Chapter- 1 Contex of Risk Management-2011

8/7/2019 Chapter- 1 Contex of Risk Management-2011

1/99

Chapter 1: Context of RiskChapter 1: Context of Risk

ManagementManagementRamasamy MeiyappanRamasamy Meiyappan 11

Malaysian InsuranceMalaysian Insurance

InstituteInstitute

Risk ManagementRisk Management

Chapter: 1:Chapter: 1:Context of Risk ManagementContext of Risk Management


2/99



Risk ManagementRisk Management

InIn thisthis chapterchapter wewe willwill looklook atat thethe followingfollowingareasareas:: DefinitionDefinition ofof RiskRisk ManagementManagement

RelationshipRelationship betweenbetween riskrisk andand thethe objectivesobjectives ofof ananorganizationorganization..

ConsequencesConsequences ofof failingfailing toto deliverdeliver..

NeedNeed forfor riskrisk managementmanagement andand thethe potentialpotential costscosts ininignoringignoring itit..

SignificanceSignificance ofof riskrisk managementmanagement toto strategystrategy

CorporateCorporate GovernanceGovernance

LocationLocation withinwithin anan organizationorganization ofof thethe responsibilityresponsibilityforfor riskrisk managementmanagement


3/99



Definition of Risk ManagementDefinition of Risk Management

RiskRisk isis defineddefined asas::

TheThe combinationcombination of of thetheprobabilityprobability ofof anan eventevent andand itsits

consequencesconsequences..


4/99



Clarity to theClarity to the

Definition of risk ManagementDefinition of risk Management

TheThe managementmanagement ofof riskrisk recognizesrecognizes andand

dealsdeals withwith thethe threatsthreats toto anan organizationorganizationoror person,person, thethe vulnerabilitiesvulnerabilities beingbeing

carriedcarried andand thethe likelihoodlikelihood thatthat thethe threatthreat

willwill meetmeet thethe vulnerability,vulnerability, causingcausing

damagedamage..


5/99



Consequences and risk theConsequences and risk the

concern to a risk managerconcern to a risk managerAA riskrisk isis thethe threatthreat thatthat anan eventevent oror actionaction willwilladverselyadversely affectaffect anan organizationsorganizations abilityability totomaximizemaximize stakeholderstakeholder valuevalue andand toto achieveachieve

businessbusiness objectivesobjectives..RiskRisk arisesarises asas muchmuch fromfrom thethe possibilitypossibility thatthatopportunitiesopportunities willwill notnot bebe realizedrealized asas itit doesdoesfromfrom thethe possibilitypossibility thatthat threatthreat willwill

materializedmaterialized oror thatthat mistakesmistakes willwill bebe mademade;; andandRisk,Risk, however,however, isis integralintegral toto allall opportunityopportunity andandisis asas muchmuch aboutabout opportunityopportunity asas itit isis aboutaboutthreatthreat..


6/99



The process of risk managementThe process of risk management

could be stated simply as to:could be stated simply as to:identifyidentify thethe riskrisk

aanalyzenalyze andand measuremeasure vulnerabilityvulnerability

ii..ee impactimpact..decidedecide whichwhich risksrisks impactsimpacts areare andand

areare notnot acceptableacceptable..

controlcontrol oror transfertransfer anyany unacceptableunacceptable

riskrisk oror impactimpact..


7/99



Cont.Cont.

preparedprepared toto bebe ableable toto managemanage

throughthrough thethe occurrenceoccurrence ofof anyany

unacceptableunacceptable immovableimmovable riskrisk ororimpactimpact;; andand

reviewreview regularlyregularly..


8/99



Two Fundamental categorizationTwo Fundamental categorization

of Risk are:of Risk are:SpeculativeSpeculative

AndAnd

Operational riskOperational risk


9/99



Speculative riskSpeculative risk

IsIs wherewhere youyou chooseschooses toto placeplace

moneymoney oror otherother resourcesresources atat riskrisk..

A

imA

im isis toto makemake profitprofit oror otherother gainsgains..


10/99



Cont.Cont.

InIn doingdoing soso thethe decisiondecision wouldwould bebe

whatwhat gaingain couldcould bebe mademade andand

balancebalance thisthis withwith downsidedownside riskrisk..

EE..gg gambling,gambling, investinginvesting inin stockstock

marketmarket oror investinginvesting inin aa newnew

productproduct..


11/99



Past year questionPast year question

April 2008April 2008Question 1(b)Question 1(b)

List four potential consequences ofList four potential consequences of

ignoring risk management to anignoring risk management to anorganization.organization.

Answer: slide 10Answer: slide 10


12/99

Chapter 1: Context of RiskChapter 1: Context of RiskManagementManagement

Ramasamy MeiyappanRamasamy Meiyappan 1212

Operational riskOperational risk

InIn operationaloperational riskrisk therethere areare

SomethingSomething unplannedunplanned andand unun--pleasantpleasant thingsthings

thatthat hithit thethe organizationorganization itselfitself andand

causescauses damage,damage,

disrupts,disrupts, oror

hurtshurts itsits peoplepeople..

ThereThere isis rarelyrarely aa gaingain fromfrom suchsuch

incidentsincidents..


13/99



ContCont

InIn somesome circumstancescircumstances businessbusiness cancan

prepareprepare forfor thethe unexpectedunexpected throughthrough::

insuranceinsurance otherother riskrisk transfertransfer mechanisms,mechanisms,

contingencycontingency planningplanning andand fundingfunding

mechanismsmechanisms

toto covercover thethe costcost withoutwithout distortingdistorting currentcurrenttradingtrading oror budgetsbudgets


14/99




April 2008April 2008Question 1 (a) Define Operational riskQuestion 1 (a) Define Operational risk

management 3 marksmanagement 3 marks

Answer: slide 12Answer: slide 12


15/99



Cont.Cont.

TheThe workingworking definitiondefinition ofof OperationalOperational

managementmanagement wouldwould bebe::

identification,identification, analysisanalysis andand

controlcontrol ofof thosethose risksrisks whichwhich cancan threatenthreaten

thethe operations,operations, assetsassets andand otherotherresponsibilitiesresponsibilities ofof anan organizationorganization..


16/99



Cont. John Glenn is quoted asCont. John Glenn is quoted as

sayingsaying thethe greatestgreatest antidoteantidote toto worry,worry, whetherwhether

youyou areare gettinggetting readyready forfor aa spacespace flightflight oror

facingfacing aa problemproblem inin life,life, isis preparationpreparation..

TheThe moremore youyou trytry toto envisageenvisage whatwhat mightmight

happenhappen andand whatwhat youryour bestbest responseresponse andand

optionsoptions are,are, thethe moremore youyou areare ableable toto allayallay

youryour fearsfears forfor thethe futurefuture..


