RISK MANAGEMENT

DEFINE RISK

[1]Strategic risk

[2]Operational risk

uncertainty of events + likelihood of +ve/-ve effects on org obj's

positioning in ext. enviro

high impact consequences

top man. deals w/ it

potential loss from processes, resources, personnel

dealt via controls, not top man.

int.enviro

BUSINESS STRAT + RISK

risk not analysed = no viable management

articulate key elements

corporate goal setting, performance man, measurement

strat + risk tolerance need framework

RISK + RETURN

capial providers want return for risk taken

risk give no return vs gives return

cap providers sell share if:

Co takes risk CP doesnt accept

returns weren't expected

RISK MANAGEMENT

CAPACITY

RM MATURITY

RM PHILOSOPHY

APPETITE

RM STRAT

TOLERANCE LIMIT

adopting framework

define comm. channels

value, culture, history of RM

framework based on this

robustness of framework determines this

score + compare framework to best prac

risk we can take to pursue value

averse or seeker of risk

lvl of risk we can handle

..w/out jeopardising sustainability

max lvl we can absorb

.. in pursuit of strat + business obj

TRANSLATE RISK TO VALUE

realised

eroded

preserved

created

RM FRAMEWORK

measure risk

evaluate risk

source risk

mitigate risk

ID risk

monitor risk

ENTERPRISE RM

1.R in Gov + Culture

4.R Info, Comm + Report.

3.R in Execution

5.Monitor ERM Performance

2.R, Strat + Obj setting

sets tone + oversight

ethics, behaviours + understanding

understand business context

defines appetite

set business obj

ID + assess risks

prioritise severity

pick responses

relevant + quality info

capture, manage + process data

consider functioning

make substantial changes

INT CONTROL ENVIRO

  1. Control

4.Communication

2.Risk Assessment

5.Risk Monitoring

1.Control Enviro

reporting obj

operational obj

compliance obj

ID and Assess

carryout responses

document risk man process

ensure working effectively

performance measures

RM + GOVERNANCE

Auditing, Risk Committee