Fundamentals of Risk Management
Risk management standards
Download 3.45 Mb. Pdf ko'rish
|
Fundamentals of Risk Management
|
Risk management standards
81 ‘Enterprise risk management has evolved significantly since 2004 and stands at the verge of providing significant value as organizations pursue value in a complex and uncertain environment’, said Dennis Chesley, PwC’s global risk consulting leader and lead partner for the COSO ERM effort. ‘This update more clearly connects enterprise risk management with a multitude of stakeholder expectations, establishes the relationship between risk and strategy, positions risk in the context of an organization’s performance, and helps organizations anticipate so that they can get ahead of risk and embrace a mindset of resilience.’ COSO News Release 14 June 2016 COsO seeks public comment 07 establishing the context scope of the context ISO 31000 states that the first stage in the risk management process is to establish the context. The former Australian Standard AS 4360 referred to context as having three components, in addition to the risk management process. These components are the risk management context, internal context and external context. The relation- ship between the three contexts is illustrated in Figure 7.1. The three components of context may be considered as follows: ● ● Risk management context has already been described as the risk architecture, strategy and protocols or the risk management framework within the organization. This framework must fulfil two functions: 1) provide support for the risk management process within the organization; and 2) ensure that the outputs from the risk management process are communicated to internal and external stakeholders. ● ● Internal context refers to the organization itself, the activities it undertakes, the range of skills and capabilities available within the organization, and how it is structured. Internal stakeholders and their expectations are part of the internal context. This may be considered to be the strengths and weaknesses within the organization. ● ● External context is the environment within which the organization exists. This environment will include consideration of the business sector within which the organization operates, external stakeholders and their expectations and the external financial environment. This may be considered to be the opportunities and threats facing the organization. The nature and extent of the risk management process is a major consideration when establishing the context for risk management. The key question is what the risk management process is expected to achieve or the answer to the question of why the organization has risk management activities in place. The risk management context also includes consideration of who will be responsible and identifies the resources that will be required in order to fulfil risk management activities. Download 3.45 Mb. Do'stlaringiz bilan baham: 
|