17/99



Relationship between risk and theRelationship between risk and the

objectives of an organizationobjectives of an organization

AnAn organizationorganization havehave aa rangerange ofof

objectivesobjectives..

SomeSome objectivesobjectives areare moremore crucialcrucial thanthanothersothers..

TheThe objectivesobjectives areare sometimessometimes informalinformal

butbut mostmost oftenoften areare defineddefined inin aa formalformal

andand documenteddocumented strategystrategy planplan..


18/99



ContCont

TheThe informationinformation withinwithin thesethese plans,plans,

whetherwhether formallyformally documenteddocumented oror

informal,informal, isis sharedshared withwith theirtheirvariousvarious stakeholdersstakeholders..


19/99



ContCont

OrganizationOrganization havehave aa rangerange ofof

dependenciesdependencies andand thethe continuationcontinuation

ofof somesome ofof thosethose dependencesdependences isiscrucialcrucial toto avoidavoid losses,losses, weaknessesweaknesses

emergingemerging and,and, inin somesome cases,cases, thethe

underminingundermining ofof thethe veryvery survivalsurvival ofofthethe organizationorganization..


20/99



ContCont

IfIf anan organization,organization, followingfollowing aa

failurefailure oror otherother unplannedunplanned damagedamage

ofof anyany kind,kind, cannotcannot deliverdeliver thethepromisespromises thatthat itit hashas formallyformally mademade ,,

thethe organizationorganization cancan bebe damageddamaged inin

manymany differentdifferent waysways..


21/99



ContCont

TheThe damagedamage cancan alsoalso bebe extensiveextensive

eveneven ifif thethe organizationorganization cancan stillstill

deliverdeliver itsits goodsgoods andand thethe services,services,butbut doesdoes notnot continuecontinue toto meetmeet thethe

contracted,contracted, oror implied,implied, qualityquality

standardsstandards..


22/99



ContCont

TheThe greatestgreatest risksrisks ofof anan organizationorganization isis shownshown inin

aa surveysurvey displayeddisplayed inin tabletable 11..11..

SomeSome ofof thethe riskrisk areare fromfrom::

Stakeholders,Stakeholders, employees,employees, suppliers,suppliers, customerscustomers

andand otherother recipientsrecipients ofof services,services, Distributors,Distributors,

Regulators,Regulators, TheThe media,media, PrivatePrivate investors,investors,

BankingBanking Industry,Industry, QuotedQuoted shareholders,shareholders, BusinessBusiness

partners,partners, TheThe environmentenvironment andand OthersOthers..


23/99



B1: StakeholdersB1: Stakeholders

DefinedDefined asas people,people, oror otherother

organization,organization, thatthat couldcould bebe

affectedaffected byby aa riskrisk incidentincidentoccurringoccurring in,in, oror around,around, thethe

organizationorganization..


24/99



B1A: EmployeesB1A: Employees

MoraleMorale andand PridePride..

ThisThis oftenoften reflectsreflects thethe degreedegree ofof thethe

employeesemployees interestinterest inin thethe successsuccess ofof anan

originationorigination andand hashas aa directdirect linklink intointo thethe

qualityquality ofof workwork performedperformed..

AA needneed forfor aa jobjob toto sustainsustain personalpersonal andand

familyfamily lifelife andand alsoalso selfself--esteemesteem..AA safesafe workingworking environmentenvironment..


25/99



B1B: Suppliers:B1B: Suppliers:

SuppliersSuppliers toto thethe organizationorganization willwill dependdepend onon itsits

survivalsurvival toto bebe ableable toto deliverdeliver andand receivereceive

paymentpayment forfor thethe goodsgoods oror serviceservice contractedcontracted..

TheThe lossloss ofof oneone oror moremore largerlarger customerscustomers cancandestroydestroy aa suppliersupplier ofof goodsgoods andand servicesservices..

TheThe organization,organization, asas aa suppliersupplier itself,itself, cancan

destroydestroy customerscustomers whowho areare furtherfurther upup thethe

deliverydelivery chainchain..


26/99



B1C:Customers and otherB1C:Customers and other

recipients of servicerecipients of service

BusinessBusiness customerscustomers movemove ifif theythey loseloseconfidenceconfidence inin eithereither deliverdeliver oror quantityquantity..

NonNon commercialcommercial ,, serviceservice supplierssuppliers maymay findfind

relationshiprelationship withwith existingexisting recipientrecipient difficultdifficult andandeveneven fail,fail, shouldshould confidenceconfidence bebe lostlost..

SalesSales teamsteams willwill findfind itit increasinglyincreasingly difficultdifficult totofindfind newnew customerscustomers..

FailureFailure toto deliverdeliver thethe contractcontract servicesservices withwithsufficientsufficient quantityquantity cancan leadlead toto litigationlitigation..


27/99



B1D: DistributorsB1D: Distributors

DistributorsDistributors areare wholesalewholesale customerscustomers--allallthethe aboveabove commentscomments applyapply..

DistributorsDistributors dependsdepends onon fewfew oror eveneven oneonesourcesource ofof supplysupply failurefailure couldcould damagedamagethatthat distributorsdistributors inin manymany differentdifferent waysways..

ItIt cancan causecause itit toto failfail ifif anan adequateadequate

replacementreplacement suppliersupplier isis notnot foundfound soonsoonenoughenough..


28/99



B1E: RegulatorsB1E: Regulators

VariousVarious regulatorsregulators inin manymany differentdifferent waysways taketake

aa continuingcontinuing interestinterest inin anan organizationorganization..

FailureFailure toto satisfysatisfy thethe statutorystatutory andand otherother

requirementsrequirements cancan resultresult inin themthem imposingimposing fines,fines,restrictingrestricting businessbusiness oror closingclosing downdown thethe

businessbusiness..

TheThe losseslosses cancan rangerange fromfrom financial,financial, reputationreputation

damagedamage andand eveneven toto closureclosure..


29/99



B1F: The MediaB1F: The Media

TheThe mediamedia hashas manymany formsforms:: LocalLocal andand nationalnational newspapers,newspapers, televisiontelevision

andand radio,radio, magazinesmagazines andand internetinternet..

CanCan bebe regardedregarded asas wholesalewholesale distributiondistributionofof anan organizationorganization andand itsits officialsofficials..

IfIf aa publicationpublication isis negativenegative aboutabout anan

organizationorganization muchmuch damagedamage cancan bebe donedone..TheThe impactimpact thereforetherefore isis ofof significancesignificance totoallall otherother stakeholdersstakeholders..


30/99



B1G: Private investors:B1G: Private investors:

Private,Private, monetary,monetary, investorsinvestors cancan rangerange fromfrom

family,family, partners,partners, employees,employees, associatedassociated

companiescompanies andand otherother investorsinvestors inin anan

organizationorganization..ThereThere areare investorsinvestors whowho havehave aa nonnon--monetarymonetary

stakestake inin thethe organizationorganization..

