RISK MANAGEMENT
DEFINE RISK
[1]Strategic risk
[2]Operational risk
uncertainty of events + likelihood of +ve/-ve effects on org obj's
positioning in ext. enviro
high impact consequences
top man. deals w/ it
potential loss from processes, resources, personnel
dealt via controls, not top man.
int.enviro
BUSINESS STRAT + RISK
risk not analysed = no viable management
articulate key elements
corporate goal setting, performance man, measurement
strat + risk tolerance need framework
RISK + RETURN
capial providers want return for risk taken
risk give no return vs gives return
cap providers sell share if:
Co takes risk CP doesnt accept
returns weren't expected
RISK MANAGEMENT
CAPACITY
RM MATURITY
RM PHILOSOPHY
APPETITE
RM STRAT
TOLERANCE LIMIT
adopting framework
define comm. channels
value, culture, history of RM
framework based on this
robustness of framework determines this
score + compare framework to best prac
risk we can take to pursue value
averse or seeker of risk
lvl of risk we can handle
..w/out jeopardising sustainability
max lvl we can absorb
.. in pursuit of strat + business obj
TRANSLATE RISK TO VALUE
realised
eroded
preserved
created
RM FRAMEWORK
measure risk
evaluate risk
source risk
mitigate risk
ID risk
monitor risk
ENTERPRISE RM
1.R in Gov + Culture
4.R Info, Comm + Report.
3.R in Execution
5.Monitor ERM Performance
2.R, Strat + Obj setting
sets tone + oversight
ethics, behaviours + understanding
understand business context
defines appetite
set business obj
ID + assess risks
prioritise severity
pick responses
relevant + quality info
capture, manage + process data
consider functioning
make substantial changes
INT CONTROL ENVIRO
- Control
4.Communication
2.Risk Assessment
5.Risk Monitoring
1.Control Enviro
reporting obj
operational obj
compliance obj
ID and Assess
carryout responses
document risk man process
ensure working effectively
performance measures
RM + GOVERNANCE
Auditing, Risk Committee