Garantie de satisfaction à 100% Disponible immédiatement après paiement En ligne et en PDF Tu n'es attaché à rien
logo-home
Summary Risk Management and Data Analytics in Accounting (2023/2024) (16/20) €6,46
Ajouter au panier

Resume

Summary Risk Management and Data Analytics in Accounting (2023/2024) (16/20)

 24 vues  0 fois vendu

This is a complete summary of the course “D0R51A: Risk Management and Data Analytics in Accounting” given in the year 2023/2024. This summary includes both parts of the course. This is a summary based on: all the slides and the lectures. This course is given in the Master Accountancy en Revisor...

[Montrer plus]
Dernier document publié: 4 mois de cela

Aperçu 8 sur 120  pages

  • 6 août 2024
  • 6 août 2024
  • 120
  • 2023/2024
  • Resume
Tous les documents sur ce sujet (1)
avatar-seller
hehoqmfe
Summary ERM

,Table of contents

0. Introduction to risk management and control ................................................................................ 1
1. Part 1: Introduction to Risk Management ....................................................................................... 3
1.1. What is risk? ........................................................................................................................... 3
1.2. What is control? ..................................................................................................................... 8
1.3. Development of Enterprise Risk Management .................................................................... 11
1.4. Corporate governance and regulatory context .................................................................... 12
1.5. Control responsibilities ........................................................................................................ 13
2. Part 2: A closer look at ERM .......................................................................................................... 18
2.1. Major drivers of ERM development ..................................................................................... 18
2.2. Major benefits of ERM ......................................................................................................... 18
2.3. Risk management standards ................................................................................................ 20
2.4. Link between ERM and strategy development .................................................................... 34
3. Part 3: Risk Assessment ................................................................................................................. 37
3.1. Risk attitude and risk appetite ............................................................................................. 37
3.2. Inherent risk and residual risk .............................................................................................. 37
3.3. Risk assessment: definition and description ........................................................................ 38
3.4. Risk description and risk register ......................................................................................... 38
3.5. Risk assessment tools and techniques ................................................................................. 40
4. Risk response ................................................................................................................................. 45
4.1. Risk response or Risk treatment: ......................................................................................... 45
4.2. Summary figure ................................................................................................................... 46
5. Controls of selected risks ............................................................................................................... 47
5.1. Financial risk ........................................................................................................................ 47
5.2. Market risk ........................................................................................................................... 48
5.3. Credit risk ............................................................................................................................. 50
5.4. Operational risk .................................................................................................................... 51
5.5. Financial reporting and disclosure risk................................................................................ 52
5.6. Legal risk............................................................................................................................... 52
5.7. IT risk .................................................................................................................................... 53
6. What is fraud? ............................................................................................................................... 54
6.1. The definition of fraud ......................................................................................................... 54
6.2. Important components of fraud .......................................................................................... 54
6.3. Who commits Fraud ............................................................................................................. 54
6.4. Types of fraud....................................................................................................................... 54
6.5. The fraud triangle................................................................................................................. 57

,6.6. A Closer Look at Fraud Prevention & Detection................................................................... 64

,0. Introduction to risk management and control
= how to handle risks (don’t put head in the sand)




• The last 15 years we had a series of corporate scandals (Enron, WorldCom, Parmalat, L&H,
Société Générale, etc.) and the financial crisis.

• Also other risks:
o Technological: Year 2000 problem (millennium bug), cyber threats
o Disasters: weather, hurricane
o Terrorism
o Economic: the global financial crisis in 2008 demonstrated the importance of adequate
risk management.
▪ Some argue: financial crisis demonstrates the failure of risk management
▪ We do not agree: rather it demonstrates the failure of organizations to successfully
address the risks they face and need for better risk management
o As a consequence, risk management has become an increasingly important business
driver and shareholders/stakeholders have become much more concerned about risk –
not only financial risk, but also operational, strategic, ... risk.
→Integrate risk management with operational management & combine goals/strategy
with risks we’re facing.

• An enterprise-wide approach to risk management enables an organization to consider the
potential impact of all types of risks on all processes, activities, stakeholders, products and
services.

= enterprise risk management/integrated risk management (integrate all risks in a single
unified framework instead of having separate risks in separate silo’s)

• Implementing a comprehensive approach will result in an organization benefiting from what is
often referred to as the ‘upside of risk’. The last couple of years, there have been a lot of
evolutions with new standards, regulation, etc. New risk management standards have been
published, including the international standard, ISO 31000 ‘Risk management – Principles and
guidelines’.

→ 2 sides of a coin: don’t overdo it because not taking any risks isn’t beneficial for a
company.


1

,• In this course we will discuss in detail different types of risks and how to manage them
(controls).
o This course explores the emerging practice of “enterprise risk management” (ERM) or
“integrated risk management”– a new managerial outlook on managing risk
o Enterprise risk management considers all the risks faced by the firm and attempts to
integrate these disparate risks into a single unified analytical framework
o Traditionally, risk has been managed in the compartments of financial risk, operating risk,
credit risk, etc. Rather than allowing risk to remain in such “silos,” ERM insists that these
must be brought together into one system of risk management.
o As we will see, the methods of ERM are very much a work in progress.




2

,1. Part 1: Introduction to Risk Management
1.1.What is risk?
1.1.1. Definition
• Definition of risk (ISO Guide 73)
= “Risk is the effect of uncertainty on objectives”
= risk is something that makes it more difficult or impossible to achieve a certain goal set by a
company (negative connotation)

❖ Links risk to objectives (achieve a certain goal)
❖ Effect may be negative, positive or a deviation from expectations

o Therefore, risk may be considered to be related to:
▪ A loss
▪ An opportunity
▪ The presence of an uncertainty for an organization

o Every risk has its own characteristics that require particular management or analysis

o There are many definitions of risk and risk management. Risk is often defined in terms of
“harm and harmful events” (e.g. COSO).

⇔ Committee of Standards in Australia & New Zealand: (basis for new ISO standards)
concluded that we should not confine it to harmful events because outcomes can be
negative, but also positive.

➔ Therefore new definition, also included in ISO now: effect on objectives: thus a SHIFT
from “the event” (something happens) to “the effect” (in particular on objectives).

o Entrepreneurship/doing business requires accepting some risks!

⇔ However, entrepreneurship should be realized within the limits of acceptable risk.
Through the media we learn that this often not the case, with dramatic consequences for
everyone.

➔ Appropriate controls play an important role in avoiding these risks.

• An important part of analysing a risk is to determine the nature, source or type of impact of
the risk.
o Evaluation of risks in this way may be enhanced by the use of a risk classification system.
Risk classification system are useful for analysing/evaluating risks
▪ Risk classification systems are important because they enable an organisation to
identify accumulations of similar risks.
▪ A risk classification system will also enable an organisation to identify which
strategies, tactics and operations are most vulnerable.




3

, ▪ Risk classification systems are usually based on the division of risks into those
related to financial control, operational efficiency, strategic and regulatory
activities, as well as hazard risks

o However, there is no risk classification system that is universally applicable to all types of
organizations.
➔ Select/develop an appropriate one

o ISO Guide 73: risks are divided into three categories (based on impact):

▪ Hazard (or pure) risks: mainly operational risks, day-to-day going concern risk

▪ Control (or uncertainty) risks: risks associated with projects that have beginning
and ending such as for example setting up a new system that has uncertainties.

▪ Opportunity (or speculative) risks: mainly financial such as call/put options


1.1.2. Hazard or pure risks
= Risk events that can only result in negative outcomes

❖ Are associated with a source of potential harm or situation with the potential to
undermine objectives in a negative way
❖ Often thought of as operational risks: backups, locks, etc…. → leads to typical internal
controls
❖ Often insurable
❖ Normal efficient operations may be disrupted by loss, damage, breakdown, theft, and
other threats

• The application of risk management tools and techniques to manage hazard risks is the best
and longest-established branch of risk management

• May include:
o People:
▪ Lack of skilled people and resources
▪ Unexpected absence of key personnel
▪ Ill-health, accident or injury to people
o Premises:
▪ Inadequate or insufficient premises
▪ Damage to and contamination of premises
o Assets:
▪ Breakdown of plant or equipment
▪ Theft or loss of physical assets
o Suppliers
▪ Disruption caused by failure of supplier
▪ Delivery of defective goods or components
o Inefficient operation
▪ Transport failure or disruption


4

, o IT
▪ Failure of IT systems
▪ Disruption by hacker or computer virus
▪ Inefficient operation of computer software

• Hazard “tolerance”
= Companies will have a “tolerance” of hazard risks
o Need to manage these risks within these levels of tolerance
o Examples:
▪ Theft
Office environment: some theft of stationary, including paper, envelops and
pens may be tolerated because the cost of eliminating these risks may be very
large, so it becomes cost-effective to accept that these losses occur
Jewel shop: high security cost to eliminate impact of theft

o Health and safety risks
Generally accepted: take all appropriate actions to eliminate them. It is
generally accepted that companies should be intolerant and should take all
appropriate actions to eliminate them.
In practice: it is not possible so manage safety risks to the lowest level that is
cost effective and in compliance with law

o OFTEN: trade-of between preventive and corrective measures
➔ You need to know what the tolerance is. As a management you need to make sure you
stay within this tolerance. It’s the maximum loss you can have as a company. You need
to manage those risks


1.1.3. Control or uncertainty risks
= Risk that give rise to uncertainty about the outcome of a situation

❖ Uncertainty represents a deviation from the required or the expected outcome
❖ Extremely difficult to quantify: are associated with unknown and unexpected events
❖ Frequently associated with project management: difficult to predict and control

These risks are more sudden and unexpected. They are difficult to quantify because of the uncertainty.
Example: project management, it’s not on a going concern basis it’s something that happens and
disturbs. You don’t know what the outcome will be and it’s very hard to quantify this. It’s hard to make
calculations about what the financial effect is. What we usually do in practice is put percentages on it
for example, ‘% chance that situation X happens’.

• Control management
= is concerned with reducing the uncertainty and minimizing the potential consequences of
these events: is concerned with reducing the uncertainty and minimizing the potential
consequences of these events

o In general: companies have an aversion to control risks. If you can push the control risks
out of the window, then the chance that you will see those will be limited.



5

Les avantages d'acheter des résumés chez Stuvia:

Qualité garantie par les avis des clients

Qualité garantie par les avis des clients

Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.

L’achat facile et rapide

L’achat facile et rapide

Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.

Focus sur l’essentiel

Focus sur l’essentiel

Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.

Foire aux questions

Qu'est-ce que j'obtiens en achetant ce document ?

Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.

Garantie de remboursement : comment ça marche ?

Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.

Auprès de qui est-ce que j'achète ce résumé ?

Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur hehoqmfe. Stuvia facilite les paiements au vendeur.

Est-ce que j'aurai un abonnement?

Non, vous n'achetez ce résumé que pour €6,46. Vous n'êtes lié à rien après votre achat.

Peut-on faire confiance à Stuvia ?

4.6 étoiles sur Google & Trustpilot (+1000 avis)

53340 résumés ont été vendus ces 30 derniers jours

Fondée en 2010, la référence pour acheter des résumés depuis déjà 14 ans

Commencez à vendre!
€6,46
  • (0)
Ajouter au panier
Ajouté