| |
Welcome to the Portal for the Risk Officer
First of all, thank you for visiting our pages. We hope that
you'll find a lot of useful information.
According to the National Institute of
Standards and Technology, risk is a function of the
likelihood of a given
threat-source’s exercising a
particular potential
vulnerability, and the resulting
impact of that
adverse event on the
organization.
For risk managers, all the above words
painted in blue have such a different definition and importance.
According to the United States
Government Accountability Office (GAO), while, in some
instances, the public and private sector should apply risk
management principles in similar ways, in other instances, the
public and private sectors manage risk differently.
In both the public and private sectors
the risk management process should
include:
1. The systematic identification and
assessment of risks through scientific efforts;
2. Efforts to mitigate risks; and
3. Risk adaptation to address
financial consequences or to allow for effective transfer of
risk.
The private
sector manages risk by “pre-funding” and diversifying
risk through insurance. In addition, the private sector creates
incentives for individuals to lower
the risks they face from, for example, a car accident or
a natural disaster, by offering to reduce insurance premiums if
the policy holder takes certain steps to mitigate these risks.
Similarly, the
public sector plays a unique
role in managing risk, for instance, regulating land use and
establishing building codes; organizing disaster protection,
response, and recovery measures; setting regulatory frameworks;
and supplementing the insurance industry.
In addition, the private sector
organizations have more flexibility
than the public sector to select which risks to manage. For
instance, the private sector could avoid risks in cases where
the costs of ensuring these risks are too high.
The private
sector tends to naturally consider
opportunity analysis—or the
process of identifying and exploring situations to better
position an organization to realize desirable objectives—as an
important part of risk management.
In contrast, participants observed,
public sector organizations
have less flexibility to select which risks to address through
protective measures. Like the private sector, the government has
to makes choices about which risks to protect against—since it
cannot protect the nation against all hazards.
Unlike the private sector, the
government has a wide responsibility for preparing for,
responding to, and recovering from all acts of terrorism and
natural or manmade disasters and is accountable to the public
for the investment decisions it makes.
In the private sector, after the Sarbanes Oxley Act in the USA, the Basel ii/iii Accords in
more than 100 countries and the Turnbull guidance in the United
Kingdom, the risk officers have become way more important.
A
company's system of internal control has a key role in the
management of risks that are significant to the fulfilment of
its business objectives.
A sound
system of internal control contributes to
safeguarding the shareholders'
investment and the company's assets.
Internal control facilitates the
effectiveness and efficiency of
operations, helps ensure the reliability of internal and
external reporting and assists compliance with laws and
regulations.
Effective
financial controls, including the maintenance of proper
accounting records, are an important element of internal
control. They help ensure that the company is not unnecessarily
exposed to avoidable financial risks and that financial
information used within the business and for publication is
reliable.
They also contribute to the
safeguarding of assets, including the prevention and detection
of fraud.
A company's
objectives, its internal organisation and the environment in
which it operates are continually evolving and, as a result, the
risks it faces are continually changing.
A sound system of
internal control therefore depends on a thorough and regular
evaluation of the nature and extent of the risks to which the
company is exposed.
Since profits are,
in part, the reward for successful risk-taking in business, the
purpose of internal control is to help manage and control risk
appropriately rather than to eliminate it.
All employees have some
responsibility for internal control as part of their
accountability for achieving objectives.
They,
collectively, should have the necessary knowledge, skills,
information, and authority to establish, operate and monitor the
system of internal control.
This will
require an understanding of the company, its objectives, the
industries and markets in which it operates, and the risks it
faces.
The risk officers must
coordinate this effort. Good risk officers make a real
difference in any organization.
Governments also need good
risk management. According to the GAO,
improving risk communication,
political obstacles to risk-based resource allocation, and a
lack of strategic thinking about managing homeland security
risks.
Improving risk
communication posed the single greatest challenge to using risk
management principles. To address this challenge:
1. We must
educate the public and policymakers about the risks we face and
the value of using risk management to establish priorities and
allocate resources
2. We must engage
in a national discussion to reach a public consensus on an
acceptable level of risk
3. We must
develop new communication practices and systems to alert the
public during an emergency.
In addition, to
address strategic thinking
challenges, governments must develop a national strategic
planning process for security and government wide risk
management guidance.
To improve
public-private sector coordination, the private sector should be
more involved in the public sector’s efforts to assess risks and
that more state and local practitioners and experts be involved
through intergovernmental partnerships.
Every Monday
Top 10 risk and compliance management related news stories and
world events
Do you want to receive every Monday the
Top
10 risk and compliance management related
news stories and
world
events that (for better or for worse) shaped the week's agenda,
and what is next?
You may submit the form that follows.
We meet strict national and international privacy standards. You
can unsubscribe at any time.
We will discuss about...
Risks
The Role of the Risk Officer
Risk Officers and Jobs
Risk Books
Credit Risk
|
|
Free
E-book: 100 Job Descriptions in Risk and Compliance Management
Distance Learning and
Online Certification programs
from the International Association of Risk
and Compliance Professionals (IARCP)
www.risk-compliance-association.com/Distance_Learning_and_Certification.htm
What is included in
the price:
A. The
official presentations
we use in our
instructor-led classes
B. Up to
3 Online Exams
C.
Personalized Membership Certificate printed in full colour.
Processing, printing,
packing and posting to
your office or home
Certified Risk and Compliance Management Professional (CRCMP)
Certified Information Systems
Risk and Compliance Professional (CISRCP)
To
learn more:
www.risk-compliance-association.com/Distance_Learning_and_Certification.htm
| |
