RSK_2601 EXAM PACK WITH
ANSWERS
ENTERPRISE RISK MANAGEMENT
SECTION B:ESSAY QUESTIONS
ANSWER ALL QUESTIONS IN THE SPACES PROVIDED
QUESTION1-INTRODUCTION TO ENTERPRISE RISK MANAGEMENT(14MARKS)
Mrs Jacobs has just been appointed as the new CEO of CALL 4U Ltd.She
approaches you as the risk manager to gain a better understanding of the
implementation of enterprise risk management(ERM)within the company
Compile a report addressed to Mrs Jacobs in which you explain the elements of
an ERM structure
i)Corporate governance(board oversight)
-Corporate governance refers to a framework of rules and practices by which a
board of directors ensures Accountability ,fairness and transparency in a
companys relationship with all its
stakeholders(financiers,customers,management,employees,government and
the community.
-The corporate governance framework consists of the following:
.Explicit and implicit contracts between the companys and the stakeholders for
the distribution of responsibilities,rights and rewards
.Procedures for reconciling the conflicting interests of stake holders in
accordance with their duties,priviledges and roles
.Procedures for proper supervision ,control and information flows to serve as a
system of checks and balances
ii)Internal controls
-It refers to the process that is effected by a companys board of
directors,management and other personnel,designed to provide reasonable
assurance regarding the achievement of objectives in the following categories:
-Reliability of financial reporting
-Compliance with applicable laws and regulations
-Effectiveness and efficiency of operations
4
,iii)Implementation
-Implementation of risk can be resourced internally or externally.The
parameters of any planned actions have to be ommunicated,maopped and
agreed so that time factor,resources,costs,inputs and deliverables are
understood.
iv)Risk Management Framework
-Risk management framework is a conceptual structure that is used to address
the risks that are faced by an organisation.
-The purpose of the risk management framework is to assist an organisation in
integrating risk managent into its management process so that it becomes a
rouine activity.The frame work consists of the following five steps: a) Mandate
and commitment-Risk management must come from the topdown in an
organisation.(Organisation Management)
b)Design framework-Understanding the
organisation and its context,establishing the risk management
policy,embedding riskmanagement in all of the organisations practices
c)Implement framework-Timing of implementation
of framework should be planned and training sessions is required
d)Monitor Framework-Periodically review internal
and external stakeholders whether the risk management
framework,plan,policy and process require amendments
e)Improve Framework-Based on the results of the
monitor process,decision should be made on whether the risk management
framework step should be amended
5)Risk management policy
-A Risk management policy sets out how the risks ,which have been identified
by the risk assessment procedure,will be managed and controlled.The risk
management policy assigns responsibility for perfoming key tasks,establishes
accountability with appropriate managers ,defines boundaries, limits and
formalises reporting structures.
6)Risk management Process
5
, -It essentially applies management policies,procedures and practices to a set of
activities that are intended to establish the context,communicate and consult
with stakeholders and identify,analyse,evaluate ,treat ,monitor and review the
risk.All the processes are repeated through out the organisation up to the
implementation of therisk response actions
7)Sources of Risks
-A risk source is where risk originates and the risk source has the intrinsic
potential to give rise to a risk.
QUESTION 2- ENTERPRISE RISK MANAGEMENT PROCESS(10MARKS)
2.1) Briefly explain the following six(6) process activities which need to take
place in the risk evaluation stage(6)
BASIC CONCEPTS OF PROBABILITY
-It refers to the basic principles of probability,which can be used by a business
to measure expected outcomes of mutually exclusive and non mutually
exclusive events
SENSITIVITY ANALYSIS
-It is a method that can be used by a business to assess how sensitive the
project outcomes are to changes in business.The method uses one variable
and examines the effect of that specific variable on the project.
SCENARIO ANALYSIS
-It is a useful decision making method that focuses on the consequences of
events that would have been ignored by the business because it was regarded
as an event that has never happened or is unlikely to happen
SIMULATION
-It refers to a method that is used to analyse financial or time models,where
the variables may be un certain for example costs,duration,opportunities or
risks.
-It can be used when a business has statical software or commercially
available spread sheets
MONTE CARLO SIMULATION
6