Part -1
Chapter 35: ERM at Malaysia’s Media Company Astro: Quickly Implementing ERM and Using It to Assess the Risk-Adjusted Performance of a Portfolio of Acquired Foreign Companies.
1. Identify some reasons why risk management practices might not take off and/or be embedded effectively in an investee company.
2. Who should participate in the ERM process to ensure successful implementation of this ongoing program?
3. What should the CEO’s role be for the successful implementation and ongoing performance of an ERM process?
250 to 300 words
Part -2 Comments:- for 2 discussion below
RE: Chapter 35: ERM at Malaysia’s Media Company Astro
COLLAPSE
Top of Form
1. Identify some reasons why risk management practices might not take off and/or be embedded effectively in an investee company.
Organizations implements and embedded ERM at their firms based on many factors such as risk analysis, goals and previous issues faced. Many firms invest in other companies (investee companies) to gain profits or advantages. When investing companies implements or embedded same ERM in investee companies it might not work because the investee company requirements might be different even it might be from different sector. The ERM implemented at investee companies also depends on investee company previous history, decisions made, investee company reputation in the market, risks which are not fully identified by investing company or no full cooperation from investee company people. Many incidents shows full its is highly impossible to conduct full risk review on investee company before acquisition which means the investing company don’t know full risks involved with investee company and ERM implemented without full risk analysis will lead to disasters.
2. Who should participate in the ERM process to ensure successful implementation of this ongoing program?
The most important people while implementing ERM at ASTRO are CEO, CFO, board of directors and its audit committee.
3. What should the CEO’s role be for the successful implementation and ongoing performance of an ERM process?
At ASTRO the CEO and CFO are accountable to board of directors for implementing strategies, procedures and policies for designing effective ERM program.
The CEO should participate in meetings with vice president of enterprise risk management (VPERM) explain current situations and risks levels for monitoring risks management at high level (Fraser, J. R. S., Narvaez, K., & Simkins, B. J., 2015).
Thank you
References
Fraser, J. R. S., Narvaez, K., & Simkins, B. J. (2015). Implementing enterprise risk management: Case studies and best practices. Hoboken, N.J: Wiley.
Bottom of Form
RE: Chapter 35: ERM at Malaysia’s Media Company Astro
COLLAPSE
Top of Form
1. Identify some reasons why risk management practices might not take off and/or be embedded effectively in an investee company.
Following are some the reason that can be considered.
· Risk management methodology approach and objective ...
Part -1 Chapter 35 ERM at Malaysia’s Media Company Astro Qui.docx
1. Part -1
Chapter 35: ERM at Malaysia’s Media Company Astro: Quickly
Implementing ERM and Using It to Assess the Risk-Adjusted
Performance of a Portfolio of Acquired Foreign Companies.
1. Identify some reasons why risk management practices might
not take off and/or be embedded effectively in an investee
company.
2. Who should participate in the ERM process to ensure
successful implementation of this ongoing program?
3. What should the CEO’s role be for the successful
implementation and ongoing performance of an ERM process?
250 to 300 words
Part -2 Comments:- for 2 discussion below
RE: Chapter 35: ERM at Malaysia’s Media Company Astro
COLLAPSE
Top of Form
1. Identify some reasons why risk management practices might
not take off and/or be embedded effectively in an investee
company.
Organizations implements and embedded ERM at their firms
based on many factors such as risk analysis, goals and previous
issues faced. Many firms invest in other companies (investee
companies) to gain profits or advantages. When investing
companies implements or embedded same ERM in investee
companies it might not work because the investee company
requirements might be different even it might be from different
sector. The ERM implemented at investee companies also
depends on investee company previous history, decisions made,
2. investee company reputation in the market, risks which are not
fully identified by investing company or no full cooperation
from investee company people. Many incidents shows full its is
highly impossible to conduct full risk review on investee
company before acquisition which means the investing company
don’t know full risks involved with investee company and ERM
implemented without full risk analysis will lead to disasters.
