Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding & Managing Risk

Published byDaniela Bennett Modified over 9 years ago

Similar presentations

Presentation on theme: "Understanding & Managing Risk"— Presentation transcript:

1 Understanding & Managing Risk

2 Why is risk important? How does it effect me?
Risk is a part of life Personal life: damage to home or car Family life: poor health of family members Work life: not doing a job properly

3 What does risk mean? Exposure to possible loss x Risk =
The probability of such a loss Risk = - OR - Anything that can stop you from attaining your goals & objectives

4 Risk Management Process Key Steps
Risk management requires you to: Analyze functions and processes to identify risk Assess risks to measure the level or severity of the risk Define the management techniques needed to control and mitigate the risk Periodically review the techniques and controls to monitor and ensure ongoing adequacy and effectiveness

5 Risk Analysis To analyze a function for risk you should:
Document & understand objectives of the function Identify risks associated with the function Document risks identified Discuss risks identified with associates and one-up manager Determine if existing processes address identified risks Identify risks not controlled by processes or systems Determine corrective actions to be taken (if any) Quantify risk as high, medium, or low

6 What is a control? An action or series of actions that results in a reduction of risk to within acceptable tolerances.

7 What is the purpose of having controls?
Controls are used to ensure: Resources are adequately protected Significant financial, managerial, and operating data is accurate and reliable Employees’ actions are in compliance with laws, regulations, policies, procedures, and standards Resources are employed effectively

8 Characteristics of Control
Controls are adequate and effective Adequate: a control must be designed to provide reasonable assurance that risk will be mitigated Effective: a control must actually work as it was designed and the control objective is achieved

9 Controls should also be predictive …
That is, the limits of controls should be known as volumes of other factors approach the capacity of the control. For example, a control may be adequate and effective based on current volumes up to an additional 25%. Beyond that level, adequacy and effectiveness are diminished and modifications are needed.

10 What types of controls are there?
Preventative: actions designed to impede undesirable outcomes. Detective: actions that measure the effectiveness of preventative controls and identify errors when they occur. Corrective: actions that resolve problems identified by preventative and detective controls.

11 Risk Management Steps After you analyze a function to identify risks, you: Quantify & measure risks as high, medium, or low to prioritize risks Define and apply the controls and management techniques to manage the risks Review periodically to monitor the organization, functions, and control environment

12 Risk Management Steps Why conduct a periodic review?
The best way to ensure ongoing adequacy and effectiveness is by conducting periodic reviews to ensure adequacy and effectiveness

13 Risk Management Steps How often do I conduct a periodic review?
High Risk Functions: review not less than quarterly Medium Risk Functions: review semi-annually or annually Low Risk Functions: review at leas annually

14 Risk Management Steps Why monitor the risk management process?
Accountability, which includes maintaining an adequate and effective control environment Responsiveness, which includes effective communications, process improvement, and reliability

Download ppt "Understanding & Managing Risk"

Similar presentations

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
Management Internal Control Program Presented by: USU Manager's Internal Control Program Team Office of Accreditation and Organizational Assessment.

Management Internal Control Program Presented by: USU Manager's Internal Control Program Team Office of Accreditation and Organizational Assessment.
Managing Risk: A Framework and Reporting Cycle 2014.

Managing Risk: A Framework and Reporting Cycle 2014.
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group 209-754-9130

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
QA Programs for Local Health Departments

QA Programs for Local Health Departments
Internal Control.

Internal Control.
Building a Better Business Model Start with a discussion of Risk Higher Education Policy Commission Board of Governors Summit August 2, 2014.

Building a Better Business Model Start with a discussion of Risk Higher Education Policy Commission Board of Governors Summit August 2, 2014.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza

The Islamic University of Gaza
© 2000 International Risk Control America, Inc. Risk Management Presentation — 1 International Risk Control America IRCA www.irca.ws.

© 2000 International Risk Control America, Inc. Risk Management Presentation — 1 International Risk Control America IRCA
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS

IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
School Board Audit Committee Training Module 3 Evaluation of Internal Controls Click to edit Master text styles Second level Third level Fourth level.

School Board Audit Committee Training Module 3 Evaluation of Internal Controls Click to edit Master text styles Second level Third level Fourth level.
1 Software Testing and Quality Assurance Lecture 14 - Planning for Testing (Chapter 3, A Practical Guide to Testing Object- Oriented Software)

1 Software Testing and Quality Assurance Lecture 14 - Planning for Testing (Chapter 3, A Practical Guide to Testing Object- Oriented Software)
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
The University of California Strengthening Business Practices: The Language of Our Control Environment Dan Sampson Assistant Vice President Financial Services.

The University of California Strengthening Business Practices: The Language of Our Control Environment Dan Sampson Assistant Vice President Financial Services.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Similar presentations

Ads by Google