Please enable JavaScript.
Coggle requires JavaScript to display documents.
King IV Report: Principle 11 - The governing body should govern risk in a…
King IV Report: Principle 11 - The governing body should govern risk in a way that supports the organisation in setting and achieving its strategic objectives.
- Risk governance should encompass both:
-
b.) Potential positive and negative effects of the same risks on the achievement of organisational objectives.
- Risk should be treated as integral to the way the governing body makes decisions and executes its duties.
- The nature and extent of risks that the organisation should be willing to take in pursuit of its strategic objectives should be evaluated and agreed by the governing body. It should approve in particular:
a.) The organisation's risk appetite, i.e. its propensity to take appropriate levels of risk.
-
- Policies should be approved that articulate and give affect to the governing body's set direction on risk.
- The responsibility to implement and execute effective risk management should be delegated to management.
- Ongoing oversight of ongoing risk management should be exercised by the governing body and, in particular, it should ensure that this oversight results in the following:
c.) An assessment of the organisation's dependence on resources and relationships as represented by the various forms of capital.
a.) An assessment of risks and opportunities emanating from the triple context (i.e. the economy, society and environment in which the organisation operates) and the capitals that the organisation uses and affects.
b.) Assessment of the potential upside, or opportunity, presented by risks with potentially negative effects on achieving organisational objectives.
-
e.) The establishment and implementation of business continuity arrangements that allow the organisation to operate under conditions of volatility, and to withstand and recover from acute shocks.
f.) The integration and embedding of risk management in the business activities and culture of the organisation.
- The need to receive periodic independent assurance on the effectiveness of risk management should be considered.
- The nature and extent of the risks and opportunities the organisation is willing to take should be disclosed without compromising sensitive information.
- The following should be disclosed in relation to risk:
-
b.) Key areas of focus during the reporting period, including objectives, key risks that the organisation faces, as well as undue, unexpected or unusual risks and risks taken outside of risk tolerance levels.
c.) Actions taken to monitor the effectiveness of risk management and how the outcomes were addressed.
-