Professional Documents
Culture Documents
uncertainty risk or not knowing the potential outcomes and the probability of these outcomes.
Genuine uncertainty where the potential outcomes and their probabilities are unknown.
Classification of risk:
1. Effect
o Fundamental risks
are those that affect society in general. It is beyond the control of any one
o Particular risks
are risks over which an individual may have some measure of control.
o Speculative risks
are those from which either good or harm may result.
o Pure risks
are those whose only possible outcome is harmful
2. controllability
o Controllable (unsystematic)
o Uncontrollable (systematic)
3. Correlation (measured by the correlation coefficient.)
o positive correlation
the risks will increase or decrease together.
o negative correlation
one risk will increase as the other decreases and vice versa.
4. Impact
o Financial Risk
has some direct financial impact on the entity is treated as financial risk.
o Non-Financial Risks
do not usually have direct and immediate financial impact on the business. may
have a significant financial impact if left uncontrolled.
5. Drivers
o Operational risks
relate to matters that can go wrong on a day-to-day basis while the organization
is carrying out its business.
o Strategic risk
is the potential volatility of profits caused by the nature and type of the business
strategies.
Impact of risk to:
Risk Averse – can tolerate risks up to a point where they receive an acceptable return
Risk- seeking - enjoy investing in risk ventures
Risk neutral – focus on maximizing return notwithstanding the level of risk
Creditor – can deny credit, charge higher interest, file actions in court, ask for collateral
Customers – concerned on getting the vale from the goods/ services they expect
Wider community – risk of the company not acting as a good corporate citizen
BUSINES RISK - risk associated in doing business. borne by both the firm's equity holders and providers
of debt,
FINANCIAL RISK – Risk associated with the effect of company’s capital structure or the mix of equity and
debt capital. borne entirely by equity holders.
o Shorter-term
liquidity risk
credit risk
o longer-term risks
gearing
currency
interest rate risks
PRODUCT RISK - include risks of financial loss due to producing a poor-quality product.
POLITICAL RISK – risk associated with political actions that affect the position and value of an
organization
TECHNOLOGICAL RISKS – risk of failure of system caused due to tampering of data access to critical
information, non-availability of data and lack of controls.
Strategic and operational technological risks - may force a new system for strategic
reasons but is impractical for operational purposes.
ENVIRONMENTAL RISK - potential liability of the company arising out of the environmental effects of
the company’s operation,
PROBITY RISK - risk of unethical behavior by one or more participants in a particular process.
Reputation risk - arises from the negative public opinion. strongly correlated to other risks.
Fraud risk - perpetrated through the abuse of systems, controls, procedures and working practices.
RISK MANAGEMENT
a process to identify, assess, manage, and control potential events or situations to provide
reasonable assurance regarding the achievement of the organization’s objectives.
COSO 2017 Enterprise Risk Management – Integrating with Strategy and Performance
o Principles.
Integrated.
Structured and comprehensive.
Customized.
Inclusive.
Dynamic.
Best available information.
Human and cultural factors.
Continual improvement.
o Framework.
Leadership and commitment.
Integration.
Design.
Implementation.
Evaluation
Improvement.
Adapting.
Continually improving.
o Process.
Scope, context and criteria.
Communication and consultation.
Risk assessment.
risk identification,
risk analysis,
risk evaluation,
Risk treatment.
Monitoring and review.
Recording and reporting.
Risk Assessment
o Risk identification
o risk description
o Risk estimation
Risk Evaluation
Risk Reporting. (internal & external)
Risk treatment