Please enable JavaScript.
Coggle requires JavaScript to display documents.
3 Risk Framework - Coggle Diagram
3 Risk Framework
Enterprise risk management integrated
framework - COSO ERM
A process ongoing and flowing through an entity
Effected by people every level of an organization
Applied across the enterprise, at every level
and unit and includes taking an entity-level
portfolio view of risk
Applied in strategy setting
Designed to identify potential events that,
if they occur will affect the entity and to
manage risk within its risk appetite
Able to provide reasonable assurance to an
entity's management and board of directors
Geared to achievement of objectives in
one or more separate but overlapping categories
Enterprise Risk Management (ERM)
and the requirements of ISO3100
Risk, Risk management and ISO31000
Principles of risk management:
Risk management is a central part of the
strategic management of any organization
Nature and impact of risk:
Risk can impact an organization in the
short, medium and long term.
Risk management process
Responding to significant risks
Treat
Transfer
Tolerate
Terminate
Resourcing controls
Ranking or evaluation of risk
Reaction planning
Recognition or identification of risk
Reporting and monitoring risk performance
Reviewing the risk management framework
A Risk Management policy should include
the following sections:
Statement of the attitude of the organization
of risk (risk strategy(
Description of the risk aware culture or
control environment
Risk management and internal control
objectives (governance)
Level and nature of risk that is
acceptable (risk appetite)
Risk management organization
and arrangement (risk architecture)
King IV
Risk and Opportunity
Uncertainty of events
The likelihood of such events occurring
Their effect, both positive and negative
Leadership, ethics and corporate citizenship risk
Organization ethics
Responsible corporate cirtizenship
Strategy and performance
Governing structure and delegation