RSK_2601 Exam Pack With Answers.

RSK_2601 Exam Pack With Answers. RSK_2601 EXAM PACK WITH ANSWERS 4 ENTERPRISE RISK MANAGEMENT SECTION B:ESSAY QUESTIONS ANSWER ALL QUESTIONS IN THE SPACES PROVIDED QUESTION1-INTRODUCTION TO ENTERPRISE RISK MANAGEMENT(14MARKS) Mrs Jacobs has just been appointed as the new CEO of CALL 4U Ltd.She approaches you as the risk manager to gain a better understanding of the implementation of enterprise risk management(ERM)within the company Compile a report addressed to Mrs Jacobs in which you explain the elements of an ERM structure i)Corporate governance(board oversight) -Corporate governance refers to a framework of rules and practices by which a board of directors ensures Accountability ,fairness and transparency in a companys relationship with all its stakeholders(financiers,customers,management,employees,government and the community. -The corporate governance framework consists of the following: .Explicit and implicit contracts between the companys and the stakeholders for the distribution of responsibilities,rights and rewards .Procedures for reconciling the conflicting interests of stake holders in accordance with their duties,priviledges and roles .Procedures for proper supervision ,control and information flows to serve as a system of checks and balances ii)Internal controls -It refers to the process that is effected by a companys board of directors,management and other personnel,designed to provide reasonable assurance regarding the achievement of objectives in the following categories: -Reliability of financial reporting -Compliance with applicable laws and regulations -Effectiveness and efficiency of operations 5 iii)Implementation -Implementation of risk can be resourced internally or externally.The parameters of any planned actions have to be ommunicated,maopped and agreed so that time factor,resources,costs,inputs and deliverables are understood. iv)Risk Management Framework -Risk management framework is a conceptual structure that is used to address the risks that are faced by an organisation. -The purpose of the risk management framework is to assist an organisation in integrating risk managent into its management process so that it becomes a rouine activity.The frame work consists of the following five steps: a) Mandate and commitment-Risk management must come from the topdown in an organisation.(Organisation Management) b)Design framework-Understanding the organisation and its context,establishing the risk management policy,embedding riskmanagement in all of the organisations practices c)Implement framework-Timing of implementation of framework should be planned and training sessions is required d)Monitor Framework-Periodically review internal and external stakeholders whether the risk management framework,plan,policy and process require amendments e)Improve Framework-Based on the results of the monitor process,decision should be made on whether the risk management framework step should be amended 5)Risk management policy -A Risk management policy sets out how the risks ,which have been identified by the risk assessment procedure,will be managed and controlled.The risk management policy assigns responsibility for perfoming key tasks,establishes accountability with appropriate managers ,defines boundaries, limits and formalises reporting structures. 6)Risk management Process 6 -It essentially applies management policies,procedures and practices to a set of activities that are intended to establish the context,communicate and consult with stakeholders and identify,analyse,evaluate ,treat ,monitor and review the risk.All the processes are repeated through out the organisation up to the implementation of therisk response actions 7)Sources of Risks -A risk source is where risk originates and the risk source has the intrinsic potential to give rise to a risk. QUESTION 2- ENTERPRISE RISK MANAGEMENT PROCESS(10MARKS) 2.1) Briefly explain the following six(6) process activities which need to take place in the risk evaluation stage(6) BASIC CONCEPTS OF PROBABILITY -It refers to the basic principles of probability,which can be used by a business to measure expected outcomes of mutually exclusive and non mutually exclusive events SENSITIVITY ANALYSIS -It is a method that can be used by a business to assess how sensitive the project outcomes are to changes in business.The method uses one variable and examines the effect of that specific variable on the project. SCENARIO ANALYSIS -It is a useful decision making method that focuses on the consequences of events that would have been ignored by the business because it was regarded as an event that has never happened or is unlikely to happen SIMULATION -It refers to a method that is used to analyse financial or time models,where the variables may be un certain for example costs,duration,opportunities or risks. -It can be used when a business has statical software or commercially available spread sheets MONTE CARLO SIMULATION 7 -It is a method used by a business to evaluate the effect of uncertainty on a planned activity in a range of situations and uses or relies on the numbers to sample from a probability distributions. LATIN HYPERCUBE SAMPLING -It refers to a sampling method that is used to recreate the probability distributions that are specified by distribution functions accurately and is a more modern technology method.2 2.2)Distinguish between key risk indicators and key performance indicators.Use examples to elucidate your answer(4Marks) KEY RISK INDICATORS(KRIs) -It refers to captured information that makes a provision of useful views of underlying risk profiles at various levels to assist decision makers within a business. -The following are seen as types of key risk indicators: Inherent or exposure risk indicators .Control risk indicators .Composite indicators .Model risk factors .KEY PERFOMANCE INDICATORS(KPIs) -It refers to high levels snapshots of the health and performance of abusiness based on specific predefined measures for example statistical information on the business