This document discusses risk management and control. It defines risk management as understanding and managing risks to achieve corporate objectives. It then describes the TARA framework for assessing and managing risks through transference, avoidance, reduction, and acceptance. The document also discusses business risks like strategic, product, commodity price, operational, and reputation risks. It covers the public interest accountants have and stakeholders they are accountable to. The document defines information systems and how they can be implemented as part of risk strategy with initial and running costs. It describes characteristics and benefits of big data like faster decision making and competitive advantage, as well as risks involving skills, security, and protection.

1. Chapter 5
Management Control and Risk
By
Prof. Suku Thomas Samuel
Department of Management

2. Risk Management
Risk management is defined as ‘the process of understanding and
managing the risks that the organization is inevitably subject to in
attempting to achieve its corporate objectives.
Risk Management framework

3. TARA Framework
TARA framework is a tool that helps to assess risks and how to
manage them.
1. Transference - risk can be transferred wholly or in part to a third
party. This strategy is also sometimes referred to as sharing.
2. Avoidance - An organization might choose to avoid a risk
altogether. Risks are unavoidable in business ventures; they can be
avoided only by not investing.
3. Reduction - Third strategy is to reduce the risk, either by limiting
exposure or attempting to decrease the adverse effects.
4. Acceptance - Final strategy is to accept that the risk may occur
and decide to deal with the consequences.

4. Business risk
Business risk is the risk businesses face due to the nature of their
operations and products.
The risk can be considered into different strategies:
1. Strategic risk - Risk that business strategies
2. Product risk - Risk of failure of new product launches/loss of
interest in existing products.
3. Commodity price risk - Risk of a rise in commodity prices.
4. Product reputation risk - Risk of change in product’s reputation
or image.
5. Operational risk - Risk that business operations may be
inefficient, or business processes may fail.

5. Public Interest
The public interest can be defined as that which supports the good of
society, as opposed to what serves the interests of individual
members of society, or of specific sectional interest groups.
The distinguishing mark of an accounting professional is the
acceptance of a responsibility to the public.
The accountancy professional is accountable to:
1. Clients
2. Credit providers
3. Governments
4. Employees
5. Employers
6. Investors

6. Information System
Information systems are a set of interconnected elements working
together to collect, process, store, and distribute information to help
coordination, visualization in an organization, analysis, and decision-
making.
Information systems may be implemented as part of a business’ risk
strategy.
When an organization sees a possibility for introducing a new information
system, an evaluation should be made to decide whether the potential
benefits are sufficient to justify the costs.
Cost-benefit analysis (CBA) can be used to assess the expected costs and
benefits of the IS.

7. Implementation of IS
Implementation of a new system of IS involves – Initial Cost &
Running Cost.
Initial Cost:
i. Costs to design and develop system (bespoke solution).
ii. Purchase price of software.
iii. Purchase cost of new hardware.
iv. Cost of testing and implementation of the new system.
v. Training costs.

8. Implementation of IS
Running Cost:
i. Cost of labour time to run the system.
ii. Cost of materials, e.g. replacement parts.
iii. Cost of service support, e.g. IT helpdesk.
Information Cost – Cost associated in acquiring information for the
functioning of the system.
Costs of internal information - information generated internally
within an organisation.
Costs of external information - information collected from sources
outside the company.

9. Big Data
Big data refers to the large, diverse sets of information that grow at
ever-increasing rates.
"Big data" is the massive amount of data available to organizations
that is not easily managed or analyzed by many business intelligence
tools. – Google
Characteristics of Big data:
1. Velocity – speed of data generation.
2. Volume – quantity of data generated.
3. Variety – formats of data generated.
4. Veracity – accuracy of data generated.

10. Big Data – Benefits.
The benefits of Big data are as follows:
1. Decision making process is significantly reduced.
2. Gaining competitive advantage.
3. Driving innovation is quicker.
4. Improved productivity.
The risks of Big data are as follows:
1. Availability of skillsets.
2. Security of data.
3. Data protection