Managing Risk Ch 5 b

8/11/2019 Managing Risk Ch 5 b

1/15

The Role of Auditing

in the ERM Process Chapter 5

Enterprise Risk Management (ERM)

Managing Risk

Definition of riskdanger, threat of damage or loss

The firm risk has various facets in different contexts

Finance, Insurance, Securities Trading, Workplace etc.

Finance RickInterest Rate Risk, Capital Risk, CountryRisk, Default Risk, Exchange Rate Risk, Liquidity

Risk, Under-writing Risk etc.

Insurance RiskIn case of burning of a building its

actual value is not known.


2/15

Securities Trading RiskA loss or

stagnation in value. This type of risk isdivided into two categories:

1. Systemic Risk or Market Riskaffects all

securities in the same class and is linked tothe overall capital market system. This risk

cannot be eliminated by diversification.

2. Unsystematic Risk or Diversifiable RiskCan be eliminated by diversification

Workplace Risk Accident, ill health, cancer


3/15

Risk Management Process

Commercial enterprises apply various forms

of risk management procedures to handle

different risks such as:

Operational risk managementdeals with

technical failures and human errors.

Financial risk managementhandles nonpayment of clients and increased rate of

interest.


4/15

Market risk managementdeals with

different types of market risk, such asinterest rate risk, equity risk, commodity

risk and currency risk.

Credit risk managementdeals with therisk related to the probability of non-

payment from the debtors.

Currency risk managementdeals withchanges in currency prices


5/15

Risk versus Uncertainty

Uncertainty: The lack of complete certainty,

that is, the existence of more that one

possibility. The true outcome is not

known.

Measure of Uncertainty: There is a 60%

chance this market will double in five years


6/15

Risk: A state of uncertainty where some of

the possibilities involve a loss.

Measure of risk: A set of possibilities each

with quantified probabilities and quantified

losses. Example: There is a 40% chance theproposed oil well will be dry with a loss of

12 million in exploratory drilling costs.


7/15

An Initial ERM Comment

You dont become a famous writer by

Reading a book

Reading about other authors

Watching someone else write

Similarly, you dont become an EnterpriseRisk Manager by

Reading a bookTaking a course

Listening to a presentation


8/15

Rather, ERM is

A complex process

involving broad-basedand in-depth

knowledge and understanding, requiring an appropriate corporate culture,

and creativity

born of a variety of exper iences.


9/15

ERM Definition from IIA

From Position Statement, The Institute of

Internal Auditors:

ERM is a structured, consistent and continuous

process across the whole organization for

identifying, assessing, deciding on responsesto and reporting on opportunities and threats

that affect the achievements of its objectives.


10/15

Steps in the

Risk Management Process

Determine the corporations objectives

Identifythe risk exposures

Quantifythe exposures

Assess the impact

Examine alternative risk management tools Selectappropriate risk management approach

Implementand monitorprogram


11/15

Enterprise Risk Management

Or Enterprise Risk and Assurance

Management

What is ERM?

Concerned with a broad financial and operating

perspective

Recognizes interdependenciesamong corporate,

financial, and environmental factorsStrives to determine and implement an optimal

strategyto achieve the primary objectives: e.g.,

maximizethe valueof the firm


12/15

Issues in ERM Implementation

Different corporate culturesrequire different

ERM approaches

Who is going to be the ERM championwithinthe company

Among senior executives

Among departments / functions

How to embeda risk management culture and

responsibilities throughout the firm


13/15

Keys to Success in ERM

Senior management commitment and

sponsorship

Embed a risk management culture in the

corporation at the operational level

Provide for accountability, both specific and

widespread

Clearly defined responsibilities for

coordination and maintenance

Adequate communication


14/15

Internal Audit and ERM

Overview

Provide independent and objective assurance

for Board on effectiveness of ERMIdentify/assess/manage key risks

Internal controls

IA has assurance and consulting rolesFunction of other resources

Relative time/effort between roles may vary

among firms and over time


15/15

End of Chapter 5

Documents

Managing Risk Ch 5 b