Please enable JavaScript.
Coggle requires JavaScript to display documents.
3 Risk Frameworks - Coggle Diagram
3 Risk Frameworks
COSO ERM
Risk management
Aligning risk appetite and strategy: Management considers the entity's risk appetite in evaluating strategic alternatives, setting related objectives, and developing mechanisms to manage related risks.
Enhancing risk response decisions: Enterprise risk management provides the rigor to identify and select among alternative risk responses - risk avoidance, reduction, sharing, and acceptance.
Reducing operational surprises and losses: Entities gain enhanced capabilities to identify potential events and establish responses, reducing surprises and associated costs or losses.
Identifying and managing multiple and cross-enterprise risks: Every enterprise faces a myriad of risks affecting different parts of the organization, and enterprise risk management facilitates effective response to the interrelated impacts, and integrated responses to multiple risks.
Improving development of capital: Obtaining robust risk information allows management to effectively assess overall capital needs and enhance capital allocation.
Seizing opportunities: By considering a full range of potential events, management is positioned to identify and proactively realize opportunities.
-
Components of Risk management: Internal environment. Objective setting. Event identification. Risk assessment. Risk response. Control activities. Information and communication. Monitoring.
Relationship of Objectives and Components: Effectiveness, Limitations, Encompass Internal Control, Roles an Responsibilities.
-
ISO 31 000
-
-
Review of ISO 31000 includes the design of framework, implementing risk management, monitor and review of framework, and improving framework.
Risk management should include: Risk management and internal control objectives; Statement of the attitude of the organization to risk; Description of the risk aware culture or control environment; Level and nature of risk that is acceptable; Risk management organization and arrangements; Details of procedures for risk recognition and ranking; List of documentation for analyzing and reporting risk; Risk mitigation requirements and control mechanisms; Allocation of risk management roles and responsibilities, Risk management training topics and priorities; Criteria for monitoring and benchmarking of risks; Allocation of appropriate resources to risk management; Risk activities and risk priorities for the next year.
-
King IV
Objectives
Promote corporate governance as integral to running an organization and delivering governance outcomes such as an ethical culture, good performance, effective control and legitimacy.
Broaden the acceptance of the King IV by making it accessible and fit for implementation across a variety of sectors and organizational types.
Reinforce corporate governance as a holistic and interrelated set of arguments to be understood and implemented in an integrated manner.
-
Present corporate governance as concerned with not only structure and process, but also with an ethical consciousness and conduct.
Philosophies
Integrated thinking: Takes accounts of the connectivity and interdependencies between the range of factors that affect an organization's ability to create value over time.
The organization as an integral part of society: Organizations operate in a societal context, which they affect and by which they affected.
Stakeholder inclusivity: Independent relationship between organization and its stakeholders, and the organization's ability to create value for itself depends on the ability to create value for others.
Corporate citizenship: The status as corporate citizen confers rights, obligations and responsibilities on the organizations towards society and the natural environment.
Principles
-
Governing body should govern the ethics of the organization in a way that supports the establishment of an ethical culture
Governing body should ensure that the organization is and is seen to be a responsible corporate citizen.
Governing body should appreciate that the organization's core purpose, its risks and opportunities, strategy, business model, performance and sustainable development are all inseparable elements of the value creation process.
Ensure that reports issued by the organization enable stakeholders to make informed assessments of the organization's performance and its short, medium and long-term prospects.
Governing body should serve as the focal point and custodian of corporate governance in the organization.
Governing body should comprise the appropriate balance of knowledge, skills, experience, diversity and independence for it to discharge its governance role and responsibilities objectively and effectively.
Its arrangements for delegation within its own structures promote independent judgement, and assist with balance of power and the effective discharge of its duties.
Ensure the evaluation of its own performance and that of its committees, its chair and its individual members, support continued improvement in its performance and effectiveness.
Ensure that the appointment of, and delegation to, management contribute to role clarity and the effective exercise to authority and responsibilities.
Govern technology and information in a way that supports the organization setting and achieving its strategic objectives.
Govern compliance with applicable laws and adopted, non-binding rules, codes and standards in a way that support the organization being ethical and a good corporate citizen.
Ensure that the organization remunerates fairly, responsibly and transparently so as to promote the achievement of strategic objectives and positive outcomes in the short, medium and long term.
Govern risk in a way that support the organization in setting and achieving its strategic objectives
Ensure that assurance services and functions enable an effective control environment, and that these support the integrity of information for internal decision-making and of the organization's external reports.
In execution of its governance role and responsibilities, the governing body should adopt a stakeholder-inclusive approach that balances the needs, interests and expectations of material stakeholders in the best interests of the organization over time.
Ensure that responsible investment is practiced by the organization to promote the good governance and the creation of value by the companies in which it invests.