Proactive Risk: A Guide for Enhanced Engineering and Oil & Gas Operations
idisimark22
25 views
42 slides
Jun 13, 2024
Slide 1 of 42
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
About This Presentation
This publication empowers engineers and oil & gas professionals with practical strategies for proactive risk management. Each issue delves into real-world case studies, explores emerging threats, and offers actionable steps to mitigate project risks, ensure operational safety, and optimize res...
Slide Content
RISK
MANAGEMENT
BASIC PRINCIPLES, FRAMEWORK,
STRATEGY AND TOOL
25/09/19 1
MANAGEMENT
BASIC PRINCIPLES, FRAMEWORK,
STRATEGY AND TOOL
25/09/19 1
OUTLINE
q INTRODUCTION
q RISK MANAGEMENT PRINCIPLES
q RISK MANAGEMNT FRAMEWORK
q RISK MANAGEMENT TOOLS
q POLICY AND GUIDELINES
q RISK MANAGEMENT ARCHITECTURE
q RISK MANAGEMENT STRATEGY
q RISK MANAGEMENT PROTOCOLS
q RISK REGISTER
q CONCLUSION
q CASE STUDY
25/09/19 2
q INTRODUCTION
q RISK MANAGEMENT PRINCIPLES
q RISK MANAGEMNT FRAMEWORK
q RISK MANAGEMENT TOOLS
q POLICY AND GUIDELINES
q RISK MANAGEMENT ARCHITECTURE
q RISK MANAGEMENT STRATEGY
q RISK MANAGEMENT PROTOCOLS
q RISK REGISTER
q CONCLUSION
q CASE STUDY
25/09/19 2
INTRODUCTION
Imagine a discipline without its own common set of
assumptions, concepts, principles, standards and
practices that are unique among its practitioners.
Does this sound familiar? Of course it’s child rearing.
You got it!
Children reared in different parts of the world are taught
different things - assumptions, concepts, principles,
standards, practices, culture, beliefs, identity, race
relation, gender, social conditioning – all very different
and presumably very confused!
25/09/19 3
Imagine a discipline without its own common set of
assumptions, concepts, principles, standards and
practices that are unique among its practitioners.
Does this sound familiar? Of course it’s child rearing.
You got it!
Children reared in different parts of the world are taught
different things - assumptions, concepts, principles,
standards, practices, culture, beliefs, identity, race
relation, gender, social conditioning – all very different
and presumably very confused!
25/09/19 3
INTRODUCTION
Every discipline has its own common set of
assumptions, concepts, principles, standards and
practices that are unique among its practitioners.
Risk management is without exception. It has its own
common set of assumptions, concepts, principles,
standards, practices and tools that together form the
risk management discipline.
It is imperative for organizations and risk management
practitioners to understand and use these fundamental
tenets in the practice of risk management.
25/09/19 4
Every discipline has its own common set of
assumptions, concepts, principles, standards and
practices that are unique among its practitioners.
Risk management is without exception. It has its own
common set of assumptions, concepts, principles,
standards, practices and tools that together form the
risk management discipline.
It is imperative for organizations and risk management
practitioners to understand and use these fundamental
tenets in the practice of risk management.
25/09/19 4
INTRODUCTION
The practice of risk management will be incomplete
without these tenets which provide the foundation upon
which risk management is designed and implemented.
There may be differences in the language used and
applications of these canons due to organizational
differences.
However, the objective remains the same: to manage
risks that threaten objectives.
25/09/19 5
The practice of risk management will be incomplete
without these tenets which provide the foundation upon
which risk management is designed and implemented.
There may be differences in the language used and
applications of these canons due to organizational
differences.
However, the objective remains the same: to manage
risks that threaten objectives.
25/09/19 5
INTRODUCTION
A risk management system is a series of coordinated
organizational arrangements, structures, relationships,
processes and procedures that are designed and
embedded into the organization’s strategic and
operational policies and practices.
The principles of risk management provide a sound
basis (intention and purpose) for establishing and
implementing an effective risk management system.
25/09/19 6
A risk management system is a series of coordinated
organizational arrangements, structures, relationships,
processes and procedures that are designed and
embedded into the organization’s strategic and
operational policies and practices.
The principles of risk management provide a sound
basis (intention and purpose) for establishing and
implementing an effective risk management system.
25/09/19 6
PRINCIPLES OF RISK MANAGEMENT
The principles are as follows:
q Risk management creates and protects value – risk
management should contribute to the demonstrable
achievement of objectives and improvement of
performance in, for example, tax compliance, human
health and safety, security, legal and regulatory
compliance, public acceptance, environmental
protection, product quality, project management;
efficiency in operations, corporate governance and
reputation.
25/09/19 7
The principles are as follows:
q Risk management creates and protects value – risk
management should contribute to the demonstrable
achievement of objectives and improvement of
performance in, for example, tax compliance, human
health and safety, security, legal and regulatory
compliance, public acceptance, environmental
protection, product quality, project management;
efficiency in operations, corporate governance and
reputation.
25/09/19 7
PRINCIPLES OF RISK MANAGEMENT
The principles are as follows:
q Risk management is an integral part of all
organizational processes – risk management should
not be a stand-alone activity that is separate from the
main activities and processes of the organization.
Risk management is part of the responsibilities of
management and an integral part of all organizational
processes, including strategic planning, project
management and change management processes.
25/09/19 8
The principles are as follows:
q Risk management is an integral part of all
organizational processes – risk management should
not be a stand-alone activity that is separate from the
main activities and processes of the organization.
Risk management is part of the responsibilities of
management and an integral part of all organizational
processes, including strategic planning, project
management and change management processes.
25/09/19 8
PRINCIPLES OF RISK MANAGEMENT
The principles are as follows:
q Risk management is part of decision-making – risk
management should help decision makers make
informed choices, prioritize actions and distinguish
among alternative courses of actions.
q Risk management explicitly addresses uncertainty –
risk management should explicitly take account of
uncertainty, the nature of that uncertainty and how it
can be addressed.
25/09/19 9
The principles are as follows:
q Risk management is part of decision-making – risk
management should help decision makers make
informed choices, prioritize actions and distinguish
among alternative courses of actions.
q Risk management explicitly addresses uncertainty –
risk management should explicitly take account of
uncertainty, the nature of that uncertainty and how it
can be addressed.
25/09/19 9
PRINCIPLES OF RISK MANAGEMENT
The principles are as follows:
q Risk management is systematic, structured and timely
– risk management should be a systematic, structured
and timely approach to dealing with internal and
external threats and vulnerabilities to the
organization’s objectives and should contribute to
efficiency, and to consistent, comparable and reliable
results.
25/09/19 10
The principles are as follows:
q Risk management is systematic, structured and timely
– risk management should be a systematic, structured
and timely approach to dealing with internal and
external threats and vulnerabilities to the
organization’s objectives and should contribute to
efficiency, and to consistent, comparable and reliable
results.
25/09/19 10
PRINCIPLES OF RISK MANAGEMENT
The principles are as follows:
q Risk management is based on the best available
information – the inputs to the risk management
process are based on information sources such as
historical data, experience, stakeholders’ feedback,
observations, forecasts and expert judgement.
However, decision makers should inform themselves
of and take into account any limitations of the data or
modelling used or the possibility of divergence
among experts.
25/09/19 11
The principles are as follows:
q Risk management is based on the best available
information – the inputs to the risk management
process are based on information sources such as
historical data, experience, stakeholders’ feedback,
observations, forecasts and expert judgement.
However, decision makers should inform themselves
of and take into account any limitations of the data or
modelling used or the possibility of divergence
among experts.
25/09/19 11
PRINCIPLES OF RISK MANAGEMENT
The principles are as follows:
q Risk management is transparent and inclusive –
appropriate, full and timely involvement of all
stakeholders and in particular, decision makers at all
levels within and outside of the organization is
required to ensure that risk management remains
relevant and up-to-date. Involvement also allows
stakeholders to be properly represented, informed
and to have their views taken into account in
determining risk criteria and risk treatments.
25/09/19 12
The principles are as follows:
q Risk management is transparent and inclusive –
appropriate, full and timely involvement of all
stakeholders and in particular, decision makers at all
levels within and outside of the organization is
required to ensure that risk management remains
relevant and up-to-date. Involvement also allows
stakeholders to be properly represented, informed
and to have their views taken into account in
determining risk criteria and risk treatments.
25/09/19 12
PRINCIPLES OF RISK MANAGEMENT
The principles are as follows:
q Risk management is tailored – risk management
should be aligned with the organization’s internal and
external contexts and risk profile.
q Risk management is dynamic, iterative and
responsive to change – risk management should
continually sense and respond to change. As external
and internal events occur, context and knowledge
change, monitoring and review of risk take place, new
risks emerge, some change and others disappear.
25/09/19 13
The principles are as follows:
q Risk management is tailored – risk management
should be aligned with the organization’s internal and
external contexts and risk profile.
q Risk management is dynamic, iterative and
responsive to change – risk management should
continually sense and respond to change. As external
and internal events occur, context and knowledge
change, monitoring and review of risk take place, new
risks emerge, some change and others disappear.
25/09/19 13
PRINCIPLES OF RISK MANAGEMENT
The principles are as follows:
q Risk management facilitates continual improvement
of the organization – organizations should develop
and implement strategies to improve their risk
management maturity alongside all other aspects of
their organizations.
25/09/19 14
The principles are as follows:
q Risk management facilitates continual improvement
of the organization – organizations should develop
and implement strategies to improve their risk
management maturity alongside all other aspects of
their organizations.
25/09/19 14
RISK MANAGEMENT FRAMEWORK
The risk management principles and framework are
closely related.
While the principles provide the bases for establishing
and implementing effective risk management system,
the framework provides the system and structure that
are integrated into the organization’s policies,
processes and procedures.
The framework consists of risk architecture, strategy
and protocols.
25/09/19 15
The risk management principles and framework are
closely related.
While the principles provide the bases for establishing
and implementing effective risk management system,
the framework provides the system and structure that
are integrated into the organization’s policies,
processes and procedures.
The framework consists of risk architecture, strategy
and protocols.
25/09/19 15
RISK MANAGEMENT FRAMEWORK
The architecture is the schematic structure that
establishes roles and responsibilities:
q Committee structure and terms of reference;
q Roles and responsibilities;
q Internal reporting requirements;
q External reporting controls; and
q Risk management assurance arrangement.
25/09/19 16
The architecture is the schematic structure that
establishes roles and responsibilities:
q Committee structure and terms of reference;
q Roles and responsibilities;
q Internal reporting requirements;
q External reporting controls; and
q Risk management assurance arrangement.
25/09/19 16
RISK MANAGEMENT FRAMEWORK
The strategy provides a broad course of actions to
achieve the risk management objectives:
q Risk management philosophy;
q Arrangements for embedding risk management;
q Risk appetite and attitude to risk;
q Benchmark tests for significance; and
q Specific risk statements and policies.
25/09/19 17
The strategy provides a broad course of actions to
achieve the risk management objectives:
q Risk management philosophy;
q Arrangements for embedding risk management;
q Risk appetite and attitude to risk;
q Benchmark tests for significance; and
q Specific risk statements and policies.
