Professional Documents
Culture Documents
MANANGEMENT
Risk: Definition
Possibility that actual may deviate expectations
Supported by statistical evidence
Classification of risk
1. Internal risk (Eg. Technological factors, Human causes, Physical factors)
2. External risk (Eg. competition, suppliers, customers, politics, economic environment, etc)
Other types of risk
Market risk
Credit risk
Liquidity risk
Technological risks
Legal risks
Reputation risks
Financial risks
Elements of risk management process
1. Risk identification
2. Risk analysis
This should be done based on the highest probability of
occurrence and the highest possible loss they can bring
3. Risk planning
This involves establishing appropriate risk avoidance policies
4. Risk monitoring
COSO framework of Enterprise Risk
Management
Internal environment
Objective setting
Event identification
Risk assessment
Risk response (avoid reduce share, and accept)
Control activities (make sure that chosen policies are carried out)
Monitoring
Responsibilities
Risk appetite and residual risk
Risk appetite refers to the amount of risk that an entity is willing
to accept in order to fulfil its strategy
Residual risk is the risk that remains after the company has
taken all possible measures to manage the risk. The company
has to face this risk since it is inevitable.
Discuss how the following organs are involved in risk
management process (From page 175 of NBAA BOOK)
1. Board of Directors
2. Management
3. Risk committee
4. Risk officer
5. Internal auditor