Your SlideShare is downloading. ×
0
Erm tm 11
Erm tm 11
Erm tm 11
Erm tm 11
Erm tm 11
Erm tm 11
Erm tm 11
Erm tm 11
Erm tm 11
Erm tm 11
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Erm tm 11

75

Published on

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
75
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. ENTERPRISE RISK MANAGEMENT ISO 31000 - 2009 MOHAMAD HASSAN AK., MAFIS, QIA, CRMP, CRMA
  • 2. ERM - ISO 31000
  • 3. DETERMINE RISK CRITERIA • What make an ERM implementation unique to each organization • Influenced by business objectives as well as external & internal context. • By definition: ”terms of reference against which the significance of risk is evaluated”. • Type of risk criteria: – Governance risk criteria – Assessment risk criteria
  • 4. Governance Risk Criteria Risk Capacity Risk Attitude Risk Appetite Risk Tolerance
  • 5. Risk Capacity • Board and senior management must understand both individual outcomes and aggregated outcomes from multiple events that could cause organization to cease operations. • Not only responsible determining business objectives, but also ensuring organization survives. Inadequate capital Inadequate cash flow Violations of laws & regulations Damage to reputation
  • 6. Risk Attitude • Organization’s approach to assess and eventually pursue, retain, take, or turn away from risk. • An organization’s risk attitude is essentially its cultural mindset with regard to risk. • Risk attitude must be instilled overtime Risk Averse Risk Embracing RISK ATTITUDE SPECTRUM
  • 7. Risk Appetite • Amount of risk, on broad level, an entity is willing to accept in pursuing of value (COSO ERM) • Element of risk appetite in shaping definition:  Risk appetite is an integral part of strategic planning  Not all risk outcomes are easily measurable; qualitative (type) and quantitative (amount)  Appetite may reflect the desire to pursue positive outcomes as well as to minimize negative outcomes  An organization must accept some level of risk to be successful • Examples of risk appetite statements:  Invest at least 15 percent of revenues  Maintain a debt/equity ratio 1.5 or less  Put no more than 50 percent capital at risk  Not build key manufacturing plants in areas prone to floods or earthquakes
  • 8. Risk Tolerance • Readiness to bear the risk after risk treatment in order to achieve objectives. • Risk-taking boundaries within which managers and employees are expected to perform in pursuing of the organization’s strategic, operations, reporting, and compliance objectives. • Examples:  Annual operating results should be not be less than 90 percent of budget  Customer satisfaction rating should meet or exceed 95 percent.
  • 9. Assessment Risk Criteria • A measure of the size of potential risk Impact outcomes, should event occur. • Impact types include, but not limited to, financial reputational, legal, environmental, and safety outcomes. • Reflects an estimate of the possibility that Likelihood risk events will occur are result in the assessed risk outcomes
  • 10. Inherent Criteria Capability Criteria consequence Other Risk Assessment Criteria Readiness & Preparedness Significance Agility Severity Resilience Frequency Controllability Velocity Monitorability Volatility Maturity Interdependency Degree of Confidence

×