Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Governance, Business Ethics, Risk Management and Internal Control, Lecture notes of Information Systems

University of Batangas (UB)Information Systems

Risk Management and Internal Control Reviewer

Typology: Lecture notes

2024/2025

Available from 05/07/2025

jashmine-mae-agcang
jashmine-mae-agcang 🇵🇭

7 documents

1 / 9

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CHAPTER 11 RISK MANAGEMENT
RISK MANAGEMENT
Process of measuring or assessing risk and developing strategies to manage it
Is a systematic approach in identifying, analyzing, and controlling areas or
events with a potential for causing unwanted change
Is the act or practice of controlling risk
Is the identification, assessment, and prioritization of risks followed by
coordinated an economical application of resources
Risks to any specific program are assessed and systematically managed to
reduce risk to an acceptable level.
It includes risk planning, assessing risk areas, developing risk handling options,
monitoring risks to determine how risks have changed and documenting overall
risk management program
Technique for measuring, monitoring, and controlling the financial or
operational risk on a firm’s balance sheet
BASIC PRINCIPLES OF RISK MANAGEMENT
1. Create value
2. Address uncertainty and assumptions
3. Be an integral part of the organizational processes and decision-making
4. Be dynamic, iterative, transparent, tailorable, and responsive to change
5. Create capability of continual improvement and enhancement considering the
best available information and human factors
6. Be systematic, structured, and continually or periodically reassessed
PROCESS OF RISK MANAGEMENT
1. Establishing the context
a. Identification of risk in a selected domain of interest
b. Planning the remainder of the process
c. Mapping out:
i. Social scope of risk management
ii. Identity and objectives of stakeholders
iii. Basis upon which risks will be evaluated, constraints
d. Defining a framework for the activity and an agenda for identification
e. Developing an analysis of risks involved in the process
f. Mitigation or solution of risks using available technological, human, and
organizational resources
2. Identification of potential risk
a. Objective-based risk
b. Scenario-based risk
c. Taxanomy-based risk
d. Common-risk checking
e. Risk charting
3. Risk assessment potential severity of impact and the probability of
occurrence must be assessed
Risk Identificationcan start with the analysis of the source of problem or with the
analysis of the problem itself
ELEMENTS OF RISK MANAGEMENT
Performance of Assessment Method:
1. Identification, characterization, and assessment of threats
2. Assessment of the vulnerability of critical assets to specific threats
pf3
pf4
pf5
pf8
pf9

Partial preview of the text

Download Governance, Business Ethics, Risk Management and Internal Control and more Lecture notes Information Systems in PDF only on Docsity!

CHAPTER 11 RISK MANAGEMENT

RISK MANAGEMENT

 Process of measuring or assessing risk and developing strategies to manage it  Is a systematic approach in identifying, analyzing, and controlling areas or events with a potential for causing unwanted change  Is the act or practice of controlling risk  Is the identification, assessment, and prioritization of risks followed by coordinated an economical application of resources  Risks to any specific program are assessed and systematically managed to reduce risk to an acceptable level.  It includes risk planning, assessing risk areas, developing risk handling options, monitoring risks to determine how risks have changed and documenting overall risk management program  Technique for measuring, monitoring, and controlling the financial or operational risk on a firm’s balance sheet BASIC PRINCIPLES OF RISK MANAGEMENT

  1. Create value
  2. Address uncertainty and assumptions
  3. Be an integral part of the organizational processes and decision-making
  4. Be dynamic, iterative, transparent, tailorable, and responsive to change
  5. Create capability of continual improvement and enhancement considering the best available information and human factors
  6. Be systematic, structured, and continually or periodically reassessed PROCESS OF RISK MANAGEMENT
  7. Establishing the context a. Identification of risk in a selected domain of interest b. Planning the remainder of the process c. Mapping out: i. Social scope of risk management ii. Identity and objectives of stakeholders iii. Basis upon which risks will be evaluated, constraints d. Defining a framework for the activity and an agenda for identification e. Developing an analysis of risks involved in the process f. Mitigation or solution of risks using available technological, human, and organizational resources
  8. Identification of potential risk a. Objective-based risk b. Scenario-based risk c. Taxanomy-based risk d. Common-risk checking e. Risk charting
  9. Risk assessment – potential severity of impact and the probability of occurrence must be assessed Risk Identification – can start with the analysis of the source of problem or with the analysis of the problem itself ELEMENTS OF RISK MANAGEMENT Performance of Assessment Method:
  10. Identification, characterization, and assessment of threats
  11. Assessment of the vulnerability of critical assets to specific threats
  1. Determination of the risk
  2. Identification of ways to reduce those risks
  3. Prioritization of risk reduction measures based on a strategy RELEVANT RISK TERMINOLOGIES I. Risk Associated with Investments – investment uncertainty  Business Risk – uncertainty about the rate of return caused by the nature of the business. Uncertainty about the firm’s sales and operating expenses.  Default Risk – related to the probability that some or all of the initial investment will not be returned  Financial Risk – firm’s capital structure or sources of financing. If equity financed , any variability in operating income is passed directly to net income on an equal percentage basis. If partially financed by debt that requires fixed interest payment or by preferred share that requires fixed preferred dividend payments, then these fixed charges introduce financial leverage. Financial Leverage causes the firm’s lenders and its stockholders to view their income streams as having additional uncertainty  Interest Rate Risk – fluctuations in interest rates will cause the value of an investment to fluctuate. Movement in interest rates affect almost all investment alternatives  Liquidity Risk – uncertainty created by the inability to sell the investment quickly for cash  Management Risk – decisions made by a firm’s management and board of directors materially affect the risk faced by investors  Purchasing Power Risk – more difficult to recognize type of risk II. Risks Associated with Manufacturing, Trading, and Service ConcernsMarket RiskProduct Risk o Complexity o Obsolescence o Research and Development o Packaging o Delivery of Warranties  Competitor Risk o Pricing Strategy o Market Share o Market Strategy  Operations RiskProcess StoppageHealth and SafetyAfter Sales Service FailureEnvironmentalTechnological ObsolescenceIntegrity o Management Fraud o Employee Fraud o Illegal Acts  Financial RiskIntegrity Rates VolatilityForeign CurrencyLiquidityDerivativeViabilityBusiness RiskRegulatory ChangeReputationPoliticalRegulatory and LegalShareholder RelationsCredit RatingCapital AvailabilityBusiness Interruptions

committee. At least one member of the committee must have relevant thorough knowledge and experience on risk and risk management  Subject to its size, risk profile, and complexity of operations, the company should have a separate risk management function to identify, assess, and monitor key risk exposures STEPS IN THE RISK MANAGEMENT PROCESS

1. Set up a separate risk management committee chaired by a board member – demonstrates the firm’s commitment to adopt an integrated company-wide risk management system 2. Ensure that a formal comprehensive risk management is in place – this will provide a clear vision of the board’s desire for an effective company-wide risk management 3. Assess whether the formal system possesses goal and objectives, risk language identification, organization structure, and the risk management **process documentation

  1. Evaluate the effectiveness of the various steps in the assessment of the** **comprehensive risks faced by the business firms
  2. Assess if management has developed and implemented the suitable risk** management strategies and evaluate their effectiveness – strategies are developed to manage and resolve these identified risks 6. Evaluate if management has designed and implemented risk management capabilities – directors must continue to monitor and assess if management has been implementing designed risk management capabilities 7. Assess management’s efforts to monitor overall company risk management performance and to improve continuously the firm’s capabilities – monitoring is done by all concerned parties 8. See to it that best practices as well as mistakes are shared by all – regular communication o results and feedbacks to all concerned 9. Assess regularly the level of sophistication of the firm’s risk management **system
  3. Hire experts when needed**

CHAPTER 12 PRACTICAL GUIDELINES IN REDUCING AND MANAGING

BUSINESS RISKS

UNDERSTAND THE NATURE OF RISK

 The willingness and readiness to take personal and financial risks is a defining characteristic of the entrepreneurial decision-maker  Europe strategies focus on avoiding and hedging risk  Anglo-American companies view risk as an opportunity and accept risk management  Successful businessmen and decision-makers make sure that the risks resulting from their decisions are measured, understood, and possibly eliminated  Accepting that risks exist is a starting point for the other actions needed  Most important is to create the right climate for risk management  Control Systems – requires communication and leadership skills so that standards and expectation are set and clearly understood IDENTIFY AND PRIORITIZE RISKS  Identification of significant risks is crucial and allows to make informed decisions.  When identifying risks, it helps to define the categories into which they fall  Typical Areas of Organizational Risk o Financial  Accounting decisions and practices  Treasury risks  Fraud  Robustness of information management systems  Inefficient cash management  Inadequate insurance o Commercial  Loss of key personnel and tacit knowledge  Failure to comply with legal regulations or codes of practice  Contract conditions  Poor brand management or handling of a crisis  Market changes o Strategic  Marketing, pricing, and market entry decisions  Market changes affecting commercial decisions  Political or regulatory developments  Resource-building and resource allocation decisions o Technical  Failure of plant or equipment  Accidental or negligent actions o Operational  Product or design failure  Client failure  Breakdown in labour relations  Corporate malpractice  Political change CONSIDER THE ACCEPTABLE LEVEL OF RISK