25/09/19 17
RISK MANAGEMENT FRAMEWORK
The protocols provide the ground rules and procedures
to be carried out :
q Tools and techniques;
q Risk classification system;
q Risk assessment procedures;
q Risk control rules and procedures;
q Responding to incidents, issues and events;
q Documentation and record keeping;
q Training and communication;
25/09/19 18
The protocols provide the ground rules and procedures
to be carried out :
q Tools and techniques;
q Risk classification system;
q Risk assessment procedures;
q Risk control rules and procedures;
q Responding to incidents, issues and events;
q Documentation and record keeping;
q Training and communication;
25/09/19 18
RISK MANAGEMENT FRAMEWORK
q Audit and assurance procedures and protocols;
q Reporting, disclosures and certification.
Risk management framework has four inter-related
stages:
Plan:
q Identify intended benefits of risk management
initiatives and gain board support;
q Plan the scope of risk management initiatives and
develop common language of risk; and
q Establish common risk management strategy,
framework and roles and responsibilities.
25/09/19 19
q Audit and assurance procedures and protocols;
q Reporting, disclosures and certification.
Risk management framework has four inter-related
stages:
Plan:
q Identify intended benefits of risk management
initiatives and gain board support;
q Plan the scope of risk management initiatives and
develop common language of risk; and
q Establish common risk management strategy,
framework and roles and responsibilities.
25/09/19 19
RISK MANAGEMENT FRAMEWORK
Implement:
q Adopt suitable risk management tools and an agreed
risk classification system;
q Establish risk benchmark (risk criteria) and undertake
risk assessment; and
q Determine risk appetite and risk tolerance levels and
evaluate the existing controls.
25/09/19 20
Implement:
q Adopt suitable risk management tools and an agreed
risk classification system;
q Establish risk benchmark (risk criteria) and undertake
risk assessment; and
q Determine risk appetite and risk tolerance levels and
evaluate the existing controls.
25/09/19 20
RISK MANAGEMENT FRAMEWORK
Measure:
q Evaluate effectiveness of existing controls and
introduce improvements; and
q Embed risk-awareness culture and align risk
management with other activities in the organization.
Learn:
q Monitor and review risk performance indicators to
measure risk management contribution; and
q Report risk performance in line with obligations and
monitor improvement.
25/09/19 21
Measure:
q Evaluate effectiveness of existing controls and
introduce improvements; and
q Embed risk-awareness culture and align risk
management with other activities in the organization.
Learn:
q Monitor and review risk performance indicators to
measure risk management contribution; and
q Report risk performance in line with obligations and
monitor improvement.
25/09/19 21
RISK MANAGEMENT TOOLS
The most fundamental tool to risk management is the
human capacity with the competences, expertise and
risk-awareness culture.
Every risk management tool is useful in so far there is
accompanying knowledge, skills, awareness and
competences to adopt and use those tools.
25/09/19 22
The most fundamental tool to risk management is the
human capacity with the competences, expertise and
risk-awareness culture.
Every risk management tool is useful in so far there is
accompanying knowledge, skills, awareness and
competences to adopt and use those tools.
25/09/19 22
RISK MANAGEMENT TOOLS
A large proportion of risk is identified, analyzed and
treated through human interactions.
Organizations therefore need personnel with the right
knowledge, skills and attitude to effectively manage
risk .
The lack of such knowledge, skills and attitude poses
potential risk to the organization.
25/09/19 23
A large proportion of risk is identified, analyzed and
treated through human interactions.
Organizations therefore need personnel with the right
knowledge, skills and attitude to effectively manage
risk .
The lack of such knowledge, skills and attitude poses
potential risk to the organization.
25/09/19 23
RISK MANAGEMENT TOOLS
Risk management is based on information science (data,
information and intelligence) and the creation and use of
information is an essential tool for risk management.
Another fundamental tool for risk management is a
database – a data warehouse and data extraction and
analysis tools and techniques to analyze, translate and
use such database.
25/09/19 24
Risk management is based on information science (data,
information and intelligence) and the creation and use of
information is an essential tool for risk management.
Another fundamental tool for risk management is a
database – a data warehouse and data extraction and
analysis tools and techniques to analyze, translate and
use such database.
