Dr. Gholamhossein DavaniDr. Gholamhossein DavaniMember of High council of Iranian Association of Member of High council of Iranian Association of ) Certifeid Public Accountants )IACPA) Certifeid Public Accountants )IACPAIICA,IMA,AAA,CFE,IIA,BAA,EAA,CAAAIICA,IMA,AAA,CFE,IIA,BAA,EAA,CAAA
, orassessingriskand developingstrategiesto manage it.Strategies include transferring the risk toanother party, avoiding the risk, reducingthe negative effect of the risk, andaccepting some or all of the consequencesof a particular risk. Traditional riskmanagement focuses on risks stemmingfrom physical or legal causes (e.g. naturaldisasters or fires, accidents, death, andlawsuits).
The Risk Assessment andManagement Summary should:include
;A methodology section explaining the risk definition and process used;The identification of the parties involved in the process;A Risk Matrix o explain the criteria and define the levels of impact and likelihoodIdentification of sources of risk, assessment of the likelihood and impact of those risks, including the underlying assumptions made and a discussion of riskmitigation actions )including management controls taken and planned; andA summary of the key risks and a discussion of how they will be used to inform decisionson the nature and extent of monitoring )including performance measurement, recipient and internal.auditing and evaluation