 Risk management relies on accurate, timely information  Create a Positive Climate for Managing Risk  Recognizing the need to manage risk is not enough, organization should recognize and reward behavior that manages risk  Overcoming the Fear of Risk  Taking risks is needed to keep ahead of the competition  Risk is both desirable and necessary  It provides opportunities to learn and develop and compels people to improve and effectively meet the challenge of change

3. Controlling and Monitoring Enterprise-Wide Risk PRACTICAL CONSIDERATIONS IN MANAGING AND REDUCING FINANCIAL RISKFinance – is the lifeblood of a business  Guidance about Financial Decisions o Improving Profitability entrepreneurial flair and financial rigour  Variance Analysis – used to monitor and manage the results of past decisions, assess the current situation, and highlight solutions  Assessment of Market Entry and Exit Barriers – how easy or difficult it is to either entry or leave a market is crucial in strategic decision-making  Break even Analysis – is used to decide whether to continue developing a product, alter the price, provide or adjust a discount, or change suppliers to reduce cos. It also helps in managing the sales mix, cost structure, and production capacity, forecasting, and budgeting  Controlling cost – by focus on the big items of expenditure, be cost aware, maintain a balance between costs and quality, use budgets for dynamic financial management, develop a positive attitude to budgeting, and eliminate waste o Practical Techniques to Improve Profitability  Focus decision-making on the most profitable areas  Decide how to treat the least profitable products  Make sure new products enhance overall profitability  Manage development and production decisions  Set the buying policy  Consider how to create greater value from existing customers and products to enhance profitability  Consider how to increase profitability by managing people o Avoiding Pitfalls  Financial expertise must be widely available  Consider the impact of financial decisions  Avoid weak budgetary control  Understand the impact of cash flow  Know where the risk lies

CHAPTER 13 – OVERVIEW OF INTERNAL CONTROL

NATURE AND PURPOSE OF INTERNAL CONTROL

 Internal Control – is the process designed and effected by those charged with

governance, management, and other personnel to provide reasonable assurance about the achievement of the entity’s objectives with regard to reliability of financial reporting, effectiveness, and efficiency of operations and compliance with applicable laws and regulationsInternal Control – is designed and implemented to address identified business risks that threaten the achievement of any of these objectives  Whether an entity achieves its objectives relating to financial reporting and compliance is determined by activities within the entity’s control  Achieving its objectives relating to operations will depend not only on management’s decision but also on competitor’s actions and other factors outside the entity INTERNAL CONTROL SYSTEM IDENTIFIEDInternal Control System – all the policies and procedures adopted by the management of an entity to assist in achieving management’s objective of ensuring the orderly and efficient conduct of its business, including adherence to management policies, the safeguarding of assets, the prevention and detection of fraud and error, the accuracy and completeness of the accounting records, and the timely preparation of reliable financial information ELEMENTS OF INTERNAL CONTROL  Internal control structures vary significantly from one company to the next  Factors affect the specific control features of an organization  Internal control system extends beyond these matters which relate directly to the functions of the accounting system and consists of the following components: o Control EnvironmentControl Environment – means overall attitude, awareness and actions of directors and management regarding the internal control system and its importance in the entity  Control Environment – has an effect on the effectiveness of the specific control procedures  A strong control environment can significantly complement specific control procedures.  A strong environment does not ensure the effectiveness of the internal control system  Factors related in the control environment:  The function of the board of directors and its committees  Management philosophy and operating style  The entity’s organizational structure and methods of assigning authority and responsibility  Management control system  The environment in which internal control operates has an impact on the effectiveness of the specific control procedures  Factors comprise the control environment:Communication and Enforcement of Integrity and Ethical Values