25/09/19 24
RISK MANAGEMENT TOOLS
There are many bespoke and off-the-shelf data
extraction and analysis software available for use in risk
management.
Organizations need to build data warehouse that
seamlessly interfaces all data across the organization to
enable data mining, matching and logical manipulations.
25/09/19 25
There are many bespoke and off-the-shelf data
extraction and analysis software available for use in risk
management.
Organizations need to build data warehouse that
seamlessly interfaces all data across the organization to
enable data mining, matching and logical manipulations.
25/09/19 25
RISK MANAGEMENT POLICY AND
GUIDELINES
An organization needs to develop a common risk
management language that is consistent across the
entire entity.
The role of risk management policy is to lay the
foundation for such common language.
A risk management policy is a statement of overall
intentions, direction and scope of an organization’s risk
management initiatives.
25/09/19 26
GUIDELINES
An organization needs to develop a common risk
management language that is consistent across the
entire entity.
The role of risk management policy is to lay the
foundation for such common language.
A risk management policy is a statement of overall
intentions, direction and scope of an organization’s risk
management initiatives.
25/09/19 26
RISK MANAGEMENT POLICY AND
GUIDELINES
A risk management guideline specifies the step-by-step
procedure for the interpretation and implementation of
policy.
Guidelines define the implementation modalities of
policy and a logical classification and proposition that
are actionable within the context of the organization.
25/09/19 27
GUIDELINES
A risk management guideline specifies the step-by-step
procedure for the interpretation and implementation of
policy.
Guidelines define the implementation modalities of
policy and a logical classification and proposition that
are actionable within the context of the organization.
25/09/19 27
RISK MANAGEMENT ARCHITECTURE
Risk management architecture consists of the following
elements:
q Committee and terms of reference – there should be
structured risk governing bodies at the board and
executive management levels to provide oversight,
direction and supervision over risk management.
q Roles and responsibilities – there should be clear
roles and responsibilities for all responsible parties in
the risk management process.
25/09/19 28
Risk management architecture consists of the following
elements:
q Committee and terms of reference – there should be
structured risk governing bodies at the board and
executive management levels to provide oversight,
direction and supervision over risk management.
q Roles and responsibilities – there should be clear
roles and responsibilities for all responsible parties in
the risk management process.
25/09/19 28
RISK MANAGEMENT ARCHITECTURE
q Internal reporting requirements – management and
board should establish clear reporting requirement
and responsibility for individuals to provide
accountability of their actions and use of resources.
q External reporting controls – there should be clear
controls in place for dissimilating information to
outside parties subject to confidentiality and data
privacy policies.
25/09/19 29
q Internal reporting requirements – management and
board should establish clear reporting requirement
and responsibility for individuals to provide
accountability of their actions and use of resources.
q External reporting controls – there should be clear
controls in place for dissimilating information to
outside parties subject to confidentiality and data
privacy policies.
25/09/19 29
RISK MANAGEMENT ARCHITECTURE
q Risk management assurance arrangement – the board
and executive management should establish a system
that provides independent check and assurance on
the adequacy and effectiveness of the risk
management process.
25/09/19 30
q Risk management assurance arrangement – the board
and executive management should establish a system
that provides independent check and assurance on
the adequacy and effectiveness of the risk
management process.
25/09/19 30
RISK MANAGEMENT STRATEGY
Risk management strategy consists of the following
elements:
q Risk management philosophy – the board and
executive management should form a system of
shared beliefs and attitudes that characterize how
risks and risk management are viewed in the
organization.
q Arrangements for embedding risk management – risk
management should be embedded into organizational
processes, procedures, activities and responsibilities.
25/09/19 31
Risk management strategy consists of the following
elements:
q Risk management philosophy – the board and
executive management should form a system of
shared beliefs and attitudes that characterize how
risks and risk management are viewed in the
organization.
q Arrangements for embedding risk management – risk
management should be embedded into organizational
processes, procedures, activities and responsibilities.
25/09/19 31
RISK MANAGEMENT STRATEGY
q Risk appetite and risk attitude – the board and
executive management should set and communicate
the organization’s risk appetite (the level of risk) that
the organization is willing to accept and risk attitude
( behavior) toward risk.
q Benchmark tests for significance – the risk
management policy and strategy should have
thresholds for determining the significance and
severity of risks.
25/09/19 32
q Risk appetite and risk attitude – the board and
executive management should set and communicate
the organization’s risk appetite (the level of risk) that
the organization is willing to accept and risk attitude
( behavior) toward risk.
q Benchmark tests for significance – the risk
management policy and strategy should have
thresholds for determining the significance and
severity of risks.
25/09/19 32
RISK MANAGEMENT STRATEGY
q Specific risk statements and policies – the risk
management framework should have rules for specific
risk categories.
q Risk assessment techniques – the risk management
framework should have established methodologies for
risk identification, analysis and evaluation.
q Risk priorities for the present year – the board and
executive management should set and communicate
risk management priorities for each year.
25/09/19 33
q Specific risk statements and policies – the risk
management framework should have rules for specific
risk categories.
q Risk assessment techniques – the risk management
framework should have established methodologies for
risk identification, analysis and evaluation.
q Risk priorities for the present year – the board and
executive management should set and communicate
risk management priorities for each year.
25/09/19 33
RISK MANAGEMENT PROTOCOLS
Risk management protocols consist of the following
elements:
q Tools and techniques – organizations should have
appropriate risk management tools, for example,
computer software applications, data mining tools and
common techniques.
q Risk classification system – organization should
establish common risk classification system based on
the nature and severity of risks.
q Risk assessment procedures – organizations should
establish common risk assessment procedures such
as interviews, questionnaires, surveys, focus group,
research, etc.
25/09/19 34
Risk management protocols consist of the following
elements:
q Tools and techniques – organizations should have
appropriate risk management tools, for example,
computer software applications, data mining tools and
common techniques.
q Risk classification system – organization should
establish common risk classification system based on
the nature and severity of risks.
q Risk assessment procedures – organizations should
establish common risk assessment procedures such
as interviews, questionnaires, surveys, focus group,
research, etc.
25/09/19 34
RISK MANAGEMENT PROTOCOLS
q Risk control rules and procedures – risk management
polices should establish control rules and procedures
for carrying out risk treatments.
q Responding to incidents, issues and events – there
should be clear to-do-list of activities to perform in
case of emergencies, etc.
q Documentation and record keeping – policy should
establish the nature and form of documents and
records to be maintained, electronic or manual.
25/09/19 35
q Risk control rules and procedures – risk management
polices should establish control rules and procedures
for carrying out risk treatments.
q Responding to incidents, issues and events – there
should be clear to-do-list of activities to perform in
case of emergencies, etc.
q Documentation and record keeping – policy should
establish the nature and form of documents and
records to be maintained, electronic or manual.
25/09/19 35
RISK MANAGEMENT PROTOCOLS
q Training and communication – staff at all levels of the
entity should have periodic risk management training.
Important risk management tips and massages should
be communicated to all staff within the organization
on a regular basis.
q Audit and assurance procedures and protocols – risk
management system should have clear documented
audit trail and procedures for audit and assurance
should be established.
25/09/19 36
q Training and communication – staff at all levels of the
entity should have periodic risk management training.
Important risk management tips and massages should
be communicated to all staff within the organization
on a regular basis.
q Audit and assurance procedures and protocols – risk
management system should have clear documented
audit trail and procedures for audit and assurance
should be established.
25/09/19 36
RISK MANAGEMENT PROTOCOLS
q Reporting, disclosures and certification – an entity
should have documented reporting and disclosure
policies. Risk management certification at the entity
and individual levels is important.
25/09/19 37
q Reporting, disclosures and certification – an entity
should have documented reporting and disclosure
policies. Risk management certification at the entity
and individual levels is important.
25/09/19 37
RISK REGISTER
A risk register is a tool for capturing risks and actions to
manage each risk.
The register is regularly updated to add new risks and
remove risks that no longer exist.
The risk register is a summary of the risk management
process use to continually monitor risks and events in
the internal and external environments.
25/09/19 38
A risk register is a tool for capturing risks and actions to
manage each risk.
The register is regularly updated to add new risks and
remove risks that no longer exist.
The risk register is a summary of the risk management
process use to continually monitor risks and events in
the internal and external environments.
25/09/19 38
RISK REGISTER – Sample
Compliance Risk Register
Risk
ID
Date
Identified
Risk Description
Likelihood
of Risk
occurring
Impact if
Risk
Occurs
Severity
of Risk
Risk
Owner
Risk Treatment
Strategies
102 April 5,
2017
Incomplete tax returns
from many start-ups
High High Severe Taxpayer
Services
Conduct tax
clinics
146 Aug. 27,
2018
Tax returns are not
thoroughly analyzed by
analysts
Medium High High Human
Resource
Services
Conduct data
analytics
training for
analysts
76 July 20,
2018
Multiple TINs for
taxpayers on the tax
register
Low Medium High Special
Project
Team
Undertake data
cleansing
project
25/09/19 39
Compliance Risk Register
Risk
ID
Date
Identified
Risk Description
Likelihood
of Risk
occurring
Impact if
Risk
Occurs
Severity
of Risk
Risk
Owner
Risk Treatment
Strategies
102 April 5,
2017
Incomplete tax returns
from many start-ups
High High Severe Taxpayer
Services
Conduct tax
clinics
146 Aug. 27,
2018
Tax returns are not
thoroughly analyzed by
analysts
Medium High High Human
Resource
Services
Conduct data
analytics
training for
analysts
76 July 20,
2018
Multiple TINs for
taxpayers on the tax
register
Low Medium High Special
Project
Team
Undertake data
cleansing
project
25/09/19 39
CONCLUSION
q Revenue authorities must establish risk
management system which provides reasonable
assurance that objectives are being achieved.
q There must be clear documented risk management
policies, processes and procedures.
q Appropriate tools, techniques and protocols are
necessary for effective risk management.
q A risk register captures and updates risks to the
organization’s objectives and treatment strategies.
25/09/19 40
q Revenue authorities must establish risk
management system which provides reasonable
assurance that objectives are being achieved.
q There must be clear documented risk management
policies, processes and procedures.
q Appropriate tools, techniques and protocols are
necessary for effective risk management.
q A risk register captures and updates risks to the
organization’s objectives and treatment strategies.
25/09/19 40
CASE STUDY
A revenue authority has set up a team to develop a risk
management compendium. The team needs to identify
and define elements of the components of the risk
management system:
q Principles
q Framework
q Architecture
q Strategy
q Protocols
In a group of five persons, state and define two
elements of each component of the compendium.
25/09/19 41
A revenue authority has set up a team to develop a risk
management compendium. The team needs to identify
and define elements of the components of the risk
management system:
q Principles
q Framework
q Architecture
q Strategy
q Protocols
In a group of five persons, state and define two
elements of each component of the compendium.
25/09/19 41
25/09/19 42
Tags
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 25
- Slides 42
- Age 538 days
Related Slideshows
1
DTI BPI Pivot Small Business - BUSINESS START UP PLAN
MeljunCortes
31 views
1
CATHOLIC EDUCATIONAL Corporate Responsibilities
MeljunCortes
31 views
11
Karin Schaupp – Evocation; lançamento: 2000
alfeuRIO
31 views
10
Pillars of Biblical Oneness in the Book of Acts
JanParon
27 views
31
7-10. STP + Branding and Product & Services Strategies.pptx
itsyash298
29 views
44
Business Legislation PPT - UNIT 1 jimllpkggg
slogeshk98
32 views