2. Who should participate in the ERM process to ensure
successful implementation of this ongoing program?
The most important people while implementing ERM at ASTRO
are CEO, CFO, board of directors and its audit committee.
3. What should the CEO’s role be for the successful
implementation and ongoing performance of an ERM process?
At ASTRO the CEO and CFO are accountable to board of
directors for implementing strategies, procedures and policies
for designing effective ERM program.
The CEO should participate in meetings with vice president of
enterprise risk management (VPERM) explain current situations
and risks levels for monitoring risks management at high level
(Fraser, J. R. S., Narvaez, K., & Simkins, B. J., 2015).
Thank you
References
Fraser, J. R. S., Narvaez, K., & Simkins, B. J. (2015).
Implementing enterprise risk management: Case studies and
best practices. Hoboken, N.J: Wiley.
Bottom of Form
RE: Chapter 35: ERM at Malaysia’s Media Company Astro
COLLAPSE
Top of Form
1. Identify some reasons why risk management practices might
not take off and/or be embedded effectively in an investee
company.
Following are some the reason that can be considered.
3. · Risk management methodology approach and objectives
should be aligned with the parent organization.
· Hiring an effective Risk manager and identifying workstream
managers on their pain points and within a short time is
challenging
· Systems need to be in place to effectively manage and monitor
the risks and not identifying the key business decisions that may
involve risk will not be effective.
2. Who should participate in the ERM process to ensure
successful implementation of this ongoing program?
For successful implementation of the ERM process, involvement
of various stakeholders is necessary. This includes CEO, Board
of directors, IT team, Risk management team, Internal Audit,
Legal and compliance teams.
3. What should the CEO’s role be for the successful
implementation and ongoing performance of an ERM process?
CEO should be able to respond to each and every query made by
people who involved in ERM process, making sure everything is
communicated to all stakeholders without any transparency and
conduct training to internal employees about risk management
and strategic planning.
References
Fraser, J. R. S., Narvaez, K., & Simkins, B. J.
(2015). Implementing enterprise risk management: Case studies
and best practices. Hoboken, N.J: Wiley.
Bottom of Form
50 to 75 words for each comment.
PART -3
4. 1) Tell me your final thoughts about the course and how it
helped.
Course: Emerging Threats & Countermeasures
250 words
Running Head: FIREWALL 1
FIREWALL 3
Firewall
Student’s Name
Professor’s Name
Date
In no less than 250 words, explain your topic for the project.
Explain how it is relevant to network security. Be as clear as
5. you can in explaining your topic by using examples, software,
hardware, etc
Network firewalls are considered as a security device which is
used to mitigate any form of unauthorized access to a private
network which has been connected to the internet more so via
an intranet. The only traffic which is allowed on this network is
the one which has been defined by the firewall policies, and any
other form of traffic which tries to pass via this network is
blocked (Syngress, 2003). Network firewalls are observed to be
in the frontline of a particular system where it acts as a
communication channel between the internal and external
devices.
It is possible to configure a network firewall so that it will be in
a position to control any form of data which is either entering or
exiting a particular network. It automatically rejects those form
of messages or traffic which does not meet the defined security
criteria (Syngress, 2002). One thing to note is that when a
firewall has been appropriately configured, the firewall will
allow a user to gain access to any resources while at the same
time keeping off unwanted users, worms and virus or any other
malicious program which might be trying to find its way into
the protected network.
Software vs. Hardware Firewalls
· Hardware firewalls: A standalone product usually releases
these form of firewalls, and they are often in-built components
or any other type of networking device. They are generally
considered as an essential aspect when it comes to the
traditional security system and network configuration
(Syngress, 2003).
· Software firewalls: These are programs which are installed
within a computer, or they are provided by Operating System of
the network device manufacturer. One thing to note about this
form of firewalls is that they can be customized depending on
the user (Syngress, 2002).
6. References
Syngress. (2002). Cisco Security Specialists Guide to PIX
Firewall. Elsevier.
