100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
Risk management and accounting analytics - volledige samenvatting deel ERM €7,66
In winkelwagen

Samenvatting

Risk management and accounting analytics - volledige samenvatting deel ERM

 40 keer bekeken  3 keer verkocht

Volledige samenvatting om te slagen op Risk management! Omvat het deel ERM (Jeffrey Ottevanger) het vak risk management and accounting analytics. Alles uit de slides en lessen, van hoofdstuk 1 introduction to risk management tot hoofdstuk 6 fraud.

Voorbeeld 3 van de 21  pagina's

  • 21 juni 2024
  • 21
  • 2023/2024
  • Samenvatting
Alle documenten voor dit vak (2)
avatar-seller
ninakalinis
Risk Management and Control
1 Introduction to risk management
1.1 What is risk

“Risk is the effect of uncertainty on objectives”
- Links risk to objectives
- Effect may be negative, positive or a deviation from expectations
- Risk may be considered to be related to: a loss, an opportunity, the presence of an uncertainty for an
organization
ISO Guide 73 = risk classification system for analyzing/evaluating risks based on impact
Hazard or pure risks
- Only result in negative outcomes
- Associated with a source of potential harm of situation with the potential to undermine objectives
- Operational risk: normal efficient operations may be disrupted by loss, damage, breakdown, theft
- Often insurable
Examples:
- People: lack of skilled people and resources, unexpected absence of key personnel
- Premises: damage, insufficient premises
- Assets: theft of loss of physical assets
- Suppliers: delivery of defective goods
- IT: failure of systems, hacker

Hazard tolerance: manage risks to the lowest level that is cost-effective and in compliance with law
Control or uncertainty risks
- Give rise to uncertainty: difference between plans and real outcome
- Extremely difficult to quantify
- Often associated with project management: difficult to predict and control, unknown and unexpected
Control management = reducing the uncertainty and minimizing the potential consequences
> companies are averse to risk, but have to accept a level of uncertainty
Opportunity or speculative risks
- When companies deliberately take risks (market or commercial) in order to achieve a positive return
- Often financial, normal with development of new strategies
- Risk appetite: different for every company
2 kinds: associated with taking an opportunity & associated with not taking the opportunity
Opportunity management = maximize the benefits of taking entrepreneurial risks
> link between opportunity management and strategic planning: maximize the likelihood of a significant
positive outcome from investments in business opportunities
Examples: moving business to new location, diversifying into new products

There is no universal classification for risks (there is no right or wrong), choose one that is most suitable
o Impact: hazard, control, opportunity risks
o Time scale: impact in ST (operations), LT (strategy)
o COSO: strategic operations, reporting, compliance
o FIRM risk scorecard: Financial, Infrastructure, Reputational and Marketplace



Risk management and control – 2024 1

,1.2 What is control
Control mechanisms = all arrangements and procedures in place to ensure that business objectives may be met
Two important dimensions: formal vs. informal control
COSO Classification (in order of best to worst control):

- Preventive: limit the possibility of any undesirable outcome
- Corrective: limit the scope for loss and reduce any undesirable outcomes that have been realized
- Directive: designed to ensure that a particular outcome is achieved, giving directions to people on how
to ensure that losses do not occur: both prevents risks from occurring and detects risks when they occur
- Detective: designed to identify occasions of undesirable outcomes having been realized (after event)
Some traditional control mechanisms: authorization, supervision, segregation of duties, procedure manuals
1.3 Development of Enterprise Risk Management (ERM)
Historically, the term RM was used to describe an approach related to only hazard risks
Early 2000: ERM emerged as an attempt to manage enterprise risks in an integrated way
September 2014: COSO (Committee of Sponsoring Organizations of the Treadway Commission) defined ERM:
“ a process, effected by an entity’s board of directs, management and other personnel, applied in
strategy setting and across the enterprise, designed to identify potential events that may affect the
entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the
achievement of entity objectives “

ERM is constantly developing: 2009: ISO Guide 73: definitions of common terminology
1.4 Corporate governance en regulatory context
Corporate governance = the way organizations are directed and controlled, a set of codes, regulations, standards
- Facilitate accountability and responsibility for efficient and effective performance an ethical behavior
- Obligations placed on the board of an organization
- Protect executives and employees, ensure stakeholder confidence
RM is an integral part of CG, most countries have placed CG requirements: comply or explain of full compliance
CG in Belgian context: Code Lippens, Code 2009, Code Bysse

Almost all organizations use the Code as a framework, only 44% provides a description of the internal control
and risk management system => huge variation in details of description, quality of information

Sarbanes-Oxley Act (SOX) 2002: sets new or enhanced standard for all US companies as a reaction to a number
of accounting scandals
1.5 Control responsibilities
Internal control

= a process effected by the board, management and other personnel (at every level of the organization),
designed to provide reasonable assurance regarding the achievement of objectives in

- Effectiveness and efficiency of operations
- Reliability of financial reporting
- Compliance with applicable laws and regulations




Risk management and control – 2024 2

, Objectives of internal control (IIA)
- Accomplishment of objectives and goals
- Efficient use of resources
- Compliance with policies, plans, laws, regulations
- Safeguarding of assets and prevention of fraud
- Reliable financial and operational reporting
Internal audit
- Working independent for the board of directors
- Validation of the controls and procedures in place to manage risks > tries to give reasonable
assurance to the board that their control works
- Monitoring the effectiveness of the ERM processes (designed and implemented by management)
- Only responsible for reporting (internal control: responsible for activities and their execution)
- Focus on operational audit, continuous, future oriented
- Responsibilities:
o Giving assurance on the risk management processes
o Giving assurance that risks are correctly evaluated
o Evaluating the reporting of key risks
o Reviewing the management of key risks

External audit
- Performed by people independent of the company, works for the stakeholders (3rd party)
- Expert opinion on the financial statements
- Focus on financial audit, periodic, past oriented

Senior management
- Responsible for day-to-day management of risk and risk reporting to the board
- CFO or CRO
- Role of CRO: compliance champion, modeling expert, strategic controller, strategic advisor
Board of directors
- Not responsible for day-to-day management of risks
- Responsible for strategy, policies, values and risk appetite (willingness to take risk)
- Oversight responsibility that ERM processes are comprehensible, in line with strategy and functioning
The three lines of defence

Board
Audit committee
Senior management
Operational Management Risk management compliance Internal audit= 3rd line External
Internal controls = 1st line = 2nd line Audit
How is RM working?
Responsibility of CEO, CFO.. Risk manager, no direct link to
operational




Risk management and control – 2024 3

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

√  	Verzekerd van kwaliteit door reviews

√ Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, Bancontact of creditcard voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper ninakalinis. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €7,66. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 52510 samenvattingen verkocht

Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen

Start met verkopen
€7,66  3x  verkocht
  • (0)
In winkelwagen
Toegevoegd