Fraud Risk Management
|
|
- Marcus Bond
- 5 years ago
- Views:
Transcription
1 Fraud Risk Management Fraud Risk Assessment Part Association of Certified Fraud Examiners, Inc.
2 Fraud Risk Assessment Frameworks Frameworks are helpful for performing, evaluating, and reporting the results of the fraud risk assessment. Specific needs and the culture of the organization must be considered and accounted for Association of Certified Fraud Examiners, Inc. 2 of 27
3 Fraud Risk Assessment Framework 1. Identify potential inherent fraud risks and schemes. 2. Assess the likelihood of identified inherent fraud risks. 3. Assess the impact of identified inherent fraud risks. 4. Evaluate which people and departments are most likely to commit fraud Association of Certified Fraud Examiners, Inc. 3 of 27
4 Fraud Risