RSK2601 EXAM NOTES
PART I: ENTERPRISE RISK MANAGEMENT IN CONTEXT — EXAM
NOTES
⸻
Chapter 1: Introduction
This chapter sets the foundation for understanding ERM and why it is necessary.
Key Themes:
• Risk is central to business: Companies must take risks to grow, but failure to
manage them has led to high-profile collapses (e.g., Enron, WorldCom, the
financial crisis of 2007–2009).
• ERM as a response to risk complexity: Modern risks are interdependent,
dynamic, and can’t be managed in silos.
• Boards and governance failures: Weak governance and ethics contributed to
corporate scandals, highlighting the need for integrated risk practices .
⸻
1.1 Risk Diversity
• Risks differ by type (strategic, operational, financial, etc.) and impact.
• Need for broad-based management approach.
⸻
1.2 Approach to Risk Management
• Traditional vs. modern: Shift from ad hoc or siloed responses to a systematic,
integrated approach.
⸻
1.3 Business Growth Through Risk Taking
• Risk-taking is essential to innovation and growth.
• ERM helps companies understand which risks are worth taking.
⸻
1.4 Risk and Opportunity
• Opportunity and risk are two sides of the same coin.
• ERM helps balance them to support long-term objectives.
, ⸻
1.5 The Role of the Board
• The board is accountable for risk oversight.
• Must embed risk management into decision-making and strategic planning.
⸻
1.6 Primary Business Objective (Goal)
• Risk must be managed in the context of business objectives.
• Clear objectives help prioritize risk responses.
⸻
1.7 What is ERM?
• ERM is a structured and continuous process applied across an organization.
• Includes identification, analysis, evaluation, treatment, monitoring,
and communication.
⸻
1.8 Benefits of ERM
• Better performance.
• Improved reporting and decision-making.
• Enhanced compliance.
• More efficient use of resources.
• Increased stakeholder confidence .
⸻
1.9 Structure of ERM
This section introduces seven components forming the structure of ERM:
1. Corporate Governance
• Ensures accountability and monitoring by the board.
• Foundation of ERM .
2. Internal Control
• Internal control is a subset of governance; ERM is a subset of control.
• Aims to ensure reliable operations, reporting, and compliance.
3. Implementation
• Can be done internally or with external consultants.
• Must be clearly planned and resourced.
4. Risk Management Framework
Includes:
PART I: ENTERPRISE RISK MANAGEMENT IN CONTEXT — EXAM
NOTES
⸻
Chapter 1: Introduction
This chapter sets the foundation for understanding ERM and why it is necessary.
Key Themes:
• Risk is central to business: Companies must take risks to grow, but failure to
manage them has led to high-profile collapses (e.g., Enron, WorldCom, the
financial crisis of 2007–2009).
• ERM as a response to risk complexity: Modern risks are interdependent,
dynamic, and can’t be managed in silos.
• Boards and governance failures: Weak governance and ethics contributed to
corporate scandals, highlighting the need for integrated risk practices .
⸻
1.1 Risk Diversity
• Risks differ by type (strategic, operational, financial, etc.) and impact.
• Need for broad-based management approach.
⸻
1.2 Approach to Risk Management
• Traditional vs. modern: Shift from ad hoc or siloed responses to a systematic,
integrated approach.
⸻
1.3 Business Growth Through Risk Taking
• Risk-taking is essential to innovation and growth.
• ERM helps companies understand which risks are worth taking.
⸻
1.4 Risk and Opportunity
• Opportunity and risk are two sides of the same coin.
• ERM helps balance them to support long-term objectives.
, ⸻
1.5 The Role of the Board
• The board is accountable for risk oversight.
• Must embed risk management into decision-making and strategic planning.
⸻
1.6 Primary Business Objective (Goal)
• Risk must be managed in the context of business objectives.
• Clear objectives help prioritize risk responses.
⸻
1.7 What is ERM?
• ERM is a structured and continuous process applied across an organization.
• Includes identification, analysis, evaluation, treatment, monitoring,
and communication.
⸻
1.8 Benefits of ERM
• Better performance.
• Improved reporting and decision-making.
• Enhanced compliance.
• More efficient use of resources.
• Increased stakeholder confidence .
⸻
1.9 Structure of ERM
This section introduces seven components forming the structure of ERM:
1. Corporate Governance
• Ensures accountability and monitoring by the board.
• Foundation of ERM .
2. Internal Control
• Internal control is a subset of governance; ERM is a subset of control.
• Aims to ensure reliable operations, reporting, and compliance.
3. Implementation
• Can be done internally or with external consultants.
• Must be clearly planned and resourced.
4. Risk Management Framework
Includes:
