how their presence in an organization can affect the reliability of controls

How their presence in an organization can affect the

This preview shows page 19 - 22 out of 36 pages.

how their presence in an organization can affect the reliability of controls and communication of strategies and risk appetite Perception layering is an organisational human factor risk, which occurs when one layer of management e.g. the board, the executive or both has performance expectations out of step with operational reality. This is of particular concern for strategy risk and risk appetite . 知分 是一种 组织 的人为因 风险,当 ( 事会 或两 ) 效预期与实际 作不一致时,就会发生这 种风险。这对 战略 风险和风险偏好特 重要。
Question 2 Critique the following statement: In all risk assessments it is necessary to consider the extent to which controls modify risk and the level of risk that is being modified .” 有风险 估中,都有 考虑控 、修改 风险的 度以 修改 的风险 a) Risk assessment is the process of risk identification, analysis and evaluation. b) In analysing likelihood and consequence (and therefore risk level) it is necessary to understand the effectiveness of existing controls (i.e. how are they modifying the risk?). Effective means available and reliable. c) Understanding how controls affect likelihood and consequence requires a systematic approach to analyse causes and consequences. A bow-tie diagram is one tool to assists in quantifying impacts and identifying controls that work pre-event, post-event, independently, in common, are redundant or missing. Tracking intrinsic risk levels helps to prioritise review and assurance of critical controls – rated by reference to intrinsic and residual risk. d) Note there are three tools: Bow-Tie, FTA, ETA. If asked remember to quote three and not just Bow-Tie 解释: Fault tree analysis (FTA) is a systematic top-down analysis of a system to assess likelihood of failure. Event tree analysis (ETA) is a forward, bottom-up , logical modeling technique for both success and failure that explores responses through a single initiating event and lays a path for assessing probabilities of the outcomes. ETA is a powerful tool that will identify all consequences of a system that have a probability of occurring after an initiating event that can be applied to a wide range of systems. The Bow tie diagram links together FTA (on left) and ETA (on right). More than one independent control on an event mechanism path increases reliability (i.e. “overlapping control”). Unlike FTA and ETA alone, Bow tie diagrams reveal the complete set of path(s) through which an event with consequences can occur (left hand side) and the range of consequences which could result (right hand side) including documenting the complete set of controls pre- and post- event and how they are related to each other.
Question 3 a) Explain why monitoring is critical to effective governance ; 解释为 什么监视 对有效 关重要 b) Describe the role of independent audit in the risk process;

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture