Smitesh Bhosale, profile picture
Uploaded bySmitesh Bhosale
7,568 views

Risk assessment and internal controls - Internal Audit

The document discusses risk management and control evaluation, emphasizing the importance of risk assessment as a three-step process involving determining impact, likelihood, and the nature of risks. It outlines both external and internal risks that organizations face, providing a framework for prioritizing controls and evaluating risks. Additionally, it mentions various management strategies, including the transfer of risks and the necessity of an internal control framework for effective governance and oversight.

Embed presentation

Internal Audit: Risk management & Control Evaluation Smitesh Bhosale smitesh.bhosale@yahoo.co.in
What is Risk? An event or action that causes a possible threat to the achievement of an organization’s/function’s objectives Risk is just an expensive substitute for information Unwarranted Business Exposures are not Risks….
Risk Assessment Risk Assessment is a three step process of risk analysis and evaluation involving the determination of Management optimistic 1 The level of impact or outcome of risk Consequence 2 The likelihood of risk getting realised Probability 3 The nature of the risk Auditors quite sceptical Inherent Risk Resolving the differences in perception of risk crucial for an effective control evaluation…
Risk Assessment • Where do you devote considerable internal effort in order to control? • What areas receive considerable management reporting? • Where have you devoted significant resources? • What are the analysts and rating agencies most interested in? • What wouldn’t you want on the front page of the newspaper? • What are key obstacles to taking advantage of opportunities? • What is impeding growth? A “WHAT CAN GO WRONG ANALYSIS” prior to field work will provide focus and •What do people complain about within the organization? judgement to the auditor on • If you could fix one thing at the company, what would it be where to deploy his resources • What do your competitors do better? • What keeps you up at night?
Risk Assessment - Comprehensive EXTERNAL RISKS  Capital Availability  Competitor  Customer Needs  Economy  Financial Markets  Industry  Legal  Natural Hazard/Catastrophe  Public Relations  Regulatory  Terrorism  Sovereign/Political  Technological Innovation INTERNAL RISKS Strategic Operational Financial Process  Business Model          Business Portfolio  Delivery Channels  Intellectual Property  Marketing/ Advertising     Alignment Business Interruption Capacity Change Response Compliance Contract Commitment Customer Satisfaction Cycle Time Efficiency Environmental Health & Safety Knowledge Management  Measurement  Partnering  Collateral  Physical Security  Product/Service Development  Product/Service Liability  Product/Service Failure  Product/Service Pricing  Relationship Management  Sourcing  Strategy Implementation  Supply Chain  Transaction Processing  Resource Allocation  Social Responsibility  Counterparty  Credit  Equity Management Information  Organization Structure  Product Life Cycle  Concentration  Default  Marketplace  Planning  Commodities Comprehensive risk assessment is very crucial to priorities controls evaluation across various risk categories          Accounting Information Budgeting & Forecasting Completeness/Accuracy Investment Evaluation Investor Relations Pension Fund Regulatory Reporting Relevance Taxation Human Capital            Integrity Technology  Financial Instruments  Foreign Exchange Accountability Change Readiness Communications Competencies/Skills Empowerment Hiring/Retention Leadership Outsourcing Performance Incentives Succession Planning Training/Development  Conflict of Interest  Employee Fraud  Ethical Decisionmaking  Illegal Acts  Management Fraud  Third-Party Fraud  Unauthorized Acts        Access Availability Data Integrity e-Commerce Infrastructure Reliability Technological Capacity  Interest Rate  Liquidity  Modeling  Opportunity Cost Right Description of risk is also crucial e.g. Employee Overtime V/s Liquidated damages
Behavior of Risks… High 17 RED 14 25 1 23 19 Potentially material Events 24 2 21 27 13 ORANGE 12 15 Probability 9 Materiality Threshold 18 26 6 22 AMBER Low 8 16 11 10 5 GREEN 20 7 4 Impact Risks are on constant move with changes in external environment and your response / mitigation steps
Risk Evaluation and Quantification Supplier concentration risk Potential Impact Likelihood of failure Supplier A Sales Dependency 200 $ Mln 10% of Budgeted Sales for FY 10-11 Margin of such sales 40 $ Mln 13% of Target EBIDTA for FY 10-11 50% ABC Ltd Overall Budgeted Sales 2000 $ Mln Mitigation Impact X Likelihood = Adequate stock to support change over time Share manufacturing facility • Value at Risk Alternative supplier development • 300 $ Mln • • Target EBIDTA Outright market purchase of end product 100 $ Mln of sales i.e. 5% of sales Transfer 20 $ Mln of EBIDTA i.e. 6.5% of EBIDTA • Assessment of likelihood is dependent on suppliers financial status, its exposure to economic factors, plant location, relations with supplier, competitors activities, disruption at its premises, contractual agreements, previous default history among other factors. BI and LOP Policy • Supplier extension clause To evaluate risks one needs to be fully aware of the impact the risk.. Preferably in financial terms
Risk Management Strategies – Some tools Strategic Risks- fully managed internally by the organisation Operations • Elimination /Termination • Avoidance Organisation's Risks Financial Risk Capacity / Appetite Risks - Cannot be managed by Organisation and needs to be transferred Compliance Business is exposed to multiple risks Risks - Partly managed internally by the organisation Ability to manage risk depends on Risk Appetite / capacity • Tolerate / Acceptance • Mitigation and Monitoring • Transfer Significant portion of risks can be transferred through contractual / insurance
Internal Control Framework Governance / Oversight Control Audit Committee, Risk Council Administrative Controls Policies, Guidelines, SOPs Management Controls Self Assessment, Questionnair e based Monitoring Controls On Ground process controls MIS, KPIs, Reports, Risk Radar. Reviews SOD, IT, Access Internal Audit, SOX, Risk Management, Compliance Predictive or Detective Whistle Blower, Independent Forum Extended Controls Customer, Vendor, Regulat or, Bank Controls External Controls influencing internal controls There is a world beyond Risk and Control Matrix (RCM)….
In our journey can we help Business to embrace Risk…… with greater understanding Your greatest growth opportunities are your greatest risks reversed

More Related Content

PPTX
Risk based auditing
byTunde Elijah Kelani
 
PPT
Risk Assessment For Internal Auditors
byminkhollow
 
PPTX
Practical approach to Risk Based Internal Audit
byManoj Agarwal
 
PPTX
Operational risk ppt
byNehaKamboj10
 
PPTX
COSO ERM
bySophia Abigayle
 
PDF
Risk strategies presentation
byRaven Morgan
 
PPTX
Implementing Enterprise Risk Management with ISO 31000:2009
byGoutama Bachtiar
 
PPT
Risk identification
bymurukkada
 
Risk based auditing
byTunde Elijah Kelani
 
Risk Assessment For Internal Auditors
byminkhollow
 
Practical approach to Risk Based Internal Audit
byManoj Agarwal
 
Operational risk ppt
byNehaKamboj10
 
COSO ERM
bySophia Abigayle
 
Risk strategies presentation
byRaven Morgan
 
Implementing Enterprise Risk Management with ISO 31000:2009
byGoutama Bachtiar
 
Risk identification
bymurukkada
 

What's hot

PPT
Risk management: Principles, methodologies and techniques
byILRI
 
PPTX
Entetrprise risk management process
byRabin K. Acharya PhD (MPhil,MBA,MPA,MA)
 
PDF
Evolving role of internal auditing function
byDebashis Gupta
 
PPTX
Operational risk (by ms.sweta vijuraj)
bySaras Singh
 
PPTX
Enterprise Risk Management and Sustainability
byJeff B
 
PPTX
Risk management
byAglaia Connect
 
PDF
ISO 31000:2018 Risk Management System, Framework and Implementation
byAlvin Integrated Services [AIS]
 
PDF
Iso 31000 Risk management Principles and guidelines
byMohsen Gharakhani
 
PPTX
A Presentation on Risk Based Auditing
byAmar Deep Ghimire
 
PPTX
Risk management
byManish Tiwari
 
PPTX
Risk management
byHarold Malamion
 
PDF
Risk Management Process And Procedures PowerPoint Presentation Slides
bySlideTeam
 
PPTX
Risk Management
bycgeorgeo
 
PPT
Chapter 1 risk management (3)
byrafeeqameen
 
PPTX
Risk management
bymamta bhaurya
 
PPTX
Internal Audit Methodology
byManoj Agarwal
 
PPTX
Internal Auditor Roles
byIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
PPT
Risk-management
byUmesh Gupta
 
PDF
ISO 31000 Risk Management
byRamiro Cid
 
PPTX
RisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNT
bySonu Sah
 
Risk management: Principles, methodologies and techniques
byILRI
 
Entetrprise risk management process
byRabin K. Acharya PhD (MPhil,MBA,MPA,MA)
 
Evolving role of internal auditing function
byDebashis Gupta
 
Operational risk (by ms.sweta vijuraj)
bySaras Singh
 
Enterprise Risk Management and Sustainability
byJeff B
 
Risk management
byAglaia Connect
 
ISO 31000:2018 Risk Management System, Framework and Implementation
byAlvin Integrated Services [AIS]
 
Iso 31000 Risk management Principles and guidelines
byMohsen Gharakhani
 
A Presentation on Risk Based Auditing
byAmar Deep Ghimire
 
Risk management
byManish Tiwari
 
Risk management
byHarold Malamion
 
Risk Management Process And Procedures PowerPoint Presentation Slides
bySlideTeam
 
Risk Management
bycgeorgeo
 
Chapter 1 risk management (3)
byrafeeqameen
 
Risk management
bymamta bhaurya
 
Internal Audit Methodology
byManoj Agarwal
 
Internal Auditor Roles
byIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Risk-management
byUmesh Gupta
 
ISO 31000 Risk Management
byRamiro Cid
 
RisK, RiSk MaNaGeMeNt & EnterPRise RisK ManaGemeNT
bySonu Sah
 

Viewers also liked

PPTX
Risk Assessments Best Practice and Practical Approaches Webinar
byAviva Spectrum™
 
PPT
Audit planning and risk assessment
bycasahiljain1992
 
PPTX
11. materiality and audit risk
bySyed Osama Rizvi
 
PDF
Basic Internal Auditing Presentation
byVernon Benjamin
 
PPT
Internal Audit COSO Framework
byJesús Gándara
 
PPTX
Risk assessment presentation
bymmagario
 
PDF
Internal audit ppt
byLetzconsult.com
 
PPTX
Internal Audit Plan 2015
byMohammad Kashif
 
PPTX
Powerpoint Risk Assessment
bySteve Bishop
 
PDF
Proposal risk based internal audit 2013
byNidhi Gupta
 
PPTX
Integrating Data Analytics into a Risk-Based Audit Plan
byCaseWare IDEA
 
PDF
OHSAS Hazard identification & Risk assessment
byTechnoSysCon
 
PDF
ISO 27005 Risk Assessment
bySmart Assessment
 
PPTX
Supplier Risk Assessment
byGary Bahadur
 
PDF
Risk assessment principles and guidelines
byHaris Tahir
 
PPTX
Case 3_pp_final_v2 gr3
bymalenacharur
 
PDF
“Risk Based Internal Audit in Bangladesh Bank”
byM Anwarul Hoque Tareque
 
PPT
Risk Based Audit Approach
bySalih Islam
 
PPT
Comprehensive 20 Assessment 1
byNorthTec
 
PPT
Risk Based Quality Audit Part 1
byThomas Bradley
 
Risk Assessments Best Practice and Practical Approaches Webinar
byAviva Spectrum™
 
