RSK2601 ASSIGNMENT 1
SEMESTER 2
DUE: 28 AUGUST 2025
, Question 1: Key components of an ERM framework Ubuntu Holdings should
implement (7 marks)
Ubuntu Holdings should implement the following key components of an Enterprise Risk
Management (ERM) framework, based on ISO 31000 and COSO principles:
1. Governance and Leadership
o Clear risk governance structure with oversight from the board and
executive leadership (e.g., the CRO).
2. Risk Identification
o Systematic identification of internal and external risks, including
operational, strategic, financial, and compliance risks.
3. Risk Assessment and Analysis
o Evaluation of risks based on likelihood and impact using qualitative and
quantitative methods.
4. Risk Response and Mitigation
o Development of strategies to avoid, transfer, accept, or mitigate identified
risks.
5. Monitoring and Review
o Continuous tracking of risk performance indicators and updating of the risk
register.
6. Communication and Consultation
o Engagement with stakeholders across departments to promote risk
awareness and shared accountability.
7. Integration with Business Objectives
o Alignment of risk management with Ubuntu Holdings’ strategic goals and
operational planning.
Question 2: Benefits of implementing an ERM framework (5 marks)
Ubuntu Holdings could benefit from an ERM framework in the following ways:
SEMESTER 2
DUE: 28 AUGUST 2025
, Question 1: Key components of an ERM framework Ubuntu Holdings should
implement (7 marks)
Ubuntu Holdings should implement the following key components of an Enterprise Risk
Management (ERM) framework, based on ISO 31000 and COSO principles:
1. Governance and Leadership
o Clear risk governance structure with oversight from the board and
executive leadership (e.g., the CRO).
2. Risk Identification
o Systematic identification of internal and external risks, including
operational, strategic, financial, and compliance risks.
3. Risk Assessment and Analysis
o Evaluation of risks based on likelihood and impact using qualitative and
quantitative methods.
4. Risk Response and Mitigation
o Development of strategies to avoid, transfer, accept, or mitigate identified
risks.
5. Monitoring and Review
o Continuous tracking of risk performance indicators and updating of the risk
register.
6. Communication and Consultation
o Engagement with stakeholders across departments to promote risk
awareness and shared accountability.
7. Integration with Business Objectives
o Alignment of risk management with Ubuntu Holdings’ strategic goals and
operational planning.
Question 2: Benefits of implementing an ERM framework (5 marks)
Ubuntu Holdings could benefit from an ERM framework in the following ways:
