SlideShare a Scribd company logo

The importance of risk analysis and management, and corporate governance

A
Atul
Business
1 of 24
Download to read offline
Commercial Accountability Challenges in a Global Environment The Nature and Relevance of Risk The Importance of Risk Analysis and Management, and Corporate Governance Atul Kuver February 2011 1 © Atul Kuver 2011
Executive Summary Qantas operates in an industry that focuses on high availability, safety, has low margins, intense competition and is vulnerable to external and internal business shocks. Reputation and branding, and safety can be considered to be part of Qantas’ strategic and operational objectives. Failure in either area can have serious consequences for Qantas. This report examines the nature and relevance of risk, the importance of risk analysis and management and corporate governance within the context of accountability frameworks. Risk management, the implementation of risk analysis and risk management systems with reference to the COSO ERM Framework are discussed. Qantas’ risk management systems are compared with the COSO ERM Framework to assess how Qantas manages reputation and branding, and safety risks. The comparison indicates that the Qantas risk management structure closely follows the COSO ERM Framework that support its strategic, operational, reporting and compliance objectives. The Qantas approach to Corporate Governance as documented in their Corporate Governance Statement (Qantas 2010) is compared and contrasted with the approach recommended in the ASX Corporate Governance Principles and Recommendations (ASX 2007) and the Kiel and Nicholson model (Kiel & Nicholson 2002). The review shows the Qantas approach is aligned with the ASX Corporate Governance Principles and Recommendations (ASX 2007). The Qantas approach also satisfies the structure and process of the Kiel and Nicholson model. Alignment of the ASX (2007) principles as approached by Qantas with the Kiel and Nicholson model shows that the Qantas Board accepts responsibility for the key functions regarding Corporate Governance. 2 © Atul Kuver 2011
Table of Contents Executive Summary ................................................................................................... 2 1 Introduction ...................................................................................................... 4 2 Nature and relevance of risk to corporate accountability................................... 4 3 Risk Management .............................................................................................. 5 3.1 ‘Risk-Silo’ Mentality versus the Holistic Approach to Risk ............................ 5 3.2 Drivers of Risk Management ....................................................................... 6 3.3 Deficiencies in Risk Management ................................................................ 7 4 Implementation of Risk Analysis and Risk Management Systems ....................... 8 4.1 COSO Enterprise Risk Management Framework .......................................... 8 4.2 Managing Reputation and Branding Risk, and Safety Risk at Qantas .......... 12 4.2.1 Internal Environment ......................................................................... 13 4.2.2 Objective Setting ................................................................................ 13 4.2.3 Event Identification ............................................................................ 13 4.2.4 Risk Assessment ................................................................................. 13 4.2.5 Risk Response .................................................................................... 14 4.2.6 Control Activities ................................................................................ 14 4.2.7 Information and Communication ....................................................... 14 4.2.8 Monitoring ......................................................................................... 14 5 Corporate Governance .................................................................................... 14 5.1 Kiel and Nicholson Model .......................................................................... 14 5.2 ASX Principles of Good Corporate Governance .......................................... 16 5.3 Qantas Corporate Governance Statement ................................................. 16 5.3.1 Alignment with ASX Principles 2007 ................................................... 16 5.3.2 Alignment with the Kiel and Nicholson Model .................................... 17 5.4 Corporate Governance within the Context of Accountability Frameworks . 20 6 Conclusion ....................................................................................................... 21 References .............................................................................................................. 23 3 © Atul Kuver 2011
1 Introduction This report examines the nature and relevance of risk, the importance of risk analysis and management and corporate governance within the context of accountability frameworks. The report outline is as follows. Section 2 explores the nature and relevance of risk to corporate accountability. Section 3 examines the practice of risk management. The ‘risk-silo’ mentality versus a holistic approach to risk management is discussed, followed by the drivers of risk management and deficiencies in risk management. The implementation of risk analysis and risk management systems is discussed in Section 4. The Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) Enterprise Risk Management-Integrated Framework (COSO ERM Framework) is described first. Then Qantas’ risk management systems are compared with the COSO ERM Framework to assess how Qantas manages reputation and branding, and safety risks. Section 5 discusses the alignment of the Qantas approach to Corporate Governance as documented in their Corporate Governance Statement (Qantas 2010) with the approach recommended in the ASX Corporate Governance Principles and Recommendations (ASX 2007) and with the Kiel and Nicholson model (Kiel & Nicholson 2002). The report concludes with Section 6. 2 Nature and relevance of risk to corporate accountability Organisations are facing increasing pressure from regulators, investors and other stakeholders to increase transparency and disclosure. Principle 7 of the ASX Corporate Governance Principles and Recommendations (ASX 2007, p. 32) states that ‘companies should establish a sound system of risk oversight and management and internal control’. ASX (2007, p. 32) emphasises that the responsibility for reviewing the company’s policies on risk oversight and management lies with the board. The board must satisfy itself that management has developed and 4 © Atul Kuver 2011
implemented a reliable system of risk management and internal controls. While traditional risks such as credit, market and foreign exchange risk remain the primary considerations, businesses are acknowledging the need to determine and assess risk in areas such as human capital, reputation and climate change (Economics Intelligence Unit 2007, p. 2). ASX (2007, p. 32) considers material business risks to include but not limited to: ‘operational, environmental, sustainability, compliance, strategic, ethical conduct, reputation or brand, technological, product or service quality, human capital, financial reporting and market related risks. 3 Risk Management Organisational objectives cover a range of areas including corporate strategy, operations, processes and projects. Organisations can encounter a variety of risks that can have an impact on these objectives. Risk management is how risks are managed. The ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations (ASX 2007, p. 32) defines risk management as ‘the culture, processes and structures that are directed towards taking advantage of potential opportunities while managing potential side effects’. 3.1 ‘Risk-Silo’ Mentality versus the Holistic Approach to Risk Risk management in the past has mostly been driven from the bottom up and been fragmented across different divisions within an organisation (Bowling & Rieger 2005). This method sets up a series of ‘risk-silos’ managed by different groups within the organisation. The different silos may have different risk tolerances, which can lead to one group with low to no risk, while another group may take on significant risks (Bowling & Rieger 2005, p. 32). In contrast, Enterprise Risk Management (ERM) is a framework that takes all risk areas into account. Risks are no longer considered in isolation. ERM looks at the activities of the business as a whole and analyses how different areas of risk affect each other (Bowling & Rieger 2005). 5 © Atul Kuver 2011
3.2 Drivers of Risk Management There are many drivers that increase the rationale for risk management. Economics Intelligence Unit (2007, p. 6) identifies risk management drivers that are both internal and external to organisations. Internal drivers include:  greater commitment from the board;  greater complexity experienced by organisations in the value chain due to advanced business practices, globalised markets and rapid technological change. The increase in the level of competition and rapid pace of change is destroying predictability for businesses (Stevenson, cited in Rao 2009, p. 87);  specific risk events such as product recalls or fraud. External drivers of risk management are those that arise from outside the organisation. These include:  increased focus on regulation of business practices and investor demands for greater disclosure and accountability. The consequence of recognition of corporate accountability to stakeholders is that an organisation’s governance system needs to consider the importance of satisfying the concerns of stakeholders (Brooks & Dunn 2010, p. 462). According to Brooks and Dunn (2010, p. 462-463), a focus on ethics risks and opportunities is necessary to ‘avoid potential loss of support for a corporations objectives, and to discover opportunities of greater support’ and a much broader risk assessment framework is required.  changes in competitive, technological, social, and political circumstances have amplified the likely impact of operations-related failure (Lewis, cited in Rao, p. 87). The regulatory environment in Australia includes (Bissett 2010, p. 81):  the AS/NZS ISO 31000: 2009 Standard which provides a practical framework for risk management; 6 © Atul Kuver 2011
 ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations;  Australian Prudential Regulation Authority (APRA) and Basel II Accord for the financial services industry;  Civil Aviation Safety Authority (CASA), International Civil Aviation Organisation (ICAO) and the Australian Transport Safety Bureau (ATSB) for the aviation industry. 3.3 Deficiencies in Risk Management According to Bisset (2010, p.80), the Global Financial Crisis (GFC) has highlighted shortcomings in the risk management process of many organisations. The causes and consequences of the deficiencies is summarised in Table 1. Table 1 Causes and consequences of risk management deficiencies. (Bisset 2010, p.80) Deficiency Cause of Deficiency Consequence Organisation’s failure to Inconsistent Risk culture define a risk culture or communication about risk appetite within the organisation Level of risk not Uncertainty about the considered return on investment as Risk/return trade-off higher returns are usually associated with higher risk Incentive schemes do not Reward structure not sufficiently represent the consistent with key Incentive schemes organisation’s risk performance indicators appetite Over-complicated risk Risk management Complexity and lack of structures and procedures procedures avoided or not integration used. Effect of risk on the Limited holistic indicators drivers of value and of risk Risk measures associated indicators of risk not well understood within the organisation Lack of a robust data Over-reliance on financial Risk information analysis capability. models and data where the underlying 7 © Atul Kuver 2011
Deficiency Cause of Deficiency Consequence fundamentals may not be understood and assumptions are not verified or challenged. No scenario planning. No stress testing of worst Worst case scenarios possible case scenarios. Risk function not Risk function seen merely Empowerment of the risk empowered. as a compliance function function or a roadblock function 4 Implementation of Risk Analysis and Risk Management Systems 4.1 COSO Enterprise Risk Management Framework The Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) Enterprise Risk Management-Integrated Framework (COSO ERM Framework) describes the fundamental elements of risk-management principles for organisations regardless of size (Bowling & Rieger 2005, p. 29). Enterprise Risk Management is defined as follows: Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. (COSO 2004) This definition is broad and complex, but probably necessarily so, because it tries to be an all inclusive definition that can be used by all organisations. Bowling and Rieger (2005, p. 30) provides a breakdown of the keywords and associated meanings. This is shown in Table 2. 8 © Atul Kuver 2011
Table 2 Understanding the keywords in COSO's ERM definition (Bowling & Rieger 2005, p. 30) Keyword Meaning A process a means to an end. Effected by people as opposed to sole reliance on policies, standard procedures, surveys or forms. Applied in a strategy setting the ‘big-picture’ view Across the enterprise view an aggregate or portfolio of risks rather than a narrow view of isolated risks. Identifying events consider in the context of the entity’s appetite for risk Reasonable assurance cannot have absolute guarantees. Achievement of organizational can take place in one or more objectives overlapping categories The COSO ERM Framework is illustrated as the cube shown in Figure 1. Figure 1 The COSO ERM Framework (COSO 2004, p.5). The top of the cube corresponds to four objectives: strategic, operations, reporting and compliance. The ERM Framework consists of eight components. These represent 9 © Atul Kuver 2011
what is needed to achieve each of the four objectives. A summary of the each of the components is given in Table 3. Possible deficiencies (Bisset 2010, p. 80) in risk management practices that could affect the significance of the component for an organisation are given in Column 3 of Table 3. For example:  deficiencies in risk culture may be indicative of how risk is viewed or lack of Board commitment;  a risk function that is not empowered may result in an inadequate response to risk due to a lack of alignment between risks and the organisation’s appetite or tolerance for risk. Table 3 Significance of the eight components in COSO's ERM Framework Possible Component Significance Deficiencies (Table 1)  encompasses the tone of an  Risk Culture organisation;  sets the basis for how risk is viewed and addressed by Internal people in the organisation Environment including:  risk management philosophy;  risk appetite;  integrity and ethical values;  operational environment.  objectives are necessary  Incentive before the potential events schemes affecting their achievement  Risk/return can be identified by trade-off management; Objective Setting  ensures that a objective setting process is in place;  ensures that the chose objectives align with the organisation’s mission and risk appetite.  internal and external events  Worst case that could affect the scenario Event achievement of any of the planning Identification organisation’s objectives must  Risk be identified; information 10 © Atul Kuver 2011
Possible Component Significance Deficiencies (Table 1)  risks and opportunities must be distinguished;  channel opportunities back into strategy or objective- setting process.  analyse risks by assessing their  Risk measures likelihood and impact;  analysis determines the risk Risk Assessment management approach;  assess risks on an inherent and residual basis.  select the appropriate  Risk response to the risk: information  avoid;  Empowering  accept; the risk Risk Response  reduce; or function  share;  develop actions to align the risks with the organisation’s tolerance and appetite for risk;  establish and implement  Empowering policies and procedures to the risk Control Activities assist in ensuring that risk function responses are carried out effectively.  identify, capture and  Complexity and communicate relevant lack of Information and information in a form and information Communication timeframe that enables people to carry out their responsibilities;  monitor entire ERM and  Empowering modify as necessary; the risk  accomplish monitoring function Monitoring through ongoing management activities, separate evaluations or both. 11 © Atul Kuver 2011
4.2 Managing Reputation and Branding Risk, and Safety Risk at Qantas Qantas operates in an industry that focuses on high availability, safety, has low margins, intense competition and is vulnerable to external and internal business shocks (Bisset 2010, p. 82). The organisation faces risks in all four objectives areas recognised in the COSO ERM Framework. Being one of the world’s safest airlines has long been Qantas’ key brand value, having never lost an aircraft. However, two recent safety incidents on two separate models of aircraft have threatened Qantas’ reputation. Industrial safety regulations that apply to the aviation industry will have extremely serious consequences for Qantas if any of the safety risks are realised. According to Bisset (2010, p. 82–83), risks ‘can’t be managed from 10,000 feet in the corporate head office. Effective risk management needs to be embedded within the operations of the organisation’. On July 25th, 2008, Qantas Flight 30 (QF30) was on a flight from London Heathrow Airport to Melbourne Airport with a scheduled stop-over at Hong Kong International Airport. Shortly after leaving Hong Kong an oxygen tank exploded, rupturing the fuselage just forward of the starboard wind root. There were no injuries and the aircraft made an emergency decent to 10,000 feet. In November 2010, a Rolls Royce Trent-900 engine failed on a Qantas Airbus A380 while flying over Indonesia. This event force Qantas to ground its entire A380 fleet. These events have raised questions about operations risk management (Washington 2010). The A380 issue created a complicated situation for Qantas in trying to preserve its reputation. Dr Ulysses Chioatta from SSAMM Management Consulting has commented that Qantas, by being ‘overly cautious and grounding more planes sends out a less than confident message to customers’ (Washington 2010). 12 © Atul Kuver 2011
Reputation and branding, and safety can be considered to be part of Qantas’ strategic and operational objectives. Safety will also fall under the regulatory framework for the aviation industry. Failure in either area can have serious consequences for Qantas. Qantas states that its risk management and internal control system aligns to the principles in the AS/NZS ISO 31000: 2009 Standard and the COSO ERM Framework (Qantas 2010, p. 23). Qantas’ risk management and the COSO ERM Framework are compared below. The comparison illustrates how the strategic, operational, reporting and compliance objectives are managed. 4.2.1 Internal Environment The Qantas Corporate Governance Statement (Qantas 2010, p. 23) states that the ‘Board is responsible for reviewing and overseeing the risk management strategy’. This shows commitment from the Board a top-down approach to risk management. The Chief Risk Officer is also a member of the executive team. 4.2.2 Objective Setting The Qantas Group Risk Management Framework is supported by three interrelated elements: governance, risk management and assurance (Qantas 2010, p. 23). 4.2.3 Event Identification A common standard for identifying, assessing and managing business risks across the group — The Qantas Management System (QMS) — provides business units with guidance regarding risk management. (Qantas 2010, p. 23). 4.2.4 Risk Assessment Material risks and effectiveness of risk management plans are escalated to Executive Management or relevant Board Committees. Assessments against different QMS elements are undertaken (Qantas 2010, p. 24). 13 © Atul Kuver 2011
4.2.5 Risk Response A Safety, Health, Environment & Security Committee (SHESC) is responsible for assisting the Board in its corporate governance activities including risk management. (Qantas 2010, p. 24). 4.2.6 Control Activities The Qantas Group Risk Management Policy (Policy) sets the minimum requirements and roles and responsibilities for managing risks across the organisation. The Board reviews and approves this Policy (Qantas 2010, p. 23). 4.2.7 Information and Communication A detailed risk register is prepared and reported every quarter by each business unit (Qantas 2010, p. 24). 4.2.8 Monitoring Independent, objective assurance and consulting services on the risk management system is provided through an Internal Audit function (Qantas 2010, p. 24). 5 Corporate Governance This section compares and contrasts the Qantas approach to Corporate Governance as documented in their Corporate Governance Statement (Qantas 2010) with the approach recommended in the ‘ASX Corporate Governance Principles and Recommendations’ (ASX 2007) and the Kiel and Nicholson model (Kiel & Nicholson 2002). 5.1 Kiel and Nicholson Model According to Kiel and Nicholson (2002, p. 18), despite uncertainty, practical solutions to governance problems can be found. They highlight that the board has two primary responsibilities: 1. conformance — relates to the past and present behaviour of the business. Board monitors and supervises management and is accountable to 14 © Atul Kuver 2011
stakeholders. Achieved through reporting financial and non-financial information about the business; 2. performance — is less developed. Board needs to focus on the future as directors are held accountable for firm performance. Kiel and Nicholson’s (2002) Corporate Governance Charter model aims to develop more effective boards by providing both a structure and a process. When the model is used as a process, it provides a forum to discuss ‘unmentioned’ issues that are often not addressed and lead to poor governance. An updated version of the Framework is shown in Figure 2. Figure 2 Kiel and Nicholson's Corporate Governance Charter model (Effective Governance Board Charter website). The model’s focus is to assist the board in directing business success through a process that aligns a company’s governance system to its organisational needs (Kiel 15 © Atul Kuver 2011
& Nicholson 2002, p. 23). The authors cite two primary benefits of the model. They state that the model: 1. creates a major policy document that can assist in the corporation’s leadership to deliver good governance; 2. guides strategic conversations at board level to move members to the ‘performing’ stage of group process. (Kiel & Nicholson 2002, p. 23) 5.2 ASX Principles of Good Corporate Governance The ASX Corporate Governance Council provides the following eight principles and recommendations: 1. Lay solid foundations for management and oversight. 2. Structure the board to add value. 3. Promote ethical and responsible decision-making. 4. Safeguard integrity in financial reporting. 5. Make timely and balanced disclosure. 6. Respect the rights of shareholders. 7. Recognise and manage risk. 8. Remunerate fairly and responsibly. (ASX 2007) 5.3 Qantas Corporate Governance Statement 5.3.1 Alignment with ASX Principles 2007 This comparison is fairly simple to establish from the Corporate Governance Statement (Qantas 2010). According to Qantas’ Corporate Governance Statement (Qantas 2010, p. 20), the ‘Board endorses the ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations’. Review of Qantas’ Corporate Governance Statement confirms that ASX Principles 1 to 7 is addressed. Surprisingly though, Principle 8 — Remunerate fairly and responsibly — unlike the first seven principles, is not specifically mentioned in the Statement. The 16 © Atul Kuver 2011
remuneration function is incorporated under the declaration of Principle 1. The report states that it is the Boards responsibility to ensure that ‘a clear relationship between performance and executive remuneration’ exists (Qantas 2010, p. 20). This seems to satisfy the requirements of Principle 8. 5.3.2 Alignment with the Kiel and Nicholson Model The details of the Corporate Governance Statement (Qantas 2010) have been examined to compare and contrast the content of the Corporate Governance Statement with Kiel and Nicholson’s model and the corresponding ASX principles. The results are shown in Table 4 on the following page. 17 © Atul Kuver 2011
Table 4 Qantas Corporate Governance compared and contrasted with the Kiel and Nicholson model and corresponding ASX principles. Top Level Governance ASX Kiel and Nicholson Model Statement Principle Board  The Board is structured to 2 Structure add value  The Board lays solid 1 Role of the foundations for Board management oversight Role of  The Board is structured to 2 Defining Individual add value Directors Governance Role of the  The Board is structured to 2 Roles Chairman add value Role of the  The Board is structured to 2 Company add value Secretary  The Board lays solid 1 Role of the foundations for CEO management oversight  The Board lays solid 1 foundations for Strategy management oversight 2  The Board is structured to add value  The Board lays solid 1 CEO foundations for management oversight  The Board lays solid 1 foundations for Monitoring management oversight Key Board  The Board safeguards the 4 Functions integrity of financial reporting Risk  The Board recognises and 7 Management manages risk  The Board lays solid 1 Compliance foundations for management oversight  The Board lays solid 1 Policy foundations for Framework management oversight Networking  The Board makes times 5 18 © Atul Kuver 2011
Top Level Governance ASX Kiel and Nicholson Model Statement Principle and balanced disclosure  The Board respects the 6 rights of shareholders Stakeholder  The Board makes times 5 Communicatio and balanced disclosure n  The Board respects the 6 rights of shareholders  The Board lays solid 1 foundations for Decision management oversight. Making  The Board promotes 3 ethical and responsible decision making  The Board is structured to 2 add value Director  The Board promotes 3 Protection ethical and responsible decision making Board  The Board is structured to 2 Effective Evaluation add value Governance Director  The Board is structured to 2, 8 Remuneration add value Director  The Board is structured to 2 Development add value Director  The Board is structured to 2 Selection and add value Induction Board  The Board lays solid 1 Meetings foundations for management oversight Board  The Board lays solid 1 Meeting foundations for Agenda management oversight  The Board lays solid 1 Improving Board Board Papers foundations for Processes management oversight  The Board lays solid 1 Board Minutes foundations for management oversight  The Board lays solid 1 The Board foundations for Calendar management oversight Committees  The Board lays solid 1 19 © Atul Kuver 2011
Top Level Governance ASX Kiel and Nicholson Model Statement Principle foundations for management oversight  The Board is structured to 2 add value 5.4 Corporate Governance within the Context of Accountability Frameworks The objectives of the Kiel and Nicholson model are to create a major policy document to assist the organisation’s leadership deliver good performance and to guide strategic conversations at that board level to move members to the ‘performing’ stage of the group process (Kiel & Nicholson 2002, p. 23). Figure 3 illustrates the analysis given in Table 4. The numbers next to each quadrant represent the corresponding ASX principles. The significant result here is the loading of the ASX principles as the Key Board Functions. This may not be a generic result but a consequence of where Qantas places its governance responsibilities. The content in Table 4 was generated by examining the details of each Board function and Qantas could have chosen to arrange the Board’s responsibilities slightly differently. This would have changed the distribution of the ASX principles slightly. However, while redistribution may have been possible, it is not entirely flexible. Many ASX principles fall in particular quadrants and some associations seem rigid. For example, ASX Principle 7 — Risk Management — will always fall in the Key Board Functions quadrant. 20 © Atul Kuver 2011
Figure 3 Kiel and Nicholson model and ASX principles overlap for Qantas corporate governance. Figure 3 highlights the areas of the ASX guidelines that the Board needs to focus on during each of the four phases. It is also important to keep in mind that while the Kiel and Nicholson model suggests structure and process, it is probably not intended to be normative. Compliance with the ASX guidelines already provides a satisfactory starting point. 6 Conclusion This report examined the nature and relevance of risk, the importance of risk analysis and management and corporate governance within the context of accountability frameworks. Risk management, the implementation of risk analysis and risk management systems with reference to the COSO ERM Framework were discussed. Qantas’ risk management systems were compared with COSO ERM Framework to assess how Qantas may manage reputation and branding, and safety 21 © Atul Kuver 2011
risks. Reputation and branding, and safety are of critical importance to Qantas. The comparison indicated that the Qantas risk management structure closely follows the COSO ERM Framework that support its strategic, operational, reporting and compliance objectives. The Qantas approach to Corporate Governance as documented in their Corporate Governance Statement (Qantas 2010) was compared and contrasted with the approach recommended in the ASX Corporate Governance Principles and Recommendations (ASX 2007) and the Kiel and Nicholson model (Kiel & Nicholson 2002). The review shows the Qantas approach is aligned with the ASX Corporate Governance Principles and Recommendations (ASX 2007). The Qantas approach also satisfies the structure and process of the Kiel and Nicholson model. This alignment demonstrates that the Qantas Board accepts responsibility for the key functions regarding the Corporate Governance. 22 © Atul Kuver 2011
References ASX 2007, ASX Corporate Governance Council, Principles of Good Corporate Governance and Best Practice Recommendations 2nd edition Bissett, A 2010, 'Enterprise risk management -- is it achievable?', Keeping Good Companies (14447614), 2, pp. 80-83. Bowling, D, & Rieger, L 2005, 'Making Sense of COSO's New Framework for Enterprise Risk Management', Bank Accounting & Finance (08943958), 18, 2, pp. 29- 34. Brooks, L. & Dunn, P. (2008) Business & Professional Ethics for Directors, Executives & Accountants, Mason, South-western Cengage Learning. COSO 2004, Enterprise Risk Management — Integrated Framework. Available at http://www.coso.org/documents/COSO_ERM_ExecutiveSummary.pdf [Accessed February 15, 2011]. Effective Governance Board Charter website. Available at: http://www.effectivegovernance.com.au/Board-Charter.html [Accessed February 15, 2011]. Economics Intelligence Unit 2007, Best practice in risk management | BUSINESS RESEARCH. Available at: http://businessresearch.eiu.com/best-practice-risk- management.html [Accessed February 16, 2011]. Kiel, G & Nicholson, G 2002, Real world governance: driving business success through effective corporate governance, Mt Eliza Business Review vol. 5, no. 1, pp. 17 – 28 Qantas 2010, Annual Report 2009 - 2010. 23 © Atul Kuver 2011
Rao, A 2009, 'IMPLEMENTATION OF ENTERPRISE RISK MANAGEMENT (ERM) TOOLS - A CASE STUDY', Academy of Accounting & Financial Studies Journal, 13, 2, pp. 87- 103. Washington, T 2010, Qantas engine troubles raise risk questions. Available at: http://www.riskmanagementmagazine.com.au/articles/66/0c06d866.asp [Accessed February 15, 2011]. 24 © Atul Kuver 2011

Recommended

Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute
Turlough Guerin GAICD FGIA
 
A Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk ManagementA Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk Management
Turlough Guerin GAICD FGIA
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
IRM India Affiliate
 
The relationship between enterprise risk management (erm)
The relationship between enterprise risk management (erm)The relationship between enterprise risk management (erm)
The relationship between enterprise risk management (erm)
Alexander Decker
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Process
regio12
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
Anu Damodaran
 
Risk management
Risk managementRisk management
Risk management
kartikganga
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentation
alygale
 

Recommended

Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute
Turlough Guerin GAICD FGIA
 
A Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk ManagementA Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk Management
Turlough Guerin GAICD FGIA
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
IRM India Affiliate
 
The relationship between enterprise risk management (erm)
The relationship between enterprise risk management (erm)The relationship between enterprise risk management (erm)
The relationship between enterprise risk management (erm)
Alexander Decker
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Process
regio12
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
Anu Damodaran
 
Risk management
Risk managementRisk management
Risk management
kartikganga
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentation
alygale
 
ERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementERM-Enterprise Risk Management
ERM-Enterprise Risk Management
Jorge Vaz Girão , CISA, PMP, PMDPro I, ERMCP
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
GAURAV SHARMA
 
Enterprise Risk Management ~ Inovastra
Enterprise Risk Management ~ InovastraEnterprise Risk Management ~ Inovastra
Enterprise Risk Management ~ Inovastra
Nik Hasyudeen
 
Enterprise Risk Management (ERM); From theory to practice
Enterprise Risk Management (ERM); From theory to practiceEnterprise Risk Management (ERM); From theory to practice
Enterprise Risk Management (ERM); From theory to practice
Segun Ogunwale
 
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
prosenzw69
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
Jeff B
 
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2
Tim Leech
 
Alcoa endorses The Business Roundtable Principles of Corporate
Alcoa endorses The Business Roundtable Principles of Corporate Alcoa endorses The Business Roundtable Principles of Corporate
Alcoa endorses The Business Roundtable Principles of Corporate
finance8
 
OverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplexOverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplex
Kashif Ali
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)
deeptica
 
2015 IA Presentation_G Fisher_V2.1
2015 IA Presentation_G Fisher_V2.12015 IA Presentation_G Fisher_V2.1
2015 IA Presentation_G Fisher_V2.1
Grant Fisher
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
Anu Damodaran
 
Operational risk: the new frontier
Operational risk: the new frontierOperational risk: the new frontier
Operational risk: the new frontier
Michel Rochette
 
An assessment of risk management of small and medium scale enterprises in nig...
An assessment of risk management of small and medium scale enterprises in nig...An assessment of risk management of small and medium scale enterprises in nig...
An assessment of risk management of small and medium scale enterprises in nig...
Alexander Decker
 
StrategyDriven Risk Assurance Mapping
StrategyDriven Risk Assurance MappingStrategyDriven Risk Assurance Mapping
StrategyDriven Risk Assurance Mapping
Nathan Ives
 
Risk mitigation strategies in SMEs (small and medium business)
Risk mitigation strategies in SMEs (small and medium business)Risk mitigation strategies in SMEs (small and medium business)
Risk mitigation strategies in SMEs (small and medium business)
Sanjukta Basu
 
Deploying Risk Management in SMEs
Deploying Risk Management in SMEsDeploying Risk Management in SMEs
Deploying Risk Management in SMEs
Sikiru Salami ACA MRM
 
ERM Presentation
ERM PresentationERM Presentation
ERM Presentation
H Contrex
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
Continuity and Resilience
 
Incorporating Risk Management into BCP
Incorporating Risk Management into BCPIncorporating Risk Management into BCP
Incorporating Risk Management into BCP
Ron Andrews
 
Webinar: How Financial Organizations use MongoDB for Real-time Risk Managemen...
Webinar: How Financial Organizations use MongoDB for Real-time Risk Managemen...Webinar: How Financial Organizations use MongoDB for Real-time Risk Managemen...
Webinar: How Financial Organizations use MongoDB for Real-time Risk Managemen...
MongoDB
 
IFN Corporate Governance and Risk Management Report - 28 July 2014
IFN Corporate Governance and Risk Management Report - 28 July 2014IFN Corporate Governance and Risk Management Report - 28 July 2014
IFN Corporate Governance and Risk Management Report - 28 July 2014
Mujtaba Khalid
 

More Related Content

What's hot

ERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementERM-Enterprise Risk Management
ERM-Enterprise Risk Management
Jorge Vaz Girão , CISA, PMP, PMDPro I, ERMCP
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
GAURAV SHARMA
 
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
prosenzw69
 
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2
Tim Leech
 
Alcoa endorses The Business Roundtable Principles of Corporate
Alcoa endorses The Business Roundtable Principles of Corporate Alcoa endorses The Business Roundtable Principles of Corporate
Alcoa endorses The Business Roundtable Principles of Corporate
finance8
 
OverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplexOverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplex
Kashif Ali
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)
deeptica
 
2015 IA Presentation_G Fisher_V2.1
2015 IA Presentation_G Fisher_V2.12015 IA Presentation_G Fisher_V2.1
2015 IA Presentation_G Fisher_V2.1
Grant Fisher
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
Anu Damodaran
 
Operational risk: the new frontier
Operational risk: the new frontierOperational risk: the new frontier
Operational risk: the new frontier
Michel Rochette
 
StrategyDriven Risk Assurance Mapping
StrategyDriven Risk Assurance MappingStrategyDriven Risk Assurance Mapping
StrategyDriven Risk Assurance Mapping
Nathan Ives
 
Risk mitigation strategies in SMEs (small and medium business)
Risk mitigation strategies in SMEs (small and medium business)Risk mitigation strategies in SMEs (small and medium business)
Risk mitigation strategies in SMEs (small and medium business)
Sanjukta Basu
 
Incorporating Risk Management into BCP
Incorporating Risk Management into BCPIncorporating Risk Management into BCP
Incorporating Risk Management into BCP
Ron Andrews
 

What's hot (20)

ERM-Enterprise Risk Management
ERM-Enterprise Risk ManagementERM-Enterprise Risk Management
ERM-Enterprise Risk Management
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
 
Enterprise Risk Management ~ Inovastra
Enterprise Risk Management ~ InovastraEnterprise Risk Management ~ Inovastra
Enterprise Risk Management ~ Inovastra
 
Enterprise Risk Management (ERM); From theory to practice
Enterprise Risk Management (ERM); From theory to practiceEnterprise Risk Management (ERM); From theory to practice
Enterprise Risk Management (ERM); From theory to practice
 
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
 
Enterprise Risk Management and Sustainability
Enterprise Risk Management and SustainabilityEnterprise Risk Management and Sustainability
Enterprise Risk Management and Sustainability
 
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2
 
Alcoa endorses The Business Roundtable Principles of Corporate
Alcoa endorses The Business Roundtable Principles of Corporate Alcoa endorses The Business Roundtable Principles of Corporate
Alcoa endorses The Business Roundtable Principles of Corporate
 
OverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplexOverseeRiskAsNewerMoreComplex
OverseeRiskAsNewerMoreComplex
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)
 
2015 IA Presentation_G Fisher_V2.1
2015 IA Presentation_G Fisher_V2.12015 IA Presentation_G Fisher_V2.1
2015 IA Presentation_G Fisher_V2.1
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
 
Operational risk: the new frontier
Operational risk: the new frontierOperational risk: the new frontier
Operational risk: the new frontier
 
An assessment of risk management of small and medium scale enterprises in nig...
An assessment of risk management of small and medium scale enterprises in nig...An assessment of risk management of small and medium scale enterprises in nig...
An assessment of risk management of small and medium scale enterprises in nig...
 
StrategyDriven Risk Assurance Mapping
StrategyDriven Risk Assurance MappingStrategyDriven Risk Assurance Mapping
StrategyDriven Risk Assurance Mapping
 
Risk mitigation strategies in SMEs (small and medium business)
Risk mitigation strategies in SMEs (small and medium business)Risk mitigation strategies in SMEs (small and medium business)
Risk mitigation strategies in SMEs (small and medium business)
 
Deploying Risk Management in SMEs
Deploying Risk Management in SMEsDeploying Risk Management in SMEs
Deploying Risk Management in SMEs
 
ERM Presentation
ERM PresentationERM Presentation
ERM Presentation
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
 
Incorporating Risk Management into BCP
Incorporating Risk Management into BCPIncorporating Risk Management into BCP
Incorporating Risk Management into BCP
 

Viewers also liked

IFN Corporate Governance and Risk Management Report - 28 July 2014
IFN Corporate Governance and Risk Management Report - 28 July 2014IFN Corporate Governance and Risk Management Report - 28 July 2014
IFN Corporate Governance and Risk Management Report - 28 July 2014
Mujtaba Khalid
 
Risk analysis in capital bugeting
Risk analysis in capital bugetingRisk analysis in capital bugeting
Risk analysis in capital bugeting
Dr. Ravneet Kaur
 
Capital asset pricing model
Capital asset pricing modelCapital asset pricing model
Capital asset pricing model
Aaryendr
 

Viewers also liked (12)

Webinar: How Financial Organizations use MongoDB for Real-time Risk Managemen...
Webinar: How Financial Organizations use MongoDB for Real-time Risk Managemen...Webinar: How Financial Organizations use MongoDB for Real-time Risk Managemen...
Webinar: How Financial Organizations use MongoDB for Real-time Risk Managemen...
 
IFN Corporate Governance and Risk Management Report - 28 July 2014
IFN Corporate Governance and Risk Management Report - 28 July 2014IFN Corporate Governance and Risk Management Report - 28 July 2014
IFN Corporate Governance and Risk Management Report - 28 July 2014
 
Presentation 6, Steps of system based auditing, Workshop on System-based audi...
Presentation 6, Steps of system based auditing, Workshop on System-based audi...Presentation 6, Steps of system based auditing, Workshop on System-based audi...
Presentation 6, Steps of system based auditing, Workshop on System-based audi...
 
Effectiveness of internal auditor in controlling fraud and other financial ir...
Effectiveness of internal auditor in controlling fraud and other financial ir...Effectiveness of internal auditor in controlling fraud and other financial ir...
Effectiveness of internal auditor in controlling fraud and other financial ir...
 
Value added tax as a tool for national development in ethiopia
Value added tax as a tool for national development in ethiopiaValue added tax as a tool for national development in ethiopia
Value added tax as a tool for national development in ethiopia
 
Capital Asset Pricing Model
Capital Asset Pricing ModelCapital Asset Pricing Model
Capital Asset Pricing Model
 
Risk Management for Airlines – Financial Risks
Risk Management for Airlines – Financial RisksRisk Management for Airlines – Financial Risks
Risk Management for Airlines – Financial Risks
 
RISK ANALYSIS IN CAPITAL BUDGETING
RISK ANALYSIS IN CAPITAL BUDGETINGRISK ANALYSIS IN CAPITAL BUDGETING
RISK ANALYSIS IN CAPITAL BUDGETING
 
Risk analysis in capital bugeting
Risk analysis in capital bugetingRisk analysis in capital bugeting
Risk analysis in capital bugeting
 
Capital asset pricing model
Capital asset pricing modelCapital asset pricing model
Capital asset pricing model
 
The capital asset pricing model (capm)
The capital asset pricing model (capm)The capital asset pricing model (capm)
The capital asset pricing model (capm)
 
CAPM
CAPMCAPM
CAPM
 

Similar to The importance of risk analysis and management, and corporate governance

I need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docxI need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docx
4934bk
 
I need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docxI need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docx
bkbk37
 
Strengths And Methods Of Risk Analysis And Risk Management
Strengths And Methods Of Risk Analysis And Risk ManagementStrengths And Methods Of Risk Analysis And Risk Management
Strengths And Methods Of Risk Analysis And Risk Management
Nina Vazquez
 
Case Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Case Study on Risk management in M&A_Anuj Kamble_Veronica BarredaCase Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Case Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Anuj Kamble
 
Risk management
Risk managementRisk management
Risk management
Springer
 
ROS TL Response To COSO Sept 7 2016
ROS TL Response To COSO Sept 7 2016ROS TL Response To COSO Sept 7 2016
ROS TL Response To COSO Sept 7 2016
Tim Leech
 
ADDING VALUE TO THE BUSINESS THROUGH INTEGRATED RISK REPORTING
ADDING VALUE TO THE BUSINESS THROUGH INTEGRATED RISK REPORTINGADDING VALUE TO THE BUSINESS THROUGH INTEGRATED RISK REPORTING
ADDING VALUE TO THE BUSINESS THROUGH INTEGRATED RISK REPORTING
Gwebu Smiso Lifa Kenneth
 
Syllabus-Financial Risk Management.docx
Syllabus-Financial Risk Management.docxSyllabus-Financial Risk Management.docx
Syllabus-Financial Risk Management.docx
Yoyo Sudaryo
 
ERM Implementation            ERM is essential for organizations.docx
ERM Implementation            ERM is essential for organizations.docxERM Implementation            ERM is essential for organizations.docx
ERM Implementation            ERM is essential for organizations.docx
elbanglis
 
Role of Actuaries in Enterprise Risk Management Sonjai_Rajiv(17 GCA) Final Copy
Role of Actuaries in Enterprise Risk Management Sonjai_Rajiv(17 GCA) Final CopyRole of Actuaries in Enterprise Risk Management Sonjai_Rajiv(17 GCA) Final Copy
Role of Actuaries in Enterprise Risk Management Sonjai_Rajiv(17 GCA) Final Copy
Sonjai Kumar, SIRM
 
Thoughts on Direction of Ops Risk Management -V4 0
Thoughts on Direction of Ops Risk Management -V4 0Thoughts on Direction of Ops Risk Management -V4 0
Thoughts on Direction of Ops Risk Management -V4 0
Amrut Joshi
 

Similar to The importance of risk analysis and management, and corporate governance (20)

Auditing supply chain risk_management
Auditing supply chain risk_management Auditing supply chain risk_management
Auditing supply chain risk_management
 
Implementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdfImplementing an Enterprise Risk Management program (2022 updates).pdf
Implementing an Enterprise Risk Management program (2022 updates).pdf
 
I need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docxI need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docx
 
I need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docxI need a response to the discussion in APA format.docx
I need a response to the discussion in APA format.docx
 
Strengths And Methods Of Risk Analysis And Risk Management
Strengths And Methods Of Risk Analysis And Risk ManagementStrengths And Methods Of Risk Analysis And Risk Management
Strengths And Methods Of Risk Analysis And Risk Management
 
Case Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Case Study on Risk management in M&A_Anuj Kamble_Veronica BarredaCase Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Case Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
 
ASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESS
ASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESSASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESS
ASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESS
 
Risk management
Risk managementRisk management
Risk management
 
ROS TL Response To COSO Sept 7 2016
ROS TL Response To COSO Sept 7 2016ROS TL Response To COSO Sept 7 2016
ROS TL Response To COSO Sept 7 2016
 
Risk management erm
Risk management ermRisk management erm
Risk management erm
 
ADDING VALUE TO THE BUSINESS THROUGH INTEGRATED RISK REPORTING
ADDING VALUE TO THE BUSINESS THROUGH INTEGRATED RISK REPORTINGADDING VALUE TO THE BUSINESS THROUGH INTEGRATED RISK REPORTING
ADDING VALUE TO THE BUSINESS THROUGH INTEGRATED RISK REPORTING
 
Manigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And ExposureManigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And Exposure
 
Chartered Accountant’s Role in an Enterprise Risk Management
Chartered Accountant’s Role in an Enterprise Risk ManagementChartered Accountant’s Role in an Enterprise Risk Management
Chartered Accountant’s Role in an Enterprise Risk Management
 
Risk management
Risk managementRisk management
Risk management
 
Syllabus-Financial Risk Management.docx
Syllabus-Financial Risk Management.docxSyllabus-Financial Risk Management.docx
Syllabus-Financial Risk Management.docx
 
2017 coso-erm-integrating-with-strategy-and-performance-executive-summary
2017 coso-erm-integrating-with-strategy-and-performance-executive-summary2017 coso-erm-integrating-with-strategy-and-performance-executive-summary
2017 coso-erm-integrating-with-strategy-and-performance-executive-summary
 
ERM Implementation            ERM is essential for organizations.docx
ERM Implementation            ERM is essential for organizations.docxERM Implementation            ERM is essential for organizations.docx
ERM Implementation            ERM is essential for organizations.docx
 
Role of Actuaries in Enterprise Risk Management Sonjai_Rajiv(17 GCA) Final Copy
Role of Actuaries in Enterprise Risk Management Sonjai_Rajiv(17 GCA) Final CopyRole of Actuaries in Enterprise Risk Management Sonjai_Rajiv(17 GCA) Final Copy
Role of Actuaries in Enterprise Risk Management Sonjai_Rajiv(17 GCA) Final Copy
 
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
 
Thoughts on Direction of Ops Risk Management -V4 0
Thoughts on Direction of Ops Risk Management -V4 0Thoughts on Direction of Ops Risk Management -V4 0
Thoughts on Direction of Ops Risk Management -V4 0
 

Recently uploaded

Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
lizamodels9
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
lizamodels9
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
amitlee9823
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Workforce Group
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
dollysharma2066
 
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
lizamodels9
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 

Recently uploaded (20)

RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperity
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture concept
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation Final
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 