Audit planning and risk assessment
bycasahiljain1992
 
11. materiality and audit risk
bySyed Osama Rizvi
 
Basic Internal Auditing Presentation
byVernon Benjamin
 
Internal Audit COSO Framework
byJesús Gándara
 
Risk assessment presentation
bymmagario
 
Internal audit ppt
byLetzconsult.com
 
Internal Audit Plan 2015
byMohammad Kashif
 
Powerpoint Risk Assessment
bySteve Bishop
 
Proposal risk based internal audit 2013
byNidhi Gupta
 
Integrating Data Analytics into a Risk-Based Audit Plan
byCaseWare IDEA
 
OHSAS Hazard identification & Risk assessment
byTechnoSysCon
 
ISO 27005 Risk Assessment
bySmart Assessment
 
Supplier Risk Assessment
byGary Bahadur
 
Risk assessment principles and guidelines
byHaris Tahir
 
Case 3_pp_final_v2 gr3
bymalenacharur
 
“Risk Based Internal Audit in Bangladesh Bank”
byM Anwarul Hoque Tareque
 
Risk Based Audit Approach
bySalih Islam
 
Comprehensive 20 Assessment 1
byNorthTec
 
Risk Based Quality Audit Part 1
byThomas Bradley
 

Similar to Risk assessment and internal controls - Internal Audit

PDF
Risk Based Internal Audit and Sampling Techniques
byManoj Agarwal
 
PPTX
Bcu msc cg week 4 risk management
byStephen Ong
 
PPT
Risk assessment and compliance 151119
byKAYODE ADEBIYI
 
PPTX
Introduction to Risk Management and Sources of Risk.pptx
bymanjujayakumar2
 
PPSX
Risk Management
byRaina Zia
 
PDF
Improve Your Risk Assessment Process in 4 Steps
byResolver Inc.
 
PDF
IIA Facilitated Risk Workshop
byErsoy AKSOY
 
PPT
COSO_CCCCCCCCCCCCCCCCCCCCCCCCCCCCERM.ppt
byKhairulAbdullah13
 
PPT
COSO_ERM.ppt
bySashaKing4
 
PPT
Key Slides
byRichard Anderson
 
PPTX
IntroDUCTION-------to-Business-Risk.pptx
byMehakSharma494224
 
PPT
risk management
bymuhammad shoaib
 
PDF
The Handbook Of Risk Management Implementing A Postcrisis Corporate Culture 1...
byhelienassr5p
 
PPS
A5 b1 risk assessement_suzanne gibson_en
byocasiconference
 
PDF
5 steps for better risk assessment
byDrMohammedFarid
 
DOCX
My report_donald.docx
byGenevieveGo3
 
PDF
#corpriskforum2016 - Julia Graham
byAlexei Sidorenko, CRMP
 
PPTX
Card Processing Risks.pptx
byRashadMutallimov1
 
PDF
The risks of risk management
bycjburt
 
PDF
Business Cont 2008 Article Pub
byCarl Booth
 
Risk Based Internal Audit and Sampling Techniques
byManoj Agarwal
 
Bcu msc cg week 4 risk management
byStephen Ong
 
Risk assessment and compliance 151119
byKAYODE ADEBIYI
 
Introduction to Risk Management and Sources of Risk.pptx
bymanjujayakumar2
 
Risk Management
byRaina Zia
 
Improve Your Risk Assessment Process in 4 Steps
byResolver Inc.
 
IIA Facilitated Risk Workshop
byErsoy AKSOY
 
COSO_CCCCCCCCCCCCCCCCCCCCCCCCCCCCERM.ppt
byKhairulAbdullah13
 
COSO_ERM.ppt
bySashaKing4
 
Key Slides
byRichard Anderson
 
IntroDUCTION-------to-Business-Risk.pptx
byMehakSharma494224
 
risk management
bymuhammad shoaib
 
The Handbook Of Risk Management Implementing A Postcrisis Corporate Culture 1...
byhelienassr5p
 
