Coggle requires JavaScript to display documents.
alignmt of risk appetite & strategy link growth, risk & return choose best risk response min surprise & loss identify & manage risk in org provide response to multiple risk seize opportunities rationalise capital
internal focus - ignore external envir risk identification - prioritize sudden events over more gradual risks y evolve over time risk assmt - make the process appear too simplicistic & thus too ez stakeH's involvemt in risk mgt often tends to get ignored
accurate accting records eg record transac, est resp 4 records & asset
acif obj eg report resp, channel of communication
avoid errors b4 they occur eg check delivery notes + invoices against orders, security awareness training
identify errors once they occured eg inv ctrl, bank recons, intruder detection, anti-malware
address the consequence of errors eg backup procedures, data restore
req by law & imposed by external authorities MUST be applied, regardless circum & used to prevent breach of law & to min risks fin service org may be subj to the ctrl that only ppl authorised by fin service regulatory body may give invsmt advice.
chosen by org to sapot mgt of bus authorisation ctrls, certain key transac req approval by senior mgr applied according to judgemt of org & its mgrs
ctrl y subj to human discretion
provided automatically by system & cannot be bypassed, ignored, or overridden MUST be applied
applied by individual employee
programmed into the system or org
ctrl y relate to envir in which application system is operated
ctrl y prevent, detect & correct error & irregularities as transac flow thru the bus system (input, process & output)
focus on key transac area, amphasise on safeguard assey & maintenance of proper acct records & reliable fin info
quantitative qualitative