Fundamentals of Risk Management


Download 3.45 Mb.
Pdf ko'rish
bet262/445
Sana02.06.2024
Hajmi3.45 Mb.
#1833791
1   ...   258   259   260   261   262   263   264   265   ...   445
Bog'liq
Fundamentals of Risk Management

Risk committees
Table 22.3 sets out typical responsibilities for a risk management committee (RMC). 
Most large organizations will already have an audit committee, chaired by a senior 
non-executive director. An option considered by many organizations is to extend the 
role of the audit committee to include all aspects of risk management or to establish 
a separate risk management group chaired by an executive director.
There is a strong argument for the RMC to be an executive group, rather than 
part of any existing non-executive audit committee. This is necessary because risks 
need to be managed in a proactive manner as an executive responsibility. The existing 
audit committee is likely to treat the management of risk as a non-executive (reactive) 
auditing of compliance. Separation of executive responsibility for the management 
of risk from non-executive responsibility for auditing and review of compliance will 
also be consistent with good corporate governance principles.
Some organizations have established the RMC as a sub-committee of the audit 
committee. If this is the case, actions need to be taken to ensure that risk is managed 
as an executive responsibility, rather than audited as a compliance/assurance issue. 
In fact, establishing the RMC as a sub-committee of the audit committee could impair 
the work of the RMC because of increased bureaucracy and an unhelpful emphasis 
on auditing and compliance, rather than proactive management of risks.
Membership of the RMC is another question that needs to be addressed. The 
fundamental decision to be taken in large organizations is whether the risk manage-
ment committee should be a small senior executive group setting strategy and policy 
or whether it should be a knowledge-sharing group with representation from each of 
the units or departments within the organization. The answer will depend on the 
structure of the organization and the intended role of the committee.
The terms of reference and the position of the risk committee within the risk
architecture of the organization have been the subject of much discussion. There is
an argument that the risk committee should be an executive-only function, because 
the management of risk is the responsibility of top executive management within


Download 3.45 Mb.

Do'stlaringiz bilan baham:
1   ...   258   259   260   261   262   263   264   265   ...   445



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2024
ma'muriyatiga murojaat qiling