Fundamentals of Risk Management
Download 3.45 Mb. Pdf ko'rish
|
Fundamentals of Risk Management
- Bu sahifa navigatsiya:
- TAbLE 36.1
|
423
Risk assurance 424 Risk performance and certification reports include operational management reports as well as more formal declarations and certified reports to stakeholders. In certain cases, certification of the financial results of operations of the organization will be undertaken as a formal attestation by a third party. Typically, this third-party attestation will be undertaken by an external auditor. Such a written attestation will also include an evaluation of the effectiveness of the control activities related to financial reporting. The risk guidance from the Financial Reporting Council (FRC), published in 2014, provides a comprehensive set of responsibilities for the board of an organiza- tion. Table 36.1 provides a summary of the risk management obligations allocated to the board and it is Item 6 on Risk Communication and Reporting that is the most relevant to this chapter. It is important to note that the risk management reporting TAbLE 36.1 Risk management (RM) responsibilities of the board The FRC risk guidance identifies the risk management responsibilities of the board and these can be summarized, as follows: 1. Risk management processes ● ● Ensure that RM is incorporated within normal processes. ● ● Identify the principal risks facing the company. 2. Principal risks and risk appetite ● ● Assessment of risks to the business model and strategy. ● ● Risks the organization is willing to take or ‘risk appetite’. 3. Risk culture and risk assurance ● ● Risk culture is embedded throughout the organization. ● ● Adequate RM and assurance discussions take place at the board. 4. Risk profile and risk mitigation ● ● Risk profile of the company is kept under review. ● ● Measures to manage or mitigate the principal risks are taken. 5. Monitoring and review activities ● ● Monitoring and review of risk management is undertaken. ● ● Monitoring and review is ongoing and not just annual. 6. Risk communication and reporting ● ● Internal and external risk management communication takes place. ● ● Necessary risk information is communicated to and from the board. In summary, the FrC risk guidance requires that board attention should be paid to the risk management process, profile, principal risks and mitigation; the business model, strategy, risk appetite, risk culture and risk reporting; as well as the longer-term viability of the organization. |