TheyThey stakestake theirtheir professionalprofessional andand personalpersonal

reputationsreputations alongalong sideside thatthat ofof thethe organizationorganization..

TheyThey suffersuffer lossloss alongsidealongside anyany damagedamage toto thethe



31/99



B1H: Banking industryB1H: Banking industry

BankingBanking andand investorinvestor financefinance companiescompanies willwillmaintain,maintain, throughout,throughout, anan interestinterest inin thethefortunesfortunes ofof thosethose organizationsorganizations..

IfIf thatthat moneymoney isis perceivedperceived toto bebe greatergreater riskriskduedue toto anan unexpectedunexpected downturndownturn inin thethe strengthstrengthofof anan organization,organization, thethe costcost ofof borrowingborrowing cancanincreaseincrease significantlysignificantly..

IfIf financersfinancers believebelieve thatthat therethere isis sufficientsufficient

causecause forfor concern,concern, theythey maymay demanddemand thatthat thetheassetsassets thatthat areare thethe securitysecurity forfor thatthat loanloan bebesoldsold immediatelyimmediately andand thethe loanloan repaidrepaid..


32/99



B1I: Quoted shareholders:B1I: Quoted shareholders:

TheyThey comecome toto thethe organizationorganization throughthrough stockstockmarketsmarkets inin itsits variousvarious formsforms..

TheyThey havehave manymany choiceschoices beyondbeyond thethe subjectsubject

organizationorganization andand cancan switchswitch fundsfunds awayaway rapidlyrapidly..FallingFalling stocksstocks valuesvalues cancan alsoalso increaseincrease thethe costcostofof borrowingborrowing capitalscapitals..

SingleSingle pointspoints ofof influenceinfluence cancan affectaffect shares,shares,

creditcredit ratingrating agenciesagencies suchsuch asas StandardStandard andandPoorsPoors andand investmentinvestment analystsanalysts ..


33/99



B1J: Business partners:B1J: Business partners:

OrganizationsOrganizations andand individualsindividuals oftenoften shareshareobjectivesobjectives andand responsibilitiesresponsibilities..

ThereThere isis aa sharingsharing ofof brandbrand valuesvalues andand

reputation,reputation, andand situationssituations areare createdcreatedwherewhere eacheach dependsdepends onon thethe otherother totomeetmeet itsits ownown responsibilitiesresponsibilities andand needsneeds..

FailureFailure ofof oneone cancan bebe destructivedestructive toto thetheotherother


34/99



B1K: The environmentB1K: The environment

IncreasinglyIncreasingly therethere isis publicpublic andand statutorystatutoryinterestinterest inin thethe qualityquality ofof thetheenvironmentenvironment..

ThereThere areare otherother subjectsubject coveringcoveringpollutionpollution ofof thethe physicalphysical environmentenvironment..

OrganizationOrganization maymay needneed toto considerconsider moneymoney

launderinglaundering andand insiderinsider dealingdealing throughthrough totocorporatecorporate manslaughtermanslaughter andand otherotherpotentiallypotentially criminalcriminal actsacts..


35/99



B1L: OthersB1L: Others

IndividualIndividual organizationsorganizations maymay havehave theirtheir own,own,

differentdifferent stakeholderstakeholder pressurespressures..

CompetitorsCompetitors tootoo areare aa formform ofof stakeholdersstakeholders

IfIf anan organizationorganization isis weakenedweakened byby anan

unexpectedunexpected damagingdamaging incident,incident, therethere isis usuallyusually

aa wholewhole rangerange ofof competitorscompetitors whowho willwill seesee thethe

incidentsincidents asas anan opportunityopportunity forfor themselvesthemselves..


36/99



Consequences of failing toConsequences of failing to

deliver.deliver.

TheThe consequencesconsequences ofof individualindividual damagedamage andand

failuresfailures cancan thereforetherefore bebe severesevere..

InIn additionaddition toto failingfailing toto upholduphold thethe variousvarious

interestsinterests ofof thethe stakeholders,stakeholders, thethe organizationorganizationcancan bebe damagedamage inin manymany otherother waysways..

ThisThis logicallylogically leadsleads toto aa needneed toto continuallycontinually

considerconsider thethe valuesvalues andand thethe responsibilitiesresponsibilities thatthat

itit needsneeds toto keepkeep safesafe fromfrom damagedamage andand lossloss..


37/99



ContCont

TheThe needsneeds toto bebe consideredconsidered areare::

TheThe safetysafety ofof peoplepeople

TheThe assetsassets ownedowned byby thethe organizationorganization andand thosethose

assetsassets belongingbelonging toto othersothers forfor whomwhom itit carriescarriesresponsibilitiesresponsibilities..

ConfidenceConfidence inin thethe businessbusiness andand thusthus thethe valuevalue ofof

thethe brandbrand namename..


38/99



Cont.Cont.

TheThe avoidanceavoidance ofof litigationlitigation costscosts..

TheThe legalitylegality ofof thethe organizationorganization andand itsits

compliancecompliance withwith relevantrelevant regulatorsregulators

requirementsrequirements.. TheThe operationaloperational abilityability toto continuecontinue toto managemanage

thethe organizationorganization effectivelyeffectively andand deliverdeliver inin timetime

andand qualityquality onon promisespromises andand contractscontracts..


39/99



The consequence of failing toThe consequence of failing to

deliver affect the following:deliver affect the following:

PeoplePeople

AssetsAssets

Balance sheet assetsBalance sheet assets Off balance sheet assets.Off balance sheet assets.

Revenue and cash flowsRevenue and cash flows

Legal obligationsLegal obligations

Operational consequencesOperational consequences


40/99



C1:PeopleC1:People

InIn relationrelation toto peoplepeople organizationorganization needsneeds::

AA safesafe environmentenvironment toto protectprotect employeesemployees andand

visitorsvisitors fromfrom accidentsaccidents andand crimescrimes..

AA safesafe environmentenvironment thatthat protectsprotects employeesemployees andandvisitorsvisitors fromfrom illnessillness (passive(passive smoking,smoking, stress,stress,

bulling,bulling, diseases,diseases, repetitiverepetitive strainstrain injury,injury, andand

others)others) andand

SkilledSkilled humanhuman resourcesresources toto continuecontinue toto bebeavailableavailable whetherwhether inin individualindividual oror teamsteams..


41/99



C2: Assets:C2: Assets:These is considered under different headings.These is considered under different headings.

C2A:Balance sheets:C2A:Balance sheets:

TheseThese areare money,money, buildings,buildings,

equipment,equipment, vehiclesvehicles andand otherother assetsassetsembracedembraced inin thethe balancebalance sheetsheet

figuresfigures..

TheseThese includesincludes assetsassets heldheld inin trusttrust..


42/99




October 2008October 2008

Question 1Question 1-- 6 marks6 marks

Give three examples of off balance sheetGive three examples of off balance sheet

assetsassetsAnswer:Answer:

Text book: Page 1/9Text book: Page 1/9

Presentation slide 39Presentation slide 39


43/99



Cont.Cont.

CC22BB::OffOff balancebalance sheetsheet assetsassets..

ThisThis coverscovers notnot includedincluded inin thethe balancebalance sheetsheetfiguresfigures::

IntellectualIntellectual assetsassets TheThe reputationreputation of,of, andand confidenceconfidence in,in, thethe


NonNon profitprofit--makingmaking organizationorganization cancan havehave equalequalimportantimportant dependencydependency inin thethe organizationorganization..

TheThe networknetwork ofof criticalcritical supplierssuppliers (relationships(relationships andandcontracts)contracts)

CustomerCustomer basebase..


44/99



Cont.Cont.

CC22CC:: RevenueRevenue andand cashcash flowsflows

ThisThis includesincludes thingsthings suchsuch asas ::

FinancialFinancial control,control, includingincluding creditcreditcontrolcontrol;; andand

TimelyTimely cashcash flowsflows andand revenuerevenue flowsflows


45/99



C3: Legal obligationsC3: Legal obligations

AnAn organizationorganization hashas aa numbernumber ofof legallegalobligationsobligations coveringcovering suchsuch thingsthings asas:: RegulatoryRegulatory andand licenselicense approvalsapprovals

ContractualContractual liabilitiesliabilities.. EnvironmentalEnvironmental responsibilitiesresponsibilities;;

FinesFines andand penaltiespenalties emergingemerging fromfrom criminalcriminallawslaws..

ExpensesExpenses arisingarising fromfrom litigationlitigation byby employeesemployeesandand thirdthird partiesparties..

OtherOther statutorystatutory responsibilitiesresponsibilities..


46/99



C4: Operational consequences.C4: Operational consequences.

TheThe mainmain operationaloperational needsneeds isis thethe abilityability totodeliverdeliver thethe servicesservices andand goodsgoods promisedpromised..

ThisThis hashas twotwo features,features, aa responsibilityresponsibility totodeliverdeliver whatwhat itit hashas contractedcontracted toto dodo;; bothboth inin

timetime andand qualityquality..ParticularParticular needneed toto deliverdeliver thosethose goodsgoods andandservicesservices thatthat areare duedue inin thethe firstfirst fewfew hourshours andanddaysdays afterafter thethe riskrisk incidentincident hashas occurredoccurred..

ThisThis responsibilityresponsibility needsneeds toto bebe metmet whilewhile thetherecoveryrecovery isis stillstill takingtaking placeplace andand isis partpart ofof thethecontinuingcontinuing planningplanning..


47/99



Cont.Cont.

TheThe urgencyurgency toto recoverrecover servicesservices variesvaries

dramaticallydramatically withwith differentdifferent kindskinds ofof businessesbusinesses..

AnAn organizationorganization dealingdealing withwith itsits customerscustomers viavia

ee--commercecommerce maymay havehave raisedraised expectationexpectation totothethe pointpoint thatthat theirtheir failurefailure toto continuecontinue serviceservice

deliverydelivery cancan becomebecome businessbusiness criticalcritical withinwithin

minutesminutes;; notnot thethe hourshours oror daysdays ofof otherother businessbusiness

modelsmodels andand productsproducts..


48/99



D: Need for risk management and theD: Need for risk management and the

potential costs in ignoring it.potential costs in ignoring it.

FewFew willwill argueargue againstagainst thethe conceptconcept thatthat anan

organizationorganization needsneeds toto understandunderstand criticallycritically thethe

risksrisks toto whichwhich itit isis exposedexposed..

WithoutWithout thatthat firstfirst stepstep ofof understandingunderstanding thetheriskrisk-- andand understandingunderstanding quitequite criticallycritically thethe

potentialpotential andand extentextent ofof thethe damagedamage thatthat cancan bebe

causedcaused-- itit isis remarkablyremarkably difficultdifficult toto taketake thethe

nextnext logicallogical stepssteps inin riskrisk managementmanagement..


49/99



Cont.Cont.

AnAn organizationorganization thatthat doesdoes notnot understandunderstand

thethe risksrisks itit isis takingtaking isis notnot ableable toto assessassess

justjust howhow wellwell itit isis doingdoing whenwhen comparedcompared

toto itsits peerspeers..

InvestorsInvestors willwill wishwish toto bebe ableable toto measuremeasure

thethe risksrisks theythey areare carryingcarrying againstagainst thethe

rewardreward theythey areare receivingreceiving..


50/99



ContCont

WithWith thethe knowledgeknowledge gainedgained byby aa

structuredstructured processprocess ofof criticallycritically

understandingunderstanding thethe risksrisks carried,carried, thethe

organizationorganization cancan makemake decisionsdecisions aboutabout

thethe acceptabilityacceptability oror otherwiseotherwise ofof thosethose

exposuresexposures..


51/99



ContCont

OnceOnce thosethose risksrisks thatthat havehave eithereither aa

potentialpotential levellevel ofof impactimpact oror aa frequencyfrequency

ofof incidentsincidents thatthat isis unacceptableunacceptable havehave

beenbeen identified,identified, thenthen

somethingsomething-- ii..ee.. riskrisk managementmanagement-- needsneeds toto

bebe introducedintroduced toto bringbring thesethese risksrisks downdown toto

acceptableacceptable levelslevels..


52/99



ContCont

TheThe firstfirst challengechallenge isis toto ensureensure thatthat therethere

isis aa formalformal infrastructureinfrastructure acrossacross anan

organizationorganization thatthat willwill seesee thatthat timetime andand

resourcesresources areare takentaken toto understandunderstand ,quite,quite

critically,critically, thethe exposuresexposures thatthat anan

organizationorganization isis carryingcarrying..


53/99



Cont.Cont.

All managers will consider themselves to beAll managers will consider themselves to be

risk manager as part of their everyday job.risk manager as part of their everyday job.

This is , and should be, true.This is , and should be, true.

A manager may be very skilled at the primaryA manager may be very skilled at the primary

responsibilities imposed by their job.responsibilities imposed by their job.

Their skills can include finance, marketing,Their skills can include finance, marketing,

personnel, team leader, product delivery orpersonnel, team leader, product delivery ortechnician.technician.


54/99



ContCont

TheThe realityreality isis thatthat theythey maymay notnot naturallynaturally havehave

thethe riskrisk managementmanagement skills,skills, thethe organizationorganization--

widewide vision,vision, nornor thethe necessarynecessary breadthbreadth ofof

understandingunderstanding ofof thethe exposuresexposures thatthat theythey maymaybebe carryingcarrying..

ItIt isis riskrisk managementmanagement thatthat bringsbrings thesethese andand

otherother peoplepeople togethertogether..

TheyThey cancan thenthen comecome toto anan understandingunderstanding ofof thethe

rightright levellevel ofof riskrisk acceptable,acceptable, riskrisk controlscontrols andand

riskrisk relatedrelated expenditureexpenditure..


55/99



Cont.Cont.

ExpenditureExpenditure cancan thenthen bebe focusedfocusedpreciselyprecisely toto ensureensure thatthat thethe qualityquality andandresilienceresilience ofof thethe riskrisk managementmanagement

matchesmatches preciselyprecisely thethe operationaloperational needsneeds..Furthermore,Furthermore, thethe riskrisk andand recoveryrecoveryplanningplanning expenditureexpenditure cancan eithereither bebe less,less,nornor moremore thanthan thethe organizationorganization needsneeds itittoto bebe..


56/99



D1: Potential costs:D1: Potential costs:

TheThe potentialpotential costscosts ofof failingfailing toto understandunderstand andandmanagemanage riskrisk cancan bebe severesevere..

SuchSuch costscosts cancan fallfall intointo aa numbernumber ofof differentdifferentareasareas andand thesethese areare consideredconsidered inin thisthis sectionsection.. DeathDeath andand injuryinjury LossLoss ofof MoneyMoney oror otherother valuablesvaluables..

LossLoss ofof physicalphysical valuablesvaluables

LossLoss ofof intellectualintellectual assetsassets..

LossLoss ofof reputation,reputation, confidenceconfidence andand thethe destructiondestruction ofofthethe brandbrand valuevalue..

InIn appropriateappropriate insuranceinsurance protectionprotection


57/99



D1A: Death and injury.D1A: Death and injury.

ThereThere areare manymany waysways thatthat riskrisk management,management,whenwhen inadequate,inadequate, cancan failfail toto reducereduce thetheincidenceincidence ofof deathdeath oror injuryinjury aroundaround aa factoryfactory ororotherother workplaceworkplace..

ThereThere areare risksrisks withinwithin thethe workingworking buildingsbuildingsandand aroundaround thethe machinerymachinery..

TheseThese riskrisk areare bothboth toto employeeemployee andand toto visitorsvisitors..

TheseThese exposuresexposures areare coveredcovered byby HealthHealth andandSafetySafety regulationsregulations..


58/99



Cont.Cont.

InadequateInadequate employeeemployee recruitmentrecruitment

proceduresprocedures cancan posepose furtherfurther riskrisk toto

employeesemployees..

UnsuitableUnsuitable andand poorlypoorly trainedtrained employeesemployees

cancan bebe aa dangerdanger toto themselvesthemselves asas wellwell toto

theirtheir colleaguescolleagues andand toto visitorsvisitors..


59/99



Cont..Cont..

StaffStaff traveltravel arrangementsarrangements needsneeds attentionattention fromfrom

thethe riskrisk managermanager..

ThereThere areare dangerdanger inin traveltravel toto somesome overseasoverseas

countriescountries andand unfamiliarunfamiliar environmentenvironment.. EmployeesEmployees cancan bebe exposedexposed toto kidnap,kidnap, ransomransom andand

otherother criminalcriminal threatsthreats..

OtherOther exposuresexposures includeinclude crimecrime levelslevels andand patternspatterns ofof

crime,crime, politicalpolitical risks,risks, civilcivil disorderdisorder andand wars,wars,environmentenvironment threatsthreats suchsuch asas hurricaneshurricanes andand

earthquakesearthquakes..


60/99



ContCont

GettingGetting thethe rightright levellevel ofof defensesdefenses inin

placeplace callscalls forfor thethe correctcorrect levellevel ofof

understandingunderstanding ofof whatwhat thosethose exposuresexposures

areare..


61/99



D1B: Loss of Money or otherD1B: Loss of Money or other

valuables:valuables: Loss of physical valuables.Loss of physical valuables.

ObviousObvious exposureexposure isis toto thethe lossloss ofof itemsitems

ofof moneymoney andand otherother valuablesvaluables thatthat belongbelong

toto thethe companycompany oror forfor whichwhich itit isis

responsibleresponsible..

TheseThese cancan rangerange fromfrom suddensudden losseslosses byby

fire,fire, theft,theft, terrorism,terrorism, earthquake,earthquake, crimecrimeandand toto aa wholewhole varietyvariety ofof otherother incidentsincidents..


62/99



ContCont

FinancialFinancial losseslosses cancan comecome fromfrom successfulsuccessful

claimsclaims againstagainst thethe organizationorganization byby employeesemployees

andand thirdthird partiesparties..

EffectiveEffective riskrisk managementmanagement bringsbrings aboutaboutunderstandingunderstanding ofof thesethese exposuresexposures..

TheThe resultantresultant decisiondecision cancan notnot onlyonly reducereduce thethe

risk,risk, oror cost,cost, ofof aa singlesingle dramaticdramatic lossloss..


63/99



ContCont

TheyThey cancan alsoalso ensureensure thatthat therethere willwill notnot

bebe aa seriesseries ofof smallsmall losseslosses thatthat areare

frequentfrequent enoughenough toto causecause aa significantsignificant

lossloss overover aa periodperiod ofof timetime..


64/99



ContCont

LossLoss ofof IntellectualIntellectual assetsassets..

InformationInformation andand otherother intellectualintellectual

propertiesproperties held,held, oror used,used, byby thethe

organizationorganization areare importantimportant valuablesvaluables..

TheThe informationinformation heldheld withinwithin anan

organizationorganization maymay bebe onon paper,paper, onon aa

databasedatabase oror simplysimply withinwithin thethe trainingtrainingandand experienceexperience ofof itsits workforceworkforce..


65/99



Cont.Cont.

TheThe informationinformation maymay alsoalso bebe aboutabout othersothers--

employees,employees, partners,partners, customerscustomers etcetc..

AA failurefailure toto taketake carecare thereforetherefore cancan notnot onlyonly

bringbring aboutabout damagesdamages..ActionAction maymay alsoalso bebe broughtbrought againstagainst thethe

organizationorganization underunder thethe UKsUKs DataData ProtectionProtection ActAct

19981998 oror underunder thethe DirectiveDirective onon PrivacyPrivacy andand

ElectronicElectronic Communications,Communications, knownknown asas thethe EE--piracypiracy DirectiveDirective..


66/99



D1C: Loss of reputation, confidence and theD1C: Loss of reputation, confidence and the

destruction of the brand value.destruction of the brand value.

OrganizationsOrganizations depend,depend, toto aa greatergreater oror lesserlesser

extent,extent, onon theirtheir reputationreputation andand thethe productproduct

brandbrand namesnames thatthat theythey carrycarry..

