RISK ASSOCIATED WITH CORPORATE GOVERNANCE Q&A

Group 5

1. Can you give at least three (3) types of risks associated with business and
operation risk relate to:
Answers: (choose 3)
● business interruption/disruption and system failure
● errors or omissions by employees
● product failure
● Employment practices and workplace safety
● Damage to physical assets (including natural disasters)
● Clients, products & business practices
● Execution, delivery & process management
● failure of IT and manual systems
● Internal and External Fraud
● loss of key people
● Litigation
● loss of suppliers

2. What do you call the risk of failing to achieve an objective of the company
Answer: Strategic Risk

3. It is the exposure to legal penalties, financial forfeiture and material loss an

organization faces when it fails to act in accordance with industry laws and
regulations, internal policies or prescribed best practices.
Answer: Compliance Risk

4. Why do you think a company’s board and management refrain themselves

from having absolute assurance of the achievement of the entity’s
objectives - which is internal control?
Answer: That is because even an effective system of internal control can
experience a failure. Internal control cannot prevent bad judgment or decisions,
or external events that can cause an organization to fail to achieve its operational
goals.

5. It is a plan-based business strategy that aims to identify, assess, and

prepare for any dangers, hazards, and other potentials for disaster—both
physical and figurative—that may interfere with an organization's
operations and objectives.
Answer: Enterprise risk management (ERM)
6. This framework defined ERM as the discipline by which an organization in
any industry assesses, controls, exploits, finances, and monitors risks
from all sources for the purpose of increasing the organization's short- and
long-term value to its stakeholders.”
Answer: Casualty Actuarial Society (CAS)

7. This term refers to the acceptable level of variation around a particular set
of risk-based objectives.
Answer: Risk Tolerance

8. Give 2 ways to manage reputational risk

Answer: Choose 2
● Make reputational risk part of strategy and planning.
● Control processes
● Understanding all actions that can affect public perception.
● Understand stakeholder expectations.
● Focus on a positive image and communications
● Create response and contingency plans.

9. What does COSO stand for, and why is it considered a significant

organization in the corporate world?
Answer: Committee of Sponsoring Organizations of the Treadway Commission. It
is a joint initiative that aims to combat corporate fraud.

10. What are some benefits of Risk Based Governance Audit?

Answer: Choose only 2
● makes it easier for an organization to adapt to changing conditions;
● better understanding of the risks and enables the organization to better
manage the risks
● internal auditors to correctly identify risks and allows management to put
the correct internal controls
● easier for the business to understand its risks and the actual effects