coso_erm企業(yè)風(fēng)險(xiǎn)管理框架-文庫(kù)吧資料
2025-01-10 07:38本頁(yè)面
【正文】 folio view of risk. The ERM Framework ? Management considers how individual risks interrelate. ? Management develops a portfolio view from two perspectives: Business unit level Entity level The ERM Framework The eight ponents of the framework are interrelated … The ERM Framework Internal Environment ? Establishes a philosophy regarding risk management. It recognizes that unexpected as well as expected events may occur. ? Establishes the entity’s risk culture. ? Considers all other aspects of how the anization’s actions may affect its risk culture. Objective Setting ? Is applied when management considers risks strategy in the setting of objectives. ? Forms the risk appetite of the entity — a highlevel view of how much risk management and the board are willing to accept. ? Risk tolerance, the acceptable level of variation around objectives, is aligned with risk appetite. Event Identification ? Differentiates risks and opportunities. ? Events that may have a negative impact represent risks. ? Events that may have a positive impact represent natural offsets (opportunities), which management channels back to strategy setting. Event Identification ? Involves identifying those incidents, occurring internally or externally, that could affect strategy and achievement of objectives. ? Addresses how internal and external factors bine and interact to influence the risk profile. Risk Assessment ? Allows an entity to understand the extent to which potential events might impact objectives. ? Assesses risks from two perspectives: Likelihood Impact ? Is used to assess risks and is normally also used to measure the related objectives. Risk Assessment ? Employs a bination of both qualitative and quantitative risk assessment methodologies. ? Relates time horizons to objective horizons. ? Assesses risk on both an inherent and a residual basis. Risk Response ? Identifies and evaluates possible responses to risk. ? Evaluates options in relation to entity’s risk appetite, cost vs. benefit of potential risk responses, and degree to which a response will reduce impact and/or likelihood. ? Selects and executes response based on evaluation of the portfolio of risks and responses. Control Activities ? Policies and procedures that help ensure that the risk responses, as well as other entity directives, are carried
教學(xué)課件相關(guān)推薦
鄂ICP備17016276號(hào)-1