The importance of risk analysis and management, and corporate governance

  • 1. Commercial Accountability Challenges in a Global Environment The Nature and Relevance of Risk The Importance of Risk Analysis and Management, and Corporate Governance Atul Kuver February 2011 1 © Atul Kuver 2011
  • 2. Executive Summary Qantas operates in an industry that focuses on high availability, safety, has low margins, intense competition and is vulnerable to external and internal business shocks. Reputation and branding, and safety can be considered to be part of Qantas’ strategic and operational objectives. Failure in either area can have serious consequences for Qantas. This report examines the nature and relevance of risk, the importance of risk analysis and management and corporate governance within the context of accountability frameworks. Risk management, the implementation of risk analysis and risk management systems with reference to the COSO ERM Framework are discussed. Qantas’ risk management systems are compared with the COSO ERM Framework to assess how Qantas manages reputation and branding, and safety risks. The comparison indicates that the Qantas risk management structure closely follows the COSO ERM Framework that support its strategic, operational, reporting and compliance objectives. The Qantas approach to Corporate Governance as documented in their Corporate Governance Statement (Qantas 2010) is compared and contrasted with the approach recommended in the ASX Corporate Governance Principles and Recommendations (ASX 2007) and the Kiel and Nicholson model (Kiel & Nicholson 2002). The review shows the Qantas approach is aligned with the ASX Corporate Governance Principles and Recommendations (ASX 2007). The Qantas approach also satisfies the structure and process of the Kiel and Nicholson model. Alignment of the ASX (2007) principles as approached by Qantas with the Kiel and Nicholson model shows that the Qantas Board accepts responsibility for the key functions regarding Corporate Governance. 2 © Atul Kuver 2011
  • 3. Table of Contents Executive Summary ................................................................................................... 2 1 Introduction ...................................................................................................... 4 2 Nature and relevance of risk to corporate accountability................................... 4 3 Risk Management .............................................................................................. 5 3.1 ‘Risk-Silo’ Mentality versus the Holistic Approach to Risk ............................ 5 3.2 Drivers of Risk Management ....................................................................... 6 3.3 Deficiencies in Risk Management ................................................................ 7 4 Implementation of Risk Analysis and Risk Management Systems ....................... 8 4.1 COSO Enterprise Risk Management Framework .......................................... 8 4.2 Managing Reputation and Branding Risk, and Safety Risk at Qantas .......... 12 4.2.1 Internal Environment ......................................................................... 13 4.2.2 Objective Setting ................................................................................ 13 4.2.3 Event Identification ............................................................................ 13 4.2.4 Risk Assessment ................................................................................. 13 4.2.5 Risk Response .................................................................................... 14 4.2.6 Control Activities ................................................................................ 14 4.2.7 Information and Communication ....................................................... 14 4.2.8 Monitoring ......................................................................................... 14 5 Corporate Governance .................................................................................... 14 5.1 Kiel and Nicholson Model .......................................................................... 14 5.2 ASX Principles of Good Corporate Governance .......................................... 16 5.3 Qantas Corporate Governance Statement ................................................. 16 5.3.1 Alignment with ASX Principles 2007 ................................................... 16 5.3.2 Alignment with the Kiel and Nicholson Model .................................... 17 5.4 Corporate Governance within the Context of Accountability Frameworks . 20 6 Conclusion ....................................................................................................... 21 References .............................................................................................................. 23 3 © Atul Kuver 2011
  • 4. 1 Introduction This report examines the nature and relevance of risk, the importance of risk analysis and management and corporate governance within the context of accountability frameworks. The report outline is as follows. Section 2 explores the nature and relevance of risk to corporate accountability. Section 3 examines the practice of risk management. The ‘risk-silo’ mentality versus a holistic approach to risk management is discussed, followed by the drivers of risk management and deficiencies in risk management. The implementation of risk analysis and risk management systems is discussed in Section 4. The Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) Enterprise Risk Management-Integrated Framework (COSO ERM Framework) is described first. Then Qantas’ risk management systems are compared with the COSO ERM Framework to assess how Qantas manages reputation and branding, and safety risks. Section 5 discusses the alignment of the Qantas approach to Corporate Governance as documented in their Corporate Governance Statement (Qantas 2010) with the approach recommended in the ASX Corporate Governance Principles and Recommendations (ASX 2007) and with the Kiel and Nicholson model (Kiel & Nicholson 2002). The report concludes with Section 6. 2 Nature and relevance of risk to corporate accountability Organisations are facing increasing pressure from regulators, investors and other stakeholders to increase transparency and disclosure. Principle 7 of the ASX Corporate Governance Principles and Recommendations (ASX 2007, p. 32) states that ‘companies should establish a sound system of risk oversight and management and internal control’. ASX (2007, p. 32) emphasises that the responsibility for reviewing the company’s policies on risk oversight and management lies with the board. The board must satisfy itself that management has developed and 4 © Atul Kuver 2011
  • 5. implemented a reliable system of risk management and internal controls. While traditional risks such as credit, market and foreign exchange risk remain the primary considerations, businesses are acknowledging the need to determine and assess risk in areas such as human capital, reputation and climate change (Economics Intelligence Unit 2007, p. 2). ASX (2007, p. 32) considers material business risks to include but not limited to: ‘operational, environmental, sustainability, compliance, strategic, ethical conduct, reputation or brand, technological, product or service quality, human capital, financial reporting and market related risks. 3 Risk Management Organisational objectives cover a range of areas including corporate strategy, operations, processes and projects. Organisations can encounter a variety of risks that can have an impact on these objectives. Risk management is how risks are managed. The ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations (ASX 2007, p. 32) defines risk management as ‘the culture, processes and structures that are directed towards taking advantage of potential opportunities while managing potential side effects’. 3.1 ‘Risk-Silo’ Mentality versus the Holistic Approach to Risk Risk management in the past has mostly been driven from the bottom up and been fragmented across different divisions within an organisation (Bowling & Rieger 2005). This method sets up a series of ‘risk-silos’ managed by different groups within the organisation. The different silos may have different risk tolerances, which can lead to one group with low to no risk, while another group may take on significant risks (Bowling & Rieger 2005, p. 32). In contrast, Enterprise Risk Management (ERM) is a framework that takes all risk areas into account. Risks are no longer considered in isolation. ERM looks at the activities of the business as a whole and analyses how different areas of risk affect each other (Bowling & Rieger 2005). 5 © Atul Kuver 2011
  • 6. 3.2 Drivers of Risk Management There are many drivers that increase the rationale for risk management. Economics Intelligence Unit (2007, p. 6) identifies risk management drivers that are both internal and external to organisations. Internal drivers include:  greater commitment from the board;  greater complexity experienced by organisations in the value chain due to advanced business practices, globalised markets and rapid technological change. The increase in the level of competition and rapid pace of change is destroying predictability for businesses (Stevenson, cited in Rao 2009, p. 87);  specific risk events such as product recalls or fraud. External drivers of risk management are those that arise from outside the organisation. These include:  increased focus on regulation of business practices and investor demands for greater disclosure and accountability. The consequence of recognition of corporate accountability to stakeholders is that an organisation’s governance system needs to consider the importance of satisfying the concerns of stakeholders (Brooks & Dunn 2010, p. 462). According to Brooks and Dunn (2010, p. 462-463), a focus on ethics risks and opportunities is necessary to ‘avoid potential loss of support for a corporations objectives, and to discover opportunities of greater support’ and a much broader risk assessment framework is required.  changes in competitive, technological, social, and political circumstances have amplified the likely impact of operations-related failure (Lewis, cited in Rao, p. 87). The regulatory environment in Australia includes (Bissett 2010, p. 81):  the AS/NZS ISO 31000: 2009 Standard which provides a practical framework for risk management; 6 © Atul Kuver 2011