A5 b1 risk assessement_suzanne gibson_en
byocasiconference
 
5 steps for better risk assessment
byDrMohammedFarid
 
My report_donald.docx
byGenevieveGo3
 
#corpriskforum2016 - Julia Graham
byAlexei Sidorenko, CRMP
 
Card Processing Risks.pptx
byRashadMutallimov1
 
The risks of risk management
bycjburt
 
Business Cont 2008 Article Pub
byCarl Booth
 

Recently uploaded

PDF
Pengelolaan SDM Terintegrasi Berbasis Manajemen Risiko 2025
bySeta Wicaksana
 
PPTX
AI for Business - Strategy and Planning Webinar
byChristopherVicGamuya
 
PDF
Best 7 Sites to Buy Verified Venmo Accounts With Zero ....pdf
bybxi4tn48i3wkgpbyyfg
 
PDF
Buy Verified Google Ads Accounts to Maximize #ROI and Launch High-Impact #PPC...
byusasmmpva3211
 
PDF
Buying Snapchat Accounts in 2026 first year.pdf
byh55oga0kd25m12iaza2
 
PDF
Buy Verified Binance Account-Best Cryptocurrenc....pdf
byzze2jltsflran03jy3m
 
PDF
_How to Safely Buy Instagram Accounts in 2025.pdf
byzze2jltsflran03jy3m
 
DOCX
17 Best Platforms to Buy Verified Cash App Accounts in Bulk .docx
byWWW.USAALLHUB.COM
 
DOCX
Guide to Safely Buy a Verified Binance Account Today.docx
byh55oga0kd25m12iaza2
 
PDF
6f0f6b8445ec521879693a52223a777er3e4.pdf
bytostyhazel456
 
PPTX
Project Management Tools for Faster, Smarter Execution
byBlue Sky Index
 
PDF
PS_DB Report_Back to the Future.pdf Punter Southall
byHenry Tapper
 
PDF
Pension-Protection-Fund-Purple-Book-2025-accessible (1).pdf
byHenry Tapper
 
PDF
LCP-Pension-Submisson-CDC-Superfund-December-2025.pdf
byHenry Tapper
 
PDF
Kelli Molczyk - A Seasoned Brand Strategist
byKelli Molczyk
 
PDF
5 Best Marketplaces to Buy and Sell Facebook Accounts ... in 25-26.pdf
bymarketing
 
PDF
Best Platforms to Buy Verified Wise Accounts in the USA.pdf
by#SEO, #usaallhub, #socialmedia, #USAaccounts, #seoservice, #Digitalmarketer
 
PDF
Top 5 Places to Buy Aged LinkedIn Accounts and Should ....pdf
byd4633pnxrkfjibzcniru
 
PDF
Bio, Pic and Speaker Vita for Attorney Dar'shun Kendrick
byKairos Capital Legal Advisors,LLC
 
PDF
Where to Buy Verified Chime Accounts for Quick ....pdf
bykmn4gloa39pwajpujj
 
Pengelolaan SDM Terintegrasi Berbasis Manajemen Risiko 2025
bySeta Wicaksana
 
AI for Business - Strategy and Planning Webinar
byChristopherVicGamuya
 
Best 7 Sites to Buy Verified Venmo Accounts With Zero ....pdf
bybxi4tn48i3wkgpbyyfg
 
Buy Verified Google Ads Accounts to Maximize #ROI and Launch High-Impact #PPC...
byusasmmpva3211
 
