Eight framework components of ERM

      

Eight framework components of ERM

  

Answers


Faith
• Internal Environment: The tone of an organization is set by its leaders. Does the company have a large appetite for risk, or are its leaders more risk-averse? Does the company's culture support the risk management and internal controls process?
• Objective Setting: A company may set goals on many levels: strategic, operating, financial. By clearly identifying its goals, management and the Board can more clearly perceive the risks that the company may encounter.
• Event Identification: The Board should ask management how the company identifies new risks and opportunities. What risks and trends exist in the company's industry? What risks are associated with new products, services or acquisitions? With new competitors? How are the company's risks interrelated? The Board should also consider legal, ethical and compliance risks that the company may encounter.
• Risk Assessment: After identifying potential risks, management and the Board should analyze and prioritize the risks in light of their likelihood and potential impact. Each business unit should be involved in the process. What adverse events has the company encountered in the past and what lessons were learned?
• Risk Response: Companies may chose to respond to risks by avoiding them, or by accepting them and working to reduce their impact or dilute their severity by sharing risk with other parties. What are the costs of these alternatives? Has management allocated sufficient resources to respond appropriately? Is the company adequately insured for its insurable risks?
• Control Activities: The Board should work with management to develop and implement well-structured policies and procedures in response to the company's primary risks to ensure that responsive actions are carried out at all levels of the company.
• Information and Communication: Relevant information should be well-documented and communicated on a timely basis - vertically, up and down the chain of management, and horizontally, across divisions of a company - to ensure that all members of the organization carry out their responsibilities with respect to the company's risk management policies.
• Monitoring: The Board should help management establish testing and evaluation procedures to monitor the company's risk management system
Titany answered the question on October 26, 2021 at 10:22


Next: Types and examples of Enterprise Risk Management
Previous: Typical risk functions in ERM

View More Strategic Governance and Ethics Questions and Answers | Return to Questions Index


Exams With Marking Schemes

Related Questions