TheThe trusttrust isis vulnerablevulnerable ifif anan organizationorganization sufferssuffersaa lossloss oror injuryinjury thatthat itsits stakeholdersstakeholders considerconsider

waswas oneone thatthat shouldshould havehave beenbeen avoidedavoided byby

goodgood managementmanagement oror inin otherother wordswords effectiveeffective

riskrisk managementmanagement


67/99



ContCont

BusinessesBusinesses areare increasinglyincreasingly expectedexpected totobebe ableable toto illustrate,illustrate, beforebefore anyany damagedamageoccurs,occurs, thatthat theythey areare consciousconscious ofof riskrisk

andand havehave managedmanaged outout unacceptableunacceptableexposuresexposures..

AA continuingcontinuing strongstrong isis neededneeded inin aa varietyvarietyofof waysways andand ,, indeed,indeed, amongstamongst aa varietyvariety

ofof differentdifferent audiencesaudiences..


68/99



D1D: Inappropriate insuranceD1D: Inappropriate insurance

protection.protection.

WithoutWithout criticallycritically understandingunderstanding bothboth thethe risksrisks

andand thethe potentialpotential extentextent ofof thethe damage,damage, thethe

arrangementarrangement ofof anan insuranceinsurance portfolioportfolio mustmust atat

bestbest bebe aa lotterylottery..PremiumsPremiums cancan bebe wastedwasted..

AnAn organizationorganization maymay alsoalso suffersuffer losseslosses thatthat areare

notnot insuredinsured oror findfind thatthat itsits cover,cover, sumssums insuredinsured

andand periodsperiods ofof indemnityindemnity areare inadequatelyinadequately totocovercover losseslosses..



69/99




OctoberOctober--20082008

questionquestion --11 Part III11 Part III-- 34 marks34 marks

As a risk manager for Tasty Foodstuff Ltd.As a risk manager for Tasty Foodstuff Ltd.

Prepare a report for the board outlining thePrepare a report for the board outlining the

significance of risk management tosignificance of risk management to

corporate strategy.corporate strategy.

Answer:Answer:

Text bookText book-- page 1/14page 1/14-- 1/161/16

Presentation slide 66 onwards.Presentation slide 66 onwards.


70/99



E: Significance of riskE: Significance of risk

management to strategymanagement to strategy

TheThe alternativealternative toto riskrisk managementmanagement isis ofof

coursecourse riskyrisky managementmanagement..

InvestorsInvestors oror otherother stakeholdersstakeholders willwill bebe

unableunable toto evaluateevaluate thethe riskrisk andand willwill bebe

reluctantreluctant toto investinvest;; oror requirerequire aa

significantsignificant premiumpremium toto mitigatemitigate thatthat

unknownunknown oror thatthat discomfortdiscomfort..


71/99




Question 9 Part IIQuestion 9 Part II

Question 9 (a) prepare a risk mapQuestion 9 (a) prepare a risk map

showing how risk can be presentedshowing how risk can be presented

graphicallygraphically

Answer: Text book 1/14Answer: Text book 1/14


72/99



Cont.Cont.

FigureFigure 11..22 isis aa riskrisk mapmap thatthat cancan describedescribehowhow riskrisk cancan bebe presentedpresented graphicallygraphically..

ItIt needsneeds toto bebe understoodunderstood thatthat thethe riskrisk

managermanager cancan havehave anan importantimportant inputinput intointoallall oror anyany oneone ofof thesethese risksrisks andand thethebusinessbusiness strategiesstrategies thatthat putput anan organizationorganizationtogethertogether..

ThereThere areare oftenoften nono clearclear bordersborders betweenbetweenthesethese risksrisks..


73/99



ContCont

ItIt isis importantimportant toto understandunderstand thethe relationshiprelationship

betweenbetween thesethese exposuresexposures andand thethe strategiesstrategies ofof anan

organizationorganization toto reinforcereinforce thethe essenceessence ofof thethe

measurementmeasurement ofof riskrisk;; thethe need,need, aboveabove all,all, toto

measuremeasure thethe potentialpotential impactimpact ofof aa riskrisk incidentincident

occurringoccurring..

SomeSome companiescompanies havehave establishedestablished andand

exercisedexercised contingencycontingency plansplans designeddesigned toto handlehandlethethe incidentincident asas andand whenwhen itit occursoccurs..


74/99



Cont..Cont..

TheyThey cancan bebe confidentconfident theythey cancan managemanage aacrisiscrisis asas itit happenshappens andand withoutwithout seriousseriousdamagedamage..

DifferentDifferent typestypes andand sizessizes ofof organizationorganizationallall havehave quitequite differentdifferent approachesapproaches toto thetheexposureexposure toto riskrisk..

ThereThere isis oneone commoncommon denominatordenominatorbetweenbetween allall organization,organization, itit isis thetheimportanceimportance ofof humanhuman lifelife andand safetysafety..


75/99



Cont..Cont..

ViewsViews onon riskrisk levelslevels cancan bebe aa contributorcontributortoto decisiondecision aboutabout newnew partners,partners,outsourcing,outsourcing, newnew marketplacesmarketplaces and,and,

administratively,administratively, expenditureexpenditure ononinsuranceinsurance..

TheThe knowledgeknowledge willwill directlydirectly influenceinfluencedecisiondecision onon otherother riskrisk transfertransfer

mechanismsmechanisms andand thethe sophisticationsophistication ofofcontingencycontingency planningplanning..


76/99



ContCont

TakingTaking carefullycarefully consideredconsidered riskrisk isis aa

routineroutine-- indeedindeed essentialessential ingredientingredient-- ofof

businessbusiness andand otherother organizationorganization strategystrategy..

EffectiveEffective riskrisk understandingunderstanding andand riskrisk

managementmanagement proceduresprocedures cancan eveneven causecause

anan organizationorganization toto taketake newnew riskrisk

profitabilityprofitability..


77/99



F: Corporate governanceF: Corporate governance

ThereThere areare twotwo dimensionsdimensions toto corporatecorporate

governancegovernance..

OneOne entailsentails thethe internalinternal systemssystems ofof

controlcontrol thatthat supportsupport thethe boardboard inin runningrunning

thethe organizationorganization..

TheThe secondsecond isis thethe governancegovernance

requirementrequirement ofof externalexternal regulatorsregulators andandotherwiseotherwise thethe lawlaw inin generalgeneral..


78/99



Corporate GovernanceCorporate Governance

We will now look at the following areas:We will now look at the following areas:

Internal governanceInternal governance

External governanceExternal governance

Cadbury ReportCadbury ReportGreenbury ReportGreenbury Report

Hampel reportHampel report

Turnbull reportTurnbull report

Combined code 2003Combined code 2003 Other Governance ControlsOther Governance Controls


79/99



F1: Internal governanceF1: Internal governance

TheThe riskrisk managermanager havinghaving establishedestablished aa riskrisk

profileprofile needneed ss toto bebe rere assuredassured thatthat thethe divisiondivision

conductconduct theirtheir businessbusiness inin accordanceaccordance withwith thosethose

riskrisk profilesprofiles andand whenwhen therethere isis aa proposalproposal thatthatthethe riskrisk profileprofile needsneeds toto varyvary inin aa particularparticular

wayway..

