1
UNISA EXAM MEMO RSK2601 MAYJUNE 2014
SECTION A (40 MARKS)
1. 3 11. 3 21. 4 31. 3
2. 1 12. 4 22. 1 32. 1
3. 3 13. 3 23. 3 33. 2
4. 1 14. 2 24. 3 34. 4
5. 4 15. 1 25. 1 35. 1
6. 2 16. 4 26. 3 36. 2
7. 3 17. 1 27. 2 37. 2
8. 2 18. 2 28. 3 38. 1
9. 2 19. 3 29. 1 39. 1
10. 4 20. 2 30. 4 40. 4
SECTION B (30 MARKS)
Question 1 (10 marks)
Risk management framework
The risk management framework is a basic conceptual structure used to address the risks faced by
an organisation. The purpose of the risk management framework is to assist an organisation in
integrating risk management into its management process so that it becomes a routine activity. The
framework is composed of the following five steps:
Mandate and commitment
Design framework
Implement framework
Monitor framework
Improve framework.
Risk management policy
A risk management policy sets out how the risks, which have been identified by the risk assessment
procedure, will be managed and controlled. The risk management policy assigns responsibility for
performing key tasks, establishes accountability with the appropriate managers, defines boundaries
and limits and formalises reporting structures. The policy should address specific responsibilities of
the board, internal audit, external audit, the risk committee, the corporate governance committee,
the central risk function, employees and third party contractors in implementing risk management. A
policy statement defines a general commitment, direction or intention. A policy on risk management
expresses an organisation’s commitment to risk management and clarifies its general direction or
intention.
Risk management process
According to International Risk Standard, ISO 31000 (2009), a risk management process is one that
systematically applies management policies, procedures, and practices to a set of activities intended
081 438 7509/ 061 429 0222/ 078 548 0303
UNISA EXAM MEMO RSK2601 MAYJUNE 2014
SECTION A (40 MARKS)
1. 3 11. 3 21. 4 31. 3
2. 1 12. 4 22. 1 32. 1
3. 3 13. 3 23. 3 33. 2
4. 1 14. 2 24. 3 34. 4
5. 4 15. 1 25. 1 35. 1
6. 2 16. 4 26. 3 36. 2
7. 3 17. 1 27. 2 37. 2
8. 2 18. 2 28. 3 38. 1
9. 2 19. 3 29. 1 39. 1
10. 4 20. 2 30. 4 40. 4
SECTION B (30 MARKS)
Question 1 (10 marks)
Risk management framework
The risk management framework is a basic conceptual structure used to address the risks faced by
an organisation. The purpose of the risk management framework is to assist an organisation in
integrating risk management into its management process so that it becomes a routine activity. The
framework is composed of the following five steps:
Mandate and commitment
Design framework
Implement framework
Monitor framework
Improve framework.
Risk management policy
A risk management policy sets out how the risks, which have been identified by the risk assessment
procedure, will be managed and controlled. The risk management policy assigns responsibility for
performing key tasks, establishes accountability with the appropriate managers, defines boundaries
and limits and formalises reporting structures. The policy should address specific responsibilities of
the board, internal audit, external audit, the risk committee, the corporate governance committee,
the central risk function, employees and third party contractors in implementing risk management. A
policy statement defines a general commitment, direction or intention. A policy on risk management
expresses an organisation’s commitment to risk management and clarifies its general direction or
intention.
Risk management process
According to International Risk Standard, ISO 31000 (2009), a risk management process is one that
systematically applies management policies, procedures, and practices to a set of activities intended
081 438 7509/ 061 429 0222/ 078 548 0303
