Understanding & Managing Risk

Slides:



Advertisements
Similar presentations
OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
Advertisements

Management Internal Control Program Presented by: USU Manager's Internal Control Program Team Office of Accreditation and Organizational Assessment.
Managing Risk: A Framework and Reporting Cycle 2014.
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
QA Programs for Local Health Departments
Internal Control.
Building a Better Business Model Start with a discussion of Risk Higher Education Policy Commission Board of Governors Summit August 2, 2014.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza
© 2000 International Risk Control America, Inc. Risk Management Presentation — 1 International Risk Control America IRCA
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
School Board Audit Committee Training Module 3 Evaluation of Internal Controls Click to edit Master text styles Second level Third level Fourth level.
1 Software Testing and Quality Assurance Lecture 14 - Planning for Testing (Chapter 3, A Practical Guide to Testing Object- Oriented Software)
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
The University of California Strengthening Business Practices: The Language of Our Control Environment Dan Sampson Assistant Vice President Financial Services.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
Information Systems Controls for System Reliability -Information Security-
Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on.
Control and Accounting Information Systems
INTERNAL AUDIT vis-à-vis INTERNAL CONTROL
Chapter 7 Controlling Information Systems:
An Educational Computer Based Training Program CBTCBT.
Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.
Basics of OHSAS Occupational Health & Safety Management System
Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.
Auditing Internal Control over Financial Reporting
Introduction to Internal Control Systems
Internal controls. Session objectives Define Internal Controls To understand components of Internal Controls, control environment and types of controls.
Chapter 5 Internal Control over Financial Reporting
Internal Control in a Financial Statement Audit
Corporate Responsibility and Compliance A Resource for Health Care Boards of Directors By Debbie Troklus, CHC and Michael C. Hemsley, Esq.
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
Evaluation of Internal Control System
SANEDI. INDEX  KEY ACTIVITIES DURING FINANCIAL YEAR  DISCUSSIONS ON KEY ACTIVITIES  CONCLUSION  APPRECIATION.
The Connection between Risk Management and Internal Control in Organizations Mag. Norbert Wagner Budapest,
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
The Audit as a Management Tool Vermont State Auditor’s Office – April 2009.
Webinar for FY 2011 i3 Grantees February 9, 2012 Fiscal Oversight of i3 Grants Erin McHughJames Evans, CPA, CGFM, CGMA Office of Innovation and Improvement.
Risk Management & Corporate Governance 1. What is Risk?  Risk arises from uncertainty; but all uncertainties do not carry risk.  Possibility of an unfavorable.
FACILITATOR Prof. Dr. Mohammad Majid Mahmood Art of Leadership & Motivation HRM – 760 Lecture - 25.
A European campaign on Risk Assessment Common errors in Risk Assessment.
IT Risks and Controls Revised on Content Internal Control  What is internal control?  Objectives of internal controls  Types of internal controls.
IT Controls Global Technology Auditing Guide 1.
Section Topics Risk and control terminology Risk elements
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Presented to Managers. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an organization.
Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.
S5: Internal controls. What is Internal Control Internal control is a process Internal control is a process Internal control is effected by people Internal.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Auditing Internal Control over Financial Reporting Chapter Seven.
Purchasing Forum – May The integration of the activities, plans, attitudes, policies, and efforts of the people of an organization working together.
Enhancing the Effectiveness, Efficiency, Transparency, and Accountability of Operations of the Philippine Information Agency through Improvement of Internal.
Copyright © 2007 Pearson Education Canada 9-1 Chapter 9: Internal Controls and Control Risk.
Internal Controls For Municipalities Vermont State Auditor’s Office – August 2008.
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
What is Internal Audit University of Date. What/Who is Internal Audit? A University department that reports directly to the Board of Regents (BOR) through.
Collaboration Process 1. IC Objectives and Risk Tolerances Define, document, and implement top-down internal control objectives and risk tolerances: 
2007 Office of Risk Management Annual Conference 2007 David M. Shapiro Disaster Planning & Recovery Consultants
Governance, risk and ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
Risk Management Dr. Clive Vlieland-Boddy. Managements Responsibilities Strategy – Hopefully sustainable! Control – Hopefully maximising profits! Risk.
Internal Control.
Information Technology Controls
Governance & Control in ERP Systems
HUMAN RESOURCE GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

Understanding & Managing Risk

Why is risk important? How does it effect me? Risk is a part of life Personal life: damage to home or car Family life: poor health of family members Work life: not doing a job properly

What does risk mean? Exposure to possible loss x Risk = The probability of such a loss Risk = - OR - Anything that can stop you from attaining your goals & objectives

Risk Management Process Key Steps Risk management requires you to: Analyze functions and processes to identify risk Assess risks to measure the level or severity of the risk Define the management techniques needed to control and mitigate the risk Periodically review the techniques and controls to monitor and ensure ongoing adequacy and effectiveness

Risk Analysis To analyze a function for risk you should: Document & understand objectives of the function Identify risks associated with the function Document risks identified Discuss risks identified with associates and one-up manager Determine if existing processes address identified risks Identify risks not controlled by processes or systems Determine corrective actions to be taken (if any) Quantify risk as high, medium, or low

What is a control? An action or series of actions that results in a reduction of risk to within acceptable tolerances.

What is the purpose of having controls? Controls are used to ensure: Resources are adequately protected Significant financial, managerial, and operating data is accurate and reliable Employees’ actions are in compliance with laws, regulations, policies, procedures, and standards Resources are employed effectively

Characteristics of Control Controls are adequate and effective Adequate: a control must be designed to provide reasonable assurance that risk will be mitigated Effective: a control must actually work as it was designed and the control objective is achieved

Controls should also be predictive … That is, the limits of controls should be known as volumes of other factors approach the capacity of the control. For example, a control may be adequate and effective based on current volumes up to an additional 25%. Beyond that level, adequacy and effectiveness are diminished and modifications are needed.

What types of controls are there? Preventative: actions designed to impede undesirable outcomes. Detective: actions that measure the effectiveness of preventative controls and identify errors when they occur. Corrective: actions that resolve problems identified by preventative and detective controls.

Risk Management Steps After you analyze a function to identify risks, you: Quantify & measure risks as high, medium, or low to prioritize risks Define and apply the controls and management techniques to manage the risks Review periodically to monitor the organization, functions, and control environment

Risk Management Steps Why conduct a periodic review? The best way to ensure ongoing adequacy and effectiveness is by conducting periodic reviews to ensure adequacy and effectiveness

Risk Management Steps How often do I conduct a periodic review? High Risk Functions: review not less than quarterly Medium Risk Functions: review semi-annually or annually Low Risk Functions: review at leas annually

Risk Management Steps Why monitor the risk management process? Accountability, which includes maintaining an adequate and effective control environment Responsiveness, which includes effective communications, process improvement, and reliability

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.