Given the dynamic environment, the audit committee should take a close look at the company’s risk profile at least annually. Ideally, this review should be supported by an updated risk assessment by management. As the committee evaluates disclosure issues, an understanding of the key risks can provide valuable insights.
Many organizations have failed to keep pace with changing trends in risk and compliance. Resource allocation for many risk and compliance initiatives implemented under pressure of a crisis to demonstrate urgency and prioritization or regulators has proven to be unsustainable.
Organizations have learned many lessons over the years from specific financial crises. For example, if a chief executive ignores the warning signs posed by the risk management function, resists contrarian information suggesting the corporate strategy is either not working or losing relevance, or fails to consider critical risks when evaluating whether to enter a new market or consummate a complex acquisition, the shareholders and other constituents can end up paying a high price.
The digital revolution currently taking place is transforming our world. Over the next few years, many organizations will need to undertake radical change programs and, in some cases, completely reinvent themselves to remain relevant and competitive.
What is the Second Line of Defense?
Essential to effective risk management, the lines-of-defense model is implicit in COSO’s internal control framework through the control environment, control, activities, monitoring and other components of an internal control system. It provides assurance to the board of directors, as the elected representatives of the shareholders to oversee the organization’s operations on their behalf, that risks are reduced to a manageable level as dictated by the organization’s appetite for risk. Much more than “segregating incompatible duties” and “ensuring checks and balances,” the lines-of defense model emphasizes a fundamental concept of risk management: From the boardroom to the customer-facing processes, managing risk is everyone’s responsibility.
Copyright pirates, brand impersonators, patent flouters and trade secret thieves are a major threat to businesses, given their increased aggressiveness towards intellectual property (IP) theft. These, and any other original creative works that have economic value and are protected by law, can be categorized as IP.
Technology has greatly expanded the methods of creating, editing, maintaining, transmitting and retrieving records. From creation to disposition, records in electronic recordkeeping systems may now utilize a variety of media. An example of an electronic recordkeeping system is one in which a personal computer generates the original records, which are subsequently stored on a secondary electronic resource. While paper copies of the electronic records may be printed for distribution, the original records are transferred electronically.
Opportunity risk occurs whenever there’s a possibility that a better opportunity may become available after having committed to an irreversible decision.
We all experience opportunity risk at its most basic level several times a week. For example, imagine you have enough cash on you for lunch in a new town and you’re trying to decide between two restaurants you’ve never tried. What if you spend your time and money on the first option and it’s terrible? Or even maybe it’s not terrible, but the second option is just so much better?
Add a Comment: