Please enable JavaScript.
Coggle requires JavaScript to display documents.
KING CODE IV - Coggle Diagram
KING CODE IV
Principle 11. The board should govern risk in a way that supports the company in setting and achieving its strategic objectives
-
-
-
2.3 Evaluate and agree the nature and extent of the risks that the company is prepared to take in achieving its objectives, and should approve
the company’s risk appetite (propensity to take risks)
the limit of the potential loss the company has the capacity to tolerate
- The board should delegate to management, the responsibility to implement and affect effective risk
management.
- The board should assume responsibility for the governance of risk by setting the direction for how risk should be approached and addressed. Risk governance should include:
-
1.2 The potential positive and negative effects of the same risks on achieving the company’s objectives.
-
- The board should exercise ongoing oversight of risk management and in particular, oversee that it results in the following
4.1 An assessment of risks and opportunities emanating from the triple context (social, economic and environmental) in which the company operates and from the capitals that the company uses and effects.
4.2 An assessment of the potential positive (upside) or negative effects on achieving the company’s objectives.
4.3 An assessment of the organisations dependence on resources and relationships as represented by the various forms of capital.
-
4.5 The establishment and implementation of business continuity arrangements that enable the company to operate under conditions of volatility and to withstand and recover from acute shocks .
4.6 The integration and embedding of risk management in the business activities and culture of the company.
- The board should consider the need to obtain periodic independent assurance on the effectiveness of
risk management.
-
6.1 The nature and extent of the risks and opportunities the company is willing to take (sensitiveinformation need not be disclosed).
-
6.3 Key areas of focus during the reporting period including: key risks the company faces
unexpected or unusual risks
risks taken outside the company’s tolerance levels
6.4 Actions taken to monitor the effectiveness of risk management and how the outcomes (of monitoring) were addressed.
-
4. Once the risks have been identified, the board, risk committee and management, should consider the possible risk response options. Again there are various models to respond to risk, but options will normally include:
4.1 avoid or terminate the risk by not commencing or ceasing the activity which creates the exposure to the risk, e.g. if the company can no longer tolerate the risk of doing business in a foreign country, then close that business down
4.2 treat, reduce or mitigate the risk, e.g. exposure to the risk of foreign exchange losses may be treated, reduced or mitigated by taking forward cover.
4.3 transfer the risk to a third party, e.g. if the company considers that the proper maintenance of its computer system, database, etc, is at risk, it may decide to outsource this responsibility.Taking out insurance is a common method of transferring risk
4.4 accept the risk, e.g. if a transport company’s risk assessment reveals that a 100% increase in the cost of diesel to say R25 a litre will seriously jeopardize its going concern ability, but that the risk of this occurring is low, the company may simply decide to accept the risk, rather than perhaps replacing its fleet of vehicles with more fuel efficient vehicles.
4.5 exploit the risk, e.g. where a retailer of expensive clothing anticipates loss of market share due to the economic downturn, it may decide to introduce a range of cheaper clothing to regain its market share. This amounts to identifying and following through on opportunities.
-
When assesing risk,the following risks are to be taken into account:
-
-
-
-
-
-
-
-
-