Buying Snapchat Accounts in 2026 first year.pdf
byh55oga0kd25m12iaza2
 
Buy Verified Binance Account-Best Cryptocurrenc....pdf
byzze2jltsflran03jy3m
 
_How to Safely Buy Instagram Accounts in 2025.pdf
byzze2jltsflran03jy3m
 
17 Best Platforms to Buy Verified Cash App Accounts in Bulk .docx
byWWW.USAALLHUB.COM
 
Guide to Safely Buy a Verified Binance Account Today.docx
byh55oga0kd25m12iaza2
 
6f0f6b8445ec521879693a52223a777er3e4.pdf
bytostyhazel456
 
Project Management Tools for Faster, Smarter Execution
byBlue Sky Index
 
PS_DB Report_Back to the Future.pdf Punter Southall
byHenry Tapper
 
Pension-Protection-Fund-Purple-Book-2025-accessible (1).pdf
byHenry Tapper
 
LCP-Pension-Submisson-CDC-Superfund-December-2025.pdf
byHenry Tapper
 
Kelli Molczyk - A Seasoned Brand Strategist
byKelli Molczyk
 
5 Best Marketplaces to Buy and Sell Facebook Accounts ... in 25-26.pdf
bymarketing
 
Best Platforms to Buy Verified Wise Accounts in the USA.pdf
by#SEO, #usaallhub, #socialmedia, #USAaccounts, #seoservice, #Digitalmarketer
 
Top 5 Places to Buy Aged LinkedIn Accounts and Should ....pdf
byd4633pnxrkfjibzcniru
 
Bio, Pic and Speaker Vita for Attorney Dar'shun Kendrick
byKairos Capital Legal Advisors,LLC
 
Where to Buy Verified Chime Accounts for Quick ....pdf
bykmn4gloa39pwajpujj
 
In this document
Powered by AI

Introduction to internal audit focused on risk management and control evaluation.

Definition of risk as a threat to organizational objectives, emphasizing that unwarranted exposures are not risks.

Three-step risk assessment process: determining impact, likelihood, and nature of risks, highlighting the importance of perception in risk evaluation.

Questions to identify significant risk areas, prompting auditors to focus on potential threats to the organization.

Detailed categories of external and internal risks affecting organizations; emphasizes the importance of thorough risk evaluation.

Illustration of risk behavior related to probability and impact, showing that risks constantly change and evolve.

Example of supplier concentration risk evaluation, quantifying impact and likelihood, and assessing financial implications.

Illustration of tools for managing risks, differentiating between fully managed, partly managed, and transferred risks.

Overview of the internal control framework, including governance, administrative, management, and monitoring controls.

Encouragement to understand and embrace risk as a pathway to greater growth opportunities.

Risk assessment and internal controls - Internal Audit

  • 1.
    Internal Audit: Riskmanagement & Control Evaluation Smitesh Bhosale smitesh.bhosale@yahoo.co.in
  • 2.
    What is Risk? An eventor action that causes a possible threat to the achievement of an organization’s/function’s objectives Risk is just an expensive substitute for information Unwarranted Business Exposures are not Risks….
  • 3.
    Risk Assessment Risk Assessmentis a three step process of risk analysis and evaluation involving the determination of Management optimistic 1 The level of impact or outcome of risk Consequence 2 The likelihood of risk getting realised Probability 3 The nature of the risk Auditors quite sceptical Inherent Risk Resolving the differences in perception of risk crucial for an effective control evaluation…
  • 4.
    Risk Assessment • Where doyou devote considerable internal effort in order to control? • What areas receive considerable management reporting? • Where have you devoted significant resources? • What are the analysts and rating agencies most interested in? • What wouldn’t you want on the front page of the newspaper? • What are key obstacles to taking advantage of opportunities? • What is impeding growth? A “WHAT CAN GO WRONG ANALYSIS” prior to field work will provide focus and •What do people complain about within the organization? judgement to the auditor on • If you could fix one thing at the company, what would it be where to deploy his resources • What do your competitors do better? • What keeps you up at night?
  • 5.
    Risk Assessment -Comprehensive EXTERNAL RISKS  Capital Availability  Competitor  Customer Needs  Economy  Financial Markets  Industry  Legal  Natural Hazard/Catastrophe  Public Relations  Regulatory  Terrorism  Sovereign/Political  Technological Innovation INTERNAL RISKS Strategic Operational Financial Process  Business Model          Business Portfolio  Delivery Channels  Intellectual Property  Marketing/ Advertising     Alignment Business Interruption Capacity Change Response Compliance Contract Commitment Customer Satisfaction Cycle Time Efficiency Environmental Health & Safety Knowledge Management  Measurement  Partnering  Collateral  Physical Security  Product/Service Development  Product/Service Liability  Product/Service Failure  Product/Service Pricing  Relationship Management  Sourcing  Strategy Implementation  Supply Chain  Transaction Processing  Resource Allocation  Social Responsibility  Counterparty  Credit  Equity Management Information  Organization Structure  Product Life Cycle  Concentration  Default  Marketplace  Planning  Commodities Comprehensive risk assessment is very crucial to priorities controls evaluation across various risk categories          Accounting Information Budgeting & Forecasting Completeness/Accuracy Investment Evaluation Investor Relations Pension Fund Regulatory Reporting Relevance Taxation Human Capital            Integrity Technology  Financial Instruments  Foreign Exchange Accountability Change Readiness Communications Competencies/Skills Empowerment Hiring/Retention Leadership Outsourcing Performance Incentives Succession Planning Training/Development  Conflict of Interest  Employee Fraud  Ethical Decisionmaking  Illegal Acts  Management Fraud  Third-Party Fraud  Unauthorized Acts        Access Availability Data Integrity e-Commerce Infrastructure Reliability Technological Capacity  Interest Rate  Liquidity  Modeling  Opportunity Cost Right Description of risk is also crucial e.g. Employee Overtime V/s Liquidated damages
  • 6.
    Behavior of Risks… High 17 RED 14 25 1 23 19 Potentially material Events 24 2 21 27 13 ORANGE 12 15 Probability 9 MaterialityThreshold 18 26 6 22 AMBER Low 8 16 11 10 5 GREEN 20 7 4 Impact Risks are on constant move with changes in external environment and your response / mitigation steps
  • 7.
    Risk Evaluation andQuantification Supplier concentration risk Potential Impact Likelihood of failure Supplier A Sales Dependency 200 $ Mln 10% of Budgeted Sales for FY 10-11 Margin of such sales 40 $ Mln 13% of Target EBIDTA for FY 10-11 50% ABC Ltd Overall Budgeted Sales 2000 $ Mln Mitigation Impact X Likelihood = Adequate stock to support change over time Share manufacturing facility • Value at Risk Alternative supplier development • 300 $ Mln • • Target EBIDTA Outright market purchase of end product 100 $ Mln of sales i.e. 5% of sales Transfer 20 $ Mln of EBIDTA i.e. 6.5% of EBIDTA • Assessment of likelihood is dependent on suppliers financial status, its exposure to economic factors, plant location, relations with supplier, competitors activities, disruption at its premises, contractual agreements, previous default history among other factors. BI and LOP Policy • Supplier extension clause To evaluate risks one needs to be fully aware of the impact the risk.. Preferably in financial terms
  • 8.
    Risk Management Strategies– Some tools Strategic Risks- fully managed internally by the organisation Operations • Elimination /Termination • Avoidance Organisation's Risks Financial Risk Capacity / Appetite Risks - Cannot be managed by Organisation and needs to be transferred Compliance Business is exposed to multiple risks Risks - Partly managed internally by the organisation Ability to manage risk depends on Risk Appetite / capacity • Tolerate / Acceptance • Mitigation and Monitoring • Transfer Significant portion of risks can be transferred through contractual / insurance
  • 9.
    Internal Control Framework Governance/ Oversight Control Audit Committee, Risk Council Administrative Controls Policies, Guidelines, SOPs Management Controls Self Assessment, Questionnair e based Monitoring Controls On Ground process controls MIS, KPIs, Reports, Risk Radar. Reviews SOD, IT, Access Internal Audit, SOX, Risk Management, Compliance Predictive or Detective Whistle Blower, Independent Forum Extended Controls Customer, Vendor, Regulat or, Bank Controls External Controls influencing internal controls There is a world beyond Risk and Control Matrix (RCM)….
  • 10.
    In our journeycan we help Business to embrace Risk…… with greater understanding Your greatest growth opportunities are your greatest risks reversed