ThisThis adherenceadherence toto establishestablish corporatecorporate standardsstandards

isis aa widewide subjectsubject andand goesgoes beyondbeyond thethe riskriskdepartmentdepartment alonealone ofof coursecourse..


80/99



ContCont

TheThe riskrisk managermanager cancan havehave aa significantsignificant

contributioncontribution inin establishingestablishing thatthat controlcontrol processprocess

andand inin turnturn gaingain fromfrom existingexisting overalloverall controlcontrol

processesprocesses whenwhen inin placeplace..RiskRisk governancegovernance willwill fundamentallyfundamentally rideride onon thethe

riskrisk policypolicy statement,statement, andand leadlead downdown throughthrough

allall ofof thethe processesprocesses andand standardsstandards thatthat havehave

beenbeen introducedintroduced toto deliverdeliver thethe riskrisk environmentenvironmentdescribeddescribed..


81/99



ContCont

TheThe riskrisk managermanager willwill makemake fullfull useuse ofof thethecorporatecorporate auditaudit processesprocesses thatthat areare alreadyalready ininplaceplace andand willwill coco--operateoperate withwith CorporateCorporateGovernanceGovernance Managers,Managers, AuditAudit Managers,Managers, thetheAuditAudit CommitteeCommittee andand othersothers toto agreeagree thethe riskriskstandardsstandards thatthat willwill lielie withinwithin theirtheir ownownagendasagendas..

TheThe RiskRisk ManagerManager willwill needneed toto bebe assuredassured thatthat

riskrisk isis onon thethe agendaagenda whilstwhilst decisionsdecisions areare beingbeingmademade plusplus corporatecorporate widewide standardsstandards areare beingbeingmaintainedmaintained..


82/99



Cont.. Shopping ListCont.. Shopping List

TheThe riskrisk managermanager maymay havehave aa shoppingshopping listlist ofofhigherhigher levellevel assuranceassurance andand couldcould includeinclude thethefollowingfollowing::

AppointmentAppointment ofof aa businessbusiness continuitycontinuity managermanagerandand supportingsupporting structurestructure..

IdentificationIdentification andand prioritizationprioritization ofof businessbusinessfunctionsfunctions andand recoveryrecovery speedspeed objectivesobjectives..

IdentificationIdentification ofof allall internalinternal andand externalexternalresourcesresources neededneeded toto supportsupport businessbusiness functionsfunctionsandand applicationsapplications..


83/99



ContCont

OffsiteOffsite storagestorage proceduresprocedures toto protectprotect criticalcritical

materials,materials, datadata andand otherother informationinformation..

EstablishmentEstablishment ofof notificationnotification proceduresprocedures atat thethe

timetime ofof businessbusiness interruptioninterruption andand thethedesignationdesignation ofof anan individualindividual andand deputiesdeputies toto

authorizeauthorize thethe executionexecution ofof aa contingencycontingency planplan..

AA clearclear andand resourcedresourced strategystrategy toto communicate,communicate,

internallyinternally andand externally,externally, withwith allall affectedaffectedpartiesparties..


84/99



ContCont

DesignDesign andand implementationimplementation ofof continuitycontinuity plansplans

thatthat ensureensure thethe continuationcontinuation ofof criticalcritical businessbusiness

functionfunction withwith agreedagreed scenariosscenarios andand coco--

ordinationordination betweenbetween interdependentinterdependentdepartments,departments, supplierssuppliers andand distributorsdistributors;; andand

CompletionCompletion ofof anan annualannual programmeprogramme ofof reviews,reviews,

updatesupdates andand businessbusiness continuitycontinuity exerciseexercise..


85/99



F2: External governanceF2: External governance

ThereThere areare aa hosthost ofof individualindividual ActsActs andand otherotherregulationsregulations inin thethe UKUK thatthat setset standardsstandards ofofbehaviourbehaviour inin aa wholewhole rangerange ofof organizationalorganizationalandand employmentemployment situationssituations..

CompanyCompany directorsdirectors dutiesduties areare outlinedoutlined inin thethe :: HealthHealth andand safetysafety atat workwork EtcEtc.. ActAct 19741974....

TheThe CompaniesCompanies ActAct 19851985,,

CompanyCompany DirectorsDirectors DisqualificationDisqualification ActAct 19861986..,,

InsolvencyInsolvency ActAct 19861986

FinancialFinancial ServiceService MarketMarket ActAct 20002000 (FSMA)(FSMA)

BankingBanking ActAct 19871987


86/99



ContCont

ManyMany ofof thethe regulationregulation dealdeal withwith mattersmatters ofofownershipownership structure,structure, relationshipsrelationships withwith financialfinancialmarkets,markets, transparency,transparency, standardsstandards ofof disclosingdisclosing

information,information, broadbroad structurestructure andand thethe behaviourbehaviour ofofthethe boardboard..

OperationalOperational andand otherother risksrisks oftenoften findfind themselvesthemselves

atat thethe corecore ofof thesethese areasareas ofof interestinterest..


87/99



Cont.Cont.

Specifically,Specifically, theythey cancan relaterelate toto oneone oror moremore

ofof employeesemployees regulations,regulations, financialfinancial andand

taxationtaxation regulations,regulations, insolvency,insolvency, intellectualintellectual

property,property, buyingbuying andand sellingselling business,business,environmentenvironment protection,protection, startstart upup regulationsregulations

andand tradingtrading..

ContCont Financial Services AuthorityFinancial Services Authority


88/99



Cont..Cont..-- Financial Services AuthorityFinancial Services Authority

(FSA)(FSA)

ItIt isis anan independent,independent, nonnon--

governmentalgovernmental bodybody whichwhich exerciseexercise

statutorystatutory powerspowers inin thethe UKUK underunderthethe FSMAFSMA..

ItIt isis anan importantimportant regulatorregulator ofof

financialfinancial servicesservices businessesbusinesses withinwithinthethe UKUK..


89/99



ContCont

UnderUnder thethe requirementsrequirements ofof thethe FSMAFSMA therethere

areare fourfour objectivesobjectives::

MaintainingMaintaining marketmarket confidenceconfidence

PromotingPromoting publicpublic understandingunderstanding ofof thethe financialfinancialsystemsystem

ProtectionProtection ofof consumersconsumers;; andand

FightingFighting financialfinancial crimecrime..


90/99



ContCont

FSAFSA aimsaims isis toto maintainmaintain efficientefficient orderlyorderly andandcleanclean financialfinancial marketsmarkets andand toto helphelp consumersconsumersachieveachieve aa fairfair dealdeal..

FSAFSA hashas widewide powerspowers relatingrelating toto informationinformationgathering,gathering, investigations,investigations, interventionintervention andandenforcementenforcement..

TheThe KeyKey documentdocument isis thethe FSAFSA HandbookHandbook ofof RulesRulesandand GuidanceGuidance..

FSAFSA hashas controlcontrol ofof enforcementenforcement ofof thethe MoneyMoneyLaunderingLaundering RegulationsRegulations 20032003..


91/99



F3: Cadbury Report.F3: Cadbury Report.

SetSet upup inin 19911991 toto adviseadvise onon thethe FinancialFinancial

aspectaspect ofof corporatecorporate governancegovernance..

OneOne ofof thethe recommendationrecommendation waswas thatthat thethe boardboard

shouldshould makemake aa collectivecollective decisiondecision onon riskriskmanagementmanagement policiespolicies andand shouldshould reportreport onon thethe

effectivenesseffectiveness ofof thethe companyscompanys systemssystems ofof

internalinternal controlcontrol..

DirectorsDirectors responsibilitiesresponsibilities shouldshould alsoalso includeincludeprotectingprotecting thethe assetsassets ofof thethe companycompany


92/99



Cont.Cont.

TheThe committeecommittee alsoalso recommendedrecommended bebemonitoredmonitored inin followingfollowing thesetheserecommendationsrecommendations..

ThisThis waswas endorsedendorsed byby thethe StockStock ExchangeExchangeinin 19951995 inin aa reportreport thatthat becamebecame knownknown asasCadburyCadbury markmark 22,, oror sonson ofof cadburycadbury..

TheThe reportreport foundfound thatthat therethere hadhad beenbeen ananincreaseincrease inin disclosuresdisclosures butbut moremore neededneededtoto bebe donedone..


93/99



F3A: Greenbury ReportF3A: Greenbury Report

CadburyCadbury lookedlooked atat goodgood stewardshipstewardship generally,generally,

therethere waswas aa separateseparate committeecommittee establishedestablished toto

makemake recommendationsrecommendations onon directorsdirectors paypay andand

serviceservice contractscontracts..TheThe committee,committee, headedheaded byby SirSir RichardRichard

Greenbury,Greenbury, reportedreported inin 19951995 andand deathdeath withwith thethe

needneed forfor opennessopenness inin establishingestablishing remunerationremuneration

andand contractcontract termsterms forfor directorsdirectors



94/99




April 2008April 2008

Question 12:Question 12:--34 marks34 marks

As the company Secretary of XYZAs the company Secretary of XYZ

Insurance Berhad, prepare a report for theInsurance Berhad, prepare a report for the

Board of Directors explaining theBoard of Directors explaining the

requirements of Hampel Report and therequirements of Hampel Report and the

Turnbull Report.Turnbull Report.

Answer: Text book 1/17Answer: Text book 1/17


95/99



F4: Hampel ReportF4: Hampel Report

TheThe HampelHampel CommitteeCommittee waswas setset upup inin

19951995,, succeedingsucceeding CadburyCadbury..

ItsIts objectiveobjective toto:: seekseek toto promotepromote highhigh

standardstandard ofof corporatecorporate GovernanceGovernance inin thethe

interestsinterests ofof investorsinvestors protectionprotection andand inin

orderorder toto preservepreserve andand enhanceenhance thethe

standingstanding ofof companiescompanies listedlisted onon thethe stockstockexchangeexchange..


96/99



Cont..Hampel statesCont..Hampel states

TheThe directorsdirectors should,should, atat leastleast annually,annually,conductconduct aa reviewreview ofof thethe effectivenesseffectiveness ofofthethe GroupsGroups systemsystem ofof internalinternal controlcontrol

andand shouldshould reportreport toto shareholdersshareholders thatthattheythey havehave donedone soso..

TheThe reviewreview shouldshould covercover allall controls,controls,includingincluding financial,financial, operationaloperational andand

compliancecompliance controlscontrols andand RiskRiskManagementManagement..


97/99


Ramasamy MeiyappanRamasamy Meiyappan9797

F5: Turnbull reportF5: Turnbull report

TheThe InstituteInstitute ofof CharteredChartered AccountantsAccountants inin EnglandEnglandandand WalesWales establishedestablished thethe TurnbullTurnbull workingworking partypartytoto provideprovide guidanceguidance toto listedlisted companiescompanies ininimplementingimplementing thesethese newnew requirementsrequirements..

TurnbullTurnbull saidsaid:: wewe havehave attemptedattempted toto produceproducerobustrobust andand practicalpractical guidanceguidance thatthat willwill helphelpcompaniescompanies toto ensureensure thatthat theythey havehave effectiveeffective riskriskmanagementmanagement andand controlcontrol systemssystems andand

WeWe werewere insistentinsistent asas aa committeecommittee thatthat thethe BoardBoardresponsibilityresponsibility waswas notnot somethingsomething thatthat couldcould bebedelegateddelegated elsewhereelsewhere inin thethe CompanyCompany..


98/99



F7: Other governance controlsF7: Other governance controls

RulesRules ofof governancegovernance (USA)(USA)

SinceSince EnronsEnrons bankruptcybankruptcy inin 20012001 severalseveral newnewrulesrules ofof governancegovernance havehave beenbeen introducedintroduced..

SarbanesSarbanes-- OxleyOxley--OxleyOxley ActAct inin JulyJuly 20022002 amendingamendingthethe 19341934 securitiessecurities andand ExchangeExchange ActAct..

InternationalInternational AccountingAccounting standardsstandards (IAS)(IAS) nownowknownknown asas InternationalInternational FinancialFinancial ReportingReportingStandardsStandards (IFRS)(IFRS)

BaselBasel IIII--CompaniesCompanies ActAct 20042004 (UK)(UK)..UKUK GovernmentGovernment departmentdepartment..

OtherOther publicpublic serviceservice bodiesbodies:: referrefer toto tabletable 11..22


99/99


G1: The Risk ManagerG1: The Risk Manager

TheThe riskrisk managermanager needsneeds foundationfoundation stonesstones withinwithin thetheorganizationorganization ifif risksrisks areare toto bebe effectivelyeffectively recognizedrecognizedmeasuredmeasured andand managedmanaged..

TheseThese foundationfoundation areare::

thethe earear ofof thethe boardboard oror highesthighest levellevel ofof managementmanagementwithinwithin thethe organizationorganization

AnAn abilityability toto communicatecommunicate thethe riskrisk messagesmessages rightright acrossacrossthethe organizationorganization toto peoplepeople whowho havehave thethe resourcesresources andandinformationinformation neededneeded andand thethe powerpower toto influenceinfluence decisiondecisionmakingmaking;; andand

AA statusstatus withinwithin thethe organizationorganization thatthat notnot onlyonly reflectsreflects thetheimportanceimportance ofof thethe role,role, butbut ensuresensures thatthat othersothers seesee thatthatimportanceimportance..

Documents

Chapter- 1 Contex of Risk Management-2011