but to be relevant must reflect the nature of the organisation, the views of its stakeholders, its internal and external risk factors, its internal capability and its own particular objectives.
Question 2Critique the following statement:“The scales used to represent the extent of consequences must be designed carefully. If not, then either the level of risk is not assessed properly or incorrect choices are made to accept or treat the risks”.