  • 7. ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations;  Australian Prudential Regulation Authority (APRA) and Basel II Accord for the financial services industry;  Civil Aviation Safety Authority (CASA), International Civil Aviation Organisation (ICAO) and the Australian Transport Safety Bureau (ATSB) for the aviation industry. 3.3 Deficiencies in Risk Management According to Bisset (2010, p.80), the Global Financial Crisis (GFC) has highlighted shortcomings in the risk management process of many organisations. The causes and consequences of the deficiencies is summarised in Table 1. Table 1 Causes and consequences of risk management deficiencies. (Bisset 2010, p.80) Deficiency Cause of Deficiency Consequence Organisation’s failure to Inconsistent Risk culture define a risk culture or communication about risk appetite within the organisation Level of risk not Uncertainty about the considered return on investment as Risk/return trade-off higher returns are usually associated with higher risk Incentive schemes do not Reward structure not sufficiently represent the consistent with key Incentive schemes organisation’s risk performance indicators appetite Over-complicated risk Risk management Complexity and lack of structures and procedures procedures avoided or not integration used. Effect of risk on the Limited holistic indicators drivers of value and of risk Risk measures associated indicators of risk not well understood within the organisation Lack of a robust data Over-reliance on financial Risk information analysis capability. models and data where the underlying 7 © Atul Kuver 2011
  • 8. Deficiency Cause of Deficiency Consequence fundamentals may not be understood and assumptions are not verified or challenged. No scenario planning. No stress testing of worst Worst case scenarios possible case scenarios. Risk function not Risk function seen merely Empowerment of the risk empowered. as a compliance function function or a roadblock function 4 Implementation of Risk Analysis and Risk Management Systems 4.1 COSO Enterprise Risk Management Framework The Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) Enterprise Risk Management-Integrated Framework (COSO ERM Framework) describes the fundamental elements of risk-management principles for organisations regardless of size (Bowling & Rieger 2005, p. 29). Enterprise Risk Management is defined as follows: Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. (COSO 2004) This definition is broad and complex, but probably necessarily so, because it tries to be an all inclusive definition that can be used by all organisations. Bowling and Rieger (2005, p. 30) provides a breakdown of the keywords and associated meanings. This is shown in Table 2. 8 © Atul Kuver 2011
  • 9. Table 2 Understanding the keywords in COSO's ERM definition (Bowling & Rieger 2005, p. 30) Keyword Meaning A process a means to an end. Effected by people as opposed to sole reliance on policies, standard procedures, surveys or forms. Applied in a strategy setting the ‘big-picture’ view Across the enterprise view an aggregate or portfolio of risks rather than a narrow view of isolated risks. Identifying events consider in the context of the entity’s appetite for risk Reasonable assurance cannot have absolute guarantees. Achievement of organizational can take place in one or more objectives overlapping categories The COSO ERM Framework is illustrated as the cube shown in Figure 1. Figure 1 The COSO ERM Framework (COSO 2004, p.5). The top of the cube corresponds to four objectives: strategic, operations, reporting and compliance. The ERM Framework consists of eight components. These represent 9 © Atul Kuver 2011
  • 10. what is needed to achieve each of the four objectives. A summary of the each of the components is given in Table 3. Possible deficiencies (Bisset 2010, p. 80) in risk management practices that could affect the significance of the component for an organisation are given in Column 3 of Table 3. For example:  deficiencies in risk culture may be indicative of how risk is viewed or lack of Board commitment;  a risk function that is not empowered may result in an inadequate response to risk due to a lack of alignment between risks and the organisation’s appetite or tolerance for risk. Table 3 Significance of the eight components in COSO's ERM Framework Possible Component Significance Deficiencies (Table 1)  encompasses the tone of an  Risk Culture organisation;  sets the basis for how risk is viewed and addressed by Internal people in the organisation Environment including:  risk management philosophy;  risk appetite;  integrity and ethical values;  operational environment.  objectives are necessary  Incentive before the potential events schemes affecting their achievement  Risk/return can be identified by trade-off management; Objective Setting  ensures that a objective setting process is in place;  ensures that the chose objectives align with the organisation’s mission and risk appetite.  internal and external events  Worst case that could affect the scenario Event achievement of any of the planning Identification organisation’s objectives must  Risk be identified; information 10 © Atul Kuver 2011
  • 11. Possible Component Significance Deficiencies (Table 1)  risks and opportunities must be distinguished;  channel opportunities back into strategy or objective- setting process.  analyse risks by assessing their  Risk measures likelihood and impact;  analysis determines the risk Risk Assessment management approach;  assess risks on an inherent and residual basis.  select the appropriate  Risk response to the risk: information  avoid;  Empowering  accept; the risk Risk Response  reduce; or function  share;  develop actions to align the risks with the organisation’s tolerance and appetite for risk;  establish and implement  Empowering policies and procedures to the risk Control Activities assist in ensuring that risk function responses are carried out effectively.  identify, capture and  Complexity and communicate relevant lack of Information and information in a form and information Communication timeframe that enables people to carry out their responsibilities;  monitor entire ERM and  Empowering modify as necessary; the risk  accomplish monitoring function Monitoring through ongoing management activities, separate evaluations or both. 11 © Atul Kuver 2011
  • 12. 4.2 Managing Reputation and Branding Risk, and Safety Risk at Qantas Qantas operates in an industry that focuses on high availability, safety, has low margins, intense competition and is vulnerable to external and internal business shocks (Bisset 2010, p. 82). The organisation faces risks in all four objectives areas recognised in the COSO ERM Framework. Being one of the world’s safest airlines has long been Qantas’ key brand value, having never lost an aircraft. However, two recent safety incidents on two separate models of aircraft have threatened Qantas’ reputation. Industrial safety regulations that apply to the aviation industry will have extremely serious consequences for Qantas if any of the safety risks are realised. According to Bisset (2010, p. 82–83), risks ‘can’t be managed from 10,000 feet in the corporate head office. Effective risk management needs to be embedded within the operations of the organisation’. On July 25th, 2008, Qantas Flight 30 (QF30) was on a flight from London Heathrow Airport to Melbourne Airport with a scheduled stop-over at Hong Kong International Airport. Shortly after leaving Hong Kong an oxygen tank exploded, rupturing the fuselage just forward of the starboard wind root. There were no injuries and the aircraft made an emergency decent to 10,000 feet. In November 2010, a Rolls Royce Trent-900 engine failed on a Qantas Airbus A380 while flying over Indonesia. This event force Qantas to ground its entire A380 fleet. These events have raised questions about operations risk management (Washington 2010). The A380 issue created a complicated situation for Qantas in trying to preserve its reputation. Dr Ulysses Chioatta from SSAMM Management Consulting has commented that Qantas, by being ‘overly cautious and grounding more planes sends out a less than confident message to customers’ (Washington 2010). 12 © Atul Kuver 2011
  • 13. Reputation and branding, and safety can be considered to be part of Qantas’ strategic and operational objectives. Safety will also fall under the regulatory framework for the aviation industry. Failure in either area can have serious consequences for Qantas. Qantas states that its risk management and internal control system aligns to the principles in the AS/NZS ISO 31000: 2009 Standard and the COSO ERM Framework (Qantas 2010, p. 23). Qantas’ risk management and the COSO ERM Framework are compared below. The comparison illustrates how the strategic, operational, reporting and compliance objectives are managed. 4.2.1 Internal Environment The Qantas Corporate Governance Statement (Qantas 2010, p. 23) states that the ‘Board is responsible for reviewing and overseeing the risk management strategy’. This shows commitment from the Board a top-down approach to risk management. The Chief Risk Officer is also a member of the executive team. 4.2.2 Objective Setting The Qantas Group Risk Management Framework is supported by three interrelated elements: governance, risk management and assurance (Qantas 2010, p. 23). 4.2.3 Event Identification A common standard for identifying, assessing and managing business risks across the group — The Qantas Management System (QMS) — provides business units with guidance regarding risk management. (Qantas 2010, p. 23). 4.2.4 Risk Assessment Material risks and effectiveness of risk management plans are escalated to Executive Management or relevant Board Committees. Assessments against different QMS elements are undertaken (Qantas 2010, p. 24). 13 © Atul Kuver 2011
  • 14. 4.2.5 Risk Response A Safety, Health, Environment & Security Committee (SHESC) is responsible for assisting the Board in its corporate governance activities including risk management. (Qantas 2010, p. 24). 4.2.6 Control Activities The Qantas Group Risk Management Policy (Policy) sets the minimum requirements and roles and responsibilities for managing risks across the organisation. The Board reviews and approves this Policy (Qantas 2010, p. 23). 4.2.7 Information and Communication A detailed risk register is prepared and reported every quarter by each business unit (Qantas 2010, p. 24). 4.2.8 Monitoring Independent, objective assurance and consulting services on the risk management system is provided through an Internal Audit function (Qantas 2010, p. 24). 5 Corporate Governance This section compares and contrasts the Qantas approach to Corporate Governance as documented in their Corporate Governance Statement (Qantas 2010) with the approach recommended in the ‘ASX Corporate Governance Principles and Recommendations’ (ASX 2007) and the Kiel and Nicholson model (Kiel & Nicholson 2002). 5.1 Kiel and Nicholson Model According to Kiel and Nicholson (2002, p. 18), despite uncertainty, practical solutions to governance problems can be found. They highlight that the board has two primary responsibilities: 1. conformance — relates to the past and present behaviour of the business. Board monitors and supervises management and is accountable to 14 © Atul Kuver 2011
  • 15. stakeholders. Achieved through reporting financial and non-financial information about the business; 2. performance — is less developed. Board needs to focus on the future as directors are held accountable for firm performance. Kiel and Nicholson’s (2002) Corporate Governance Charter model aims to develop more effective boards by providing both a structure and a process. When the model is used as a process, it provides a forum to discuss ‘unmentioned’ issues that are often not addressed and lead to poor governance. An updated version of the Framework is shown in Figure 2. Figure 2 Kiel and Nicholson's Corporate Governance Charter model (Effective Governance Board Charter website). The model’s focus is to assist the board in directing business success through a process that aligns a company’s governance system to its organisational needs (Kiel 15 © Atul Kuver 2011
  • 16. & Nicholson 2002, p. 23). The authors cite two primary benefits of the model. They state that the model: 1. creates a major policy document that can assist in the corporation’s leadership to deliver good governance; 2. guides strategic conversations at board level to move members to the ‘performing’ stage of group process. (Kiel & Nicholson 2002, p. 23) 5.2 ASX Principles of Good Corporate Governance The ASX Corporate Governance Council provides the following eight principles and recommendations: 1. Lay solid foundations for management and oversight. 2. Structure the board to add value. 3. Promote ethical and responsible decision-making. 4. Safeguard integrity in financial reporting. 5. Make timely and balanced disclosure. 6. Respect the rights of shareholders. 7. Recognise and manage risk. 8. Remunerate fairly and responsibly. (ASX 2007) 5.3 Qantas Corporate Governance Statement 5.3.1 Alignment with ASX Principles 2007 This comparison is fairly simple to establish from the Corporate Governance Statement (Qantas 2010). According to Qantas’ Corporate Governance Statement (Qantas 2010, p. 20), the ‘Board endorses the ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations’. Review of Qantas’ Corporate Governance Statement confirms that ASX Principles 1 to 7 is addressed. Surprisingly though, Principle 8 — Remunerate fairly and responsibly — unlike the first seven principles, is not specifically mentioned in the Statement. The 16 © Atul Kuver 2011
  • 17. remuneration function is incorporated under the declaration of Principle 1. The report states that it is the Boards responsibility to ensure that ‘a clear relationship between performance and executive remuneration’ exists (Qantas 2010, p. 20). This seems to satisfy the requirements of Principle 8. 5.3.2 Alignment with the Kiel and Nicholson Model The details of the Corporate Governance Statement (Qantas 2010) have been examined to compare and contrast the content of the Corporate Governance Statement with Kiel and Nicholson’s model and the corresponding ASX principles. The results are shown in Table 4 on the following page. 17 © Atul Kuver 2011
  • 18. Table 4 Qantas Corporate Governance compared and contrasted with the Kiel and Nicholson model and corresponding ASX principles. Top Level Governance ASX Kiel and Nicholson Model Statement Principle Board  The Board is structured to 2 Structure add value  The Board lays solid 1 Role of the foundations for Board management oversight Role of  The Board is structured to 2 Defining Individual add value Directors Governance Role of the  The Board is structured to 2 Roles Chairman add value Role of the  The Board is structured to 2 Company add value Secretary  The Board lays solid 1 Role of the foundations for CEO management oversight  The Board lays solid 1 foundations for Strategy management oversight 2  The Board is structured to add value  The Board lays solid 1 CEO foundations for management oversight  The Board lays solid 1 foundations for Monitoring management oversight Key Board  The Board safeguards the 4 Functions integrity of financial reporting Risk  The Board recognises and 7 Management manages risk  The Board lays solid 1 Compliance foundations for management oversight  The Board lays solid 1 Policy foundations for Framework management oversight Networking  The Board makes times 5 18 © Atul Kuver 2011
  • 19. Top Level Governance ASX Kiel and Nicholson Model Statement Principle and balanced disclosure  The Board respects the 6 rights of shareholders Stakeholder  The Board makes times 5 Communicatio and balanced disclosure n  The Board respects the 6 rights of shareholders  The Board lays solid 1 foundations for Decision management oversight. Making  The Board promotes 3 ethical and responsible decision making  The Board is structured to 2 add value Director  The Board promotes 3 Protection ethical and responsible decision making Board  The Board is structured to 2 Effective Evaluation add value Governance Director  The Board is structured to 2, 8 Remuneration add value Director  The Board is structured to 2 Development add value Director  The Board is structured to 2 Selection and add value Induction Board  The Board lays solid 1 Meetings foundations for management oversight Board  The Board lays solid 1 Meeting foundations for Agenda management oversight  The Board lays solid 1 Improving Board Board Papers foundations for Processes management oversight  The Board lays solid 1 Board Minutes foundations for management oversight  The Board lays solid 1 The Board foundations for Calendar management oversight Committees  The Board lays solid 1 19 © Atul Kuver 2011
  • 20. Top Level Governance ASX Kiel and Nicholson Model Statement Principle foundations for management oversight  The Board is structured to 2 add value 5.4 Corporate Governance within the Context of Accountability Frameworks The objectives of the Kiel and Nicholson model are to create a major policy document to assist the organisation’s leadership deliver good performance and to guide strategic conversations at that board level to move members to the ‘performing’ stage of the group process (Kiel & Nicholson 2002, p. 23). Figure 3 illustrates the analysis given in Table 4. The numbers next to each quadrant represent the corresponding ASX principles. The significant result here is the loading of the ASX principles as the Key Board Functions. This may not be a generic result but a consequence of where Qantas places its governance responsibilities. The content in Table 4 was generated by examining the details of each Board function and Qantas could have chosen to arrange the Board’s responsibilities slightly differently. This would have changed the distribution of the ASX principles slightly. However, while redistribution may have been possible, it is not entirely flexible. Many ASX principles fall in particular quadrants and some associations seem rigid. For example, ASX Principle 7 — Risk Management — will always fall in the Key Board Functions quadrant. 20 © Atul Kuver 2011
  • 21. Figure 3 Kiel and Nicholson model and ASX principles overlap for Qantas corporate governance. Figure 3 highlights the areas of the ASX guidelines that the Board needs to focus on during each of the four phases. It is also important to keep in mind that while the Kiel and Nicholson model suggests structure and process, it is probably not intended to be normative. Compliance with the ASX guidelines already provides a satisfactory starting point. 6 Conclusion This report examined the nature and relevance of risk, the importance of risk analysis and management and corporate governance within the context of accountability frameworks. Risk management, the implementation of risk analysis and risk management systems with reference to the COSO ERM Framework were discussed. Qantas’ risk management systems were compared with COSO ERM Framework to assess how Qantas may manage reputation and branding, and safety 21 © Atul Kuver 2011
  • 22. risks. Reputation and branding, and safety are of critical importance to Qantas. The comparison indicated that the Qantas risk management structure closely follows the COSO ERM Framework that support its strategic, operational, reporting and compliance objectives. The Qantas approach to Corporate Governance as documented in their Corporate Governance Statement (Qantas 2010) was compared and contrasted with the approach recommended in the ASX Corporate Governance Principles and Recommendations (ASX 2007) and the Kiel and Nicholson model (Kiel & Nicholson 2002). The review shows the Qantas approach is aligned with the ASX Corporate Governance Principles and Recommendations (ASX 2007). The Qantas approach also satisfies the structure and process of the Kiel and Nicholson model. This alignment demonstrates that the Qantas Board accepts responsibility for the key functions regarding the Corporate Governance. 22 © Atul Kuver 2011
  • 23. References ASX 2007, ASX Corporate Governance Council, Principles of Good Corporate Governance and Best Practice Recommendations 2nd edition Bissett, A 2010, 'Enterprise risk management -- is it achievable?', Keeping Good Companies (14447614), 2, pp. 80-83. Bowling, D, & Rieger, L 2005, 'Making Sense of COSO's New Framework for Enterprise Risk Management', Bank Accounting & Finance (08943958), 18, 2, pp. 29- 34. Brooks, L. & Dunn, P. (2008) Business & Professional Ethics for Directors, Executives & Accountants, Mason, South-western Cengage Learning. COSO 2004, Enterprise Risk Management — Integrated Framework. Available at http://www.coso.org/documents/COSO_ERM_ExecutiveSummary.pdf [Accessed February 15, 2011]. Effective Governance Board Charter website. Available at: http://www.effectivegovernance.com.au/Board-Charter.html [Accessed February 15, 2011]. Economics Intelligence Unit 2007, Best practice in risk management | BUSINESS RESEARCH. Available at: http://businessresearch.eiu.com/best-practice-risk- management.html [Accessed February 16, 2011]. Kiel, G & Nicholson, G 2002, Real world governance: driving business success through effective corporate governance, Mt Eliza Business Review vol. 5, no. 1, pp. 17 – 28 Qantas 2010, Annual Report 2009 - 2010. 23 © Atul Kuver 2011
  • 24. Rao, A 2009, 'IMPLEMENTATION OF ENTERPRISE RISK MANAGEMENT (ERM) TOOLS - A CASE STUDY', Academy of Accounting & Financial Studies Journal, 13, 2, pp. 87- 103. Washington, T 2010, Qantas engine troubles raise risk questions. Available at: http://www.riskmanagementmagazine.com.au/articles/66/0c06d866.asp [Accessed February 15, 2011]. 24 © Atul Kuver 2011