RSK4801 Assignment 2 (QUALITY ANSWERS) 2024

RSK4801 Assignment 2 (QUALITY ANSWERS) 2024. For assistance call or us on 0.6.8..8.1.2..0.9.3.4.... CASE STUDY: RISK MANAGEMENT – THE ROLE OF A RISK MANAGER Since 2020, many incidents and events have caused organisations to adopt a focused approach towards risk management and the role of risk managers. Examples of these events are the COVID-19 pandemic and its severe effects on many countries, economies, and businesses. South Africa was not excluded from the pandemic and was further hampered by severe power interruptions and inadequate service delivery. These are all risk-related incidents/events involving risk managers to assist in the management thereof. According to an article in Enterprise Risk Magazine (2023), uncertainty also boosted the profile and role of risk managers. Large-scale risks are happening more often, which requires sound risk management to cope with the increasingly unclear business and physical environments. As such, it seems imperative that the role of risk managers and appropriate risk management tools is clear. The classic three lines of defence in the risk governance model endeavour to demarcate the various roles regarding the management of risks. Although there are many issues surrounding this model, it provides a foundational guideline for the roles of the main role-players in risk management. Regarding the tools for operational risk management, it seems that there are concerns over the predictive powers of key risk indicators (KRIs), the value of risk and control self-assessments (RCSAs), and the subjectivity of scenario analysis to manage operational risks (Enterprise Risk Magazine, 2023). In addition, embedding an operational risk management framework is becoming essential. However, it appears that there is only a vague understanding of the exact role of a risk manager. Furthermore, according to Enterprise Risk Magazine (2023), excessive effort is being expended on issues that generate too little value when using operational risk management tools. For example, RCSAs are tools that should provide value to organisations by identifying the primary inherent risks, which can be used for analysing risk scenarios and determining and managing KRIs. In addition, RCSAs can determine control weaknesses in managing the residual risks effectively. Enterprise Risk Magazine (2023) mentioned that organisations should focus their RCSA efforts on the effectiveness and adequacy of controls in mitigating low-, medium-frequency/medium and high-impact operational risks. Risks leading to high-frequency and low-impact operational loss incidents should be managed by means of more real-time monitoring of KRIs. This could ensure obtaining value from the RCSA activity. According to the Institute of Risk Management (IRM, 2023), the year 2024 will see certain risk events escalate, requiring a more “aggressive” and formal approach by risk managers to assist organisations in coping with these risk events. Some of these risks, specifically for South Africa, were identified by various risk managers as follows: • future disasters, such as ongoing floods, global warming, and drought • the constant negative influence of the energy crisis on the economy • the slow pace of sustainability and investment projects • poor maintenance and development of infrastructure • increasing cyber risks and cybercrimes • inadequate handling of fraud and corruption General comments on the above points seem to indicate a lack of effective business continuity processes and disaster management to manage future disasters. This is true of both the public and private sectors. Fraud and corruption are creating a negative view of the country, causing investors to be unwilling to invest in a deteriorating economy. This, in turn, leads to unemployment, poverty and social inequalities. Technology also needs to be insourced because of a lack of adequate expertise, which makes the country more vulnerable to cyber risks. Qualified people are emigrating to other countries because of the uncertainties surrounding South Africa’s well-being. The energy crisis is also playing a large role in undermining the country’s economy. Loadshedding is causing businesses to fail and is hampering service delivery. This, in turn, leads to the poor maintenance of infrastructure and a shortage of water and sanitation services. Unmaintained infrastructure also affects the environment, economy, and society, creating a negative impact on sustainability and investment projects. Note: For training purposes, some fictitious information has been included in this case study. Analyse the case study and answer the related questions. Question 1 (30 marks) Draw a diagram illustrating the three lines of defence to indicate the roles of risk management. Explain in detail the differences between the roles of the head of operational risk management and the third line of defence. Question 2 (20 marks) Define “operational risk” and discuss in detail the use of a risk and control self-assessment (RCSA) as an operational risk management tool.