Syngress. (2003). CheckPoint NG VPN 1/Firewall 1: Advanced
Configuration and Troubleshooting. Amsterdam, Netherlands:
Elsevier.
ITS 835
Chapters 35
Other Case Studies on ERM and Risk
ERM at Malaysia’s Media Company Astro
Enterprise Risk Management
Professor Miguel Buleje
Overview
7. • ERM at Malaysia's Media Company Astro: Quickly
Implementing ERM and Using It to Assess the Risk-
Adjusted Performance of a Portfolio of Acquired Foreign
Companies
• Intro
• Background
• ERM at ASTRO
• Evolution of ERM at AOL
• Role of ERM in the Acquisition Process
• Risk Profile: Risk Map & Action Plans
• Investment Performance Dashboard
Introduction
• Case focus on the implementation of ERM to screen
acquisition
investments
• Astro Overseas Limited (AOL) is introduced, as the entity
responsible for all international investments for Astro
• Describes how ERM is implemented in this set up by M&As
by Astro
• Explains how AOL is able to rationalize financial information
and the
risk profile presented in a dashboard to help the board make
better
decision around risk and the overall ROI
8. Background
• The Astro Group
• Established in 1996
• Leading integrated consumer media and entertainment group.
• Operations in 4 key groups: pay TV, radio, publications and
digital
media.
• Corporate Governance in Malaysia
• Introduced first Corporate Governance code in 2000, and it
was revised
in 2007.
• In 2011 its Security Commission established a Blueprint to
corporate
governance.
• Finally, in 2012 delivered and new Comply and Explain code.
Background
• Corporate Governance in Malaysia (Cont.)
• Provided a sound framework to manage risks as follows
• Sound framework of managed risks
• Understand principal risks of all aspects of the business
• Recognize business decisions involved taking of appropriate
risks
• Achieve balance between risks incurred and potential returns
to
shareholders
9. • Ensure systems that effectively monitor and manage risks
• Company risk tolerance and tie to key business risks to
safeguard
shareholders
• Annual report disclosure of main risk management framework
and internal control
ERM at Astro
• ERM framework within Astro
• Overseas Limited (AOL) responsible for all international
investments
• Adopted recommendations by the Malaysian Code on
Corporate
Governance 2012
• Board implemented a Group Risk Management (GRM)
framework as a
integral part for biz operations and projects.
• GRM framework consistent w/ Committee of Sponsoring
Organizations
(COSO) enterprise risk management framework.
• Finally, Astro adopted ISO 31000 International Standard for
risk
management and the COSO process.
Evolution of ERM at AOL
10. • Migration of the ERM from:
• Reactive: Disaster Recovery (What is something
happens?)
• Proactive: Business Continuity (When our biz is
disrupted?) , to
• Adaptive: Enterprise Risk Management (How can we
act for competitive gain?)
Role of ERM in the Acquisition Process
• ERM directly integrated into company acquisition processes
• Pre-acquisition – Gain preliminary acquisition process
• Monitor and Review phase – expands pre-acquisition
and coordination of strategic objectives
• Post acquisition – execution of ERM into new company
and set up of exit/divestment strategy
Risk Profile: Risk Map & Action Plans
• Risk Map Characterized
• Inherent / gross risk
• Residual risk
• Target risk
• Detailed of Risk Profile – Exhibit 35.11
• Risk identified: explanation/ consequences / owner
11. • Causes
• Controls
• Action Plan
• Detailed Action Plan – Exhibit 35.12
Investment Performance Dashboard
• Investment Performance Dashboard
• Investment Risk Analysis (Qualitative Assessment)
• Financial Risk Analysis (Quantitative Assessment)
• Total Investment Performance Score
• Help Board Make Investment Decision
• Investment Performance Dashboard Comparison: Exhibit
35.15
• Investment Performance Dashboard – Quarterly Movements:
Exhibit 35.16
• Assisting the Board in Making Key Decision: Exhibit 35.17