![Risk management](https://123docz.net/image/doc_normal.png)
Đang tải... (xem toàn văn)
Thông tin tài liệu
Kiến thức về quản lý rủi ro, công cụ và phương pháp quản lý rủi ro, phù hợp ngành nghề quản lý, quản trị sự biến động. đo lường các biến đổi, kiểm soát sự thay đổi. phương pháp quản lý agile
Trang 1RISK
MANAGEMENT
BASIC PRINCIPLES, FRAMEWORK, STRATEGY AND TOOL
Trang 2q INTRODUCTION
q RISK MANAGEMENT PRINCIPLES
q RISK MANAGEMNT FRAMEWORK
q RISK MANAGEMENT TOOLS
q POLICY AND GUIDELINES
q RISK MANAGEMENT ARCHITECTURE
q RISK MANAGEMENT STRATEGY
q RISK MANAGEMENT PROTOCOLS
q RISK REGISTER
q CONCLUSION
Trang 3INTRODUCTION
Imagine a discipline without its own common set of assumptions, concepts, principles, standards and practices that are unique among its practitioners
Does this sound familiar? Of course it’s child rearing You got it!
Children reared in different parts of the world are taught different things - assumptions, concepts, principles, standards, practices, culture, beliefs, identity, race relation, gender, social conditioning – all very different
Trang 4INTRODUCTION
Every discipline has its own common set of assumptions, concepts, principles, standards and practices that are unique among its practitioners
Risk management is without exception It has its own common set of assumptions, concepts, principles, standards, practices and tools that together form the risk management discipline
It is imperative for organizations and risk management practitioners to understand and use these fundamental
Trang 5INTRODUCTION
The practice of risk management will be incomplete without these tenets which provide the foundation upon which risk management is designed and implemented There may be differences in the language used and applications of these canons due to organizational differences
However, the objective remains the same: to manage risks that threaten objectives
Trang 6INTRODUCTION
A risk management system is a series of coordinated organizational arrangements, structures, relationships, processes and procedures that are designed and embedded into the organization’s strategic and operational policies and practices
The principles of risk management provide a sound basis (intention and purpose) for establishing and implementing an effective risk management system
Trang 7PRINCIPLES OF RISK MANAGEMENT The principles are as follows:
management should contribute to the demonstrable achievement of objectives and improvement of performance in, for example, tax compliance, human health and safety, security, legal and regulatory compliance, public acceptance, environmental protection, product quality, project management; efficiency in operations, corporate governance and reputation
Trang 8PRINCIPLES OF RISK MANAGEMENT The principles are as follows:
organizational processes – risk management should not be a stand-alone activity that is separate from the main activities and processes of the organization Risk management is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning, project management and change management processes
Trang 9PRINCIPLES OF RISK MANAGEMENT The principles are as follows:
management should help decision makers make informed choices, prioritize actions and distinguish among alternative courses of actions
risk management should explicitly take account of uncertainty, the nature of that uncertainty and how it can be addressed
Trang 10PRINCIPLES OF RISK MANAGEMENT The principles are as follows:
– risk management should be a systematic, structured and timely approach to dealing with internal and external threats and vulnerabilities to the organization’s objectives and should contribute to efficiency, and to consistent, comparable and reliable results
Trang 11PRINCIPLES OF RISK MANAGEMENT The principles are as follows:
information – the inputs to the risk management process are based on information sources such as historical data, experience, stakeholders’ feedback, observations, forecasts and expert judgement However, decision makers should inform themselves of and take into account any limitations of the data or modelling used or the possibility of divergence among experts
Trang 12PRINCIPLES OF RISK MANAGEMENT The principles are as follows:
appropriate, full and timely involvement of all stakeholders and in particular, decision makers at all levels within and outside of the organization is required to ensure that risk management remains relevant and up-to-date Involvement also allows stakeholders to be properly represented, informed and to have their views taken into account in determining risk criteria and risk treatments
Trang 13PRINCIPLES OF RISK MANAGEMENT The principles are as follows:
should be aligned with the organization’s internal and external contexts and risk profile
responsive to change – risk management should continually sense and respond to change As external and internal events occur, context and knowledge change, monitoring and review of risk take place, new risks emerge, some change and others disappear
Trang 14PRINCIPLES OF RISK MANAGEMENT The principles are as follows:
of the organization – organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organizations
Trang 15RISK MANAGEMENT FRAMEWORK
The risk management principles and framework are closely related
While the principles provide the bases for establishing and implementing effective risk management system, the framework provides the system and structure that are integrated into the organization’s policies, processes and procedures
The framework consists of risk architecture, strategy and protocols
Trang 16RISK MANAGEMENT FRAMEWORK
The architecture is the schematic structure that establishes roles and responsibilities:
Trang 17RISK MANAGEMENT FRAMEWORK
The strategy provides a broad course of actions to achieve the risk management objectives:
Trang 18RISK MANAGEMENT FRAMEWORK
The protocols provide the ground rules and procedures to be carried out :
Trang 19RISK MANAGEMENT FRAMEWORK
Risk management framework has four inter-related stages:
Plan:
initiatives and gain board support;
develop common language of risk; and
Trang 20RISK MANAGEMENT FRAMEWORK Implement:
risk classification system;
risk assessment; and
evaluate the existing controls
Trang 21RISK MANAGEMENT FRAMEWORK Measure:
introduce improvements; and
management with other activities in the organization Learn:
measure risk management contribution; and
monitor improvement
Trang 22RISK MANAGEMENT TOOLS
The most fundamental tool to risk management is the human capacity with the competences, expertise and risk-awareness culture
Every risk management tool is useful in so far there is accompanying knowledge, skills, awareness and competences to adopt and use those tools
Trang 23RISK MANAGEMENT TOOLS
A large proportion of risk is identified, analyzed and treated through human interactions
Organizations therefore need personnel with the right knowledge, skills and attitude to effectively manage risk
The lack of such knowledge, skills and attitude poses potential risk to the organization
Trang 24RISK MANAGEMENT TOOLS
Risk management is based on information science (data, information and intelligence) and the creation and use of information is an essential tool for risk management
Another fundamental tool for risk management is a database – a data warehouse and data extraction and analysis tools and techniques to analyze, translate and use such database
Trang 25RISK MANAGEMENT TOOLS
There are many bespoke and off-the-shelf data extraction and analysis software available for use in risk management
Organizations need to build data warehouse that seamlessly interfaces all data across the organization to enable data mining, matching and logical manipulations
Trang 26RISK MANAGEMENT POLICY AND GUIDELINES
An organization needs to develop a common risk management language that is consistent across the entire entity
The role of risk management policy is to lay the foundation for such common language
A risk management policy is a statement of overall intentions, direction and scope of an organization’s risk management initiatives
Trang 27RISK MANAGEMENT POLICY AND GUIDELINES
A risk management guideline specifies the step-by-step procedure for the interpretation and implementation of policy
Guidelines define the implementation modalities of policy and a logical classification and proposition that are actionable within the context of the organization
Trang 28RISK MANAGEMENT ARCHITECTURE
Risk management architecture consists of the following elements:
structured risk governing bodies at the board and executive management levels to provide oversight, direction and supervision over risk management
roles and responsibilities for all responsible parties in the risk management process
Trang 29RISK MANAGEMENT ARCHITECTURE
board should establish clear reporting requirement and responsibility for individuals to provide accountability of their actions and use of resources
controls in place for dissimilating information to outside parties subject to confidentiality and data privacy policies
Trang 30RISK MANAGEMENT ARCHITECTURE
and executive management should establish a system that provides independent check and assurance on the adequacy and effectiveness of the risk management process
Trang 31RISK MANAGEMENT STRATEGY
Risk management strategy consists of the following elements:
executive management should form a system of shared beliefs and attitudes that characterize how risks and risk management are viewed in the organization
management should be embedded into organizational processes, procedures, activities and responsibilities
Trang 32RISK MANAGEMENT STRATEGY
executive management should set and communicate the organization’s risk appetite (the level of risk) that the organization is willing to accept and risk attitude ( behavior) toward risk
management policy and strategy should have thresholds for determining the significance and severity of risks
Trang 33RISK MANAGEMENT STRATEGY
management framework should have rules for specific risk categories
framework should have established methodologies for risk identification, analysis and evaluation
executive management should set and communicate risk management priorities for each year
Trang 34RISK MANAGEMENT PROTOCOLS
Risk management protocols consist of the following elements:
appropriate risk management tools, for example, computer software applications, data mining tools and common techniques
establish common risk classification system based on the nature and severity of risks
establish common risk assessment procedures such
Trang 35RISK MANAGEMENT PROTOCOLS
polices should establish control rules and procedures for carrying out risk treatments
should be clear to-do-list of activities to perform in case of emergencies, etc
establish the nature and form of documents and records to be maintained, electronic or manual
Trang 36RISK MANAGEMENT PROTOCOLS
entity should have periodic risk management training Important risk management tips and massages should be communicated to all staff within the organization on a regular basis
management system should have clear documented audit trail and procedures for audit and assurance should be established
Trang 37RISK MANAGEMENT PROTOCOLS
should have documented reporting and disclosure policies Risk management certification at the entity and individual levels is important
Trang 39RISK REGISTER – Sample Compliance Risk Register
102 April 5,
2017 Incomplete tax returns from many start-ups High High Severe Taxpayer Services Conduct tax clinics 146 Aug 27,
2018 Tax returns are not thoroughly analyzed by analysts
Conduct data analytics training for analysts 76 July 20,
2018 Multiple TINs for taxpayers on the tax register
project
Trang 40CONCLUSION
q R e v e n u e a u t h o r i t i e s m u s t e s t a b l i s h r i s k management system which provides reasonable assurance that objectives are being achieved
policies, processes and procedures
necessary for effective risk management
organization’s objectives and treatment strategies
Trang 41CASE STUDY
A revenue authority has set up a team to develop a risk management compendium The team needs to identify and define elements of the components of the risk management system:
Ngày đăng: 12/06/2024, 10:52
Xem thêm:
Từ khóa liên quan
Tài liệu cùng người dùng
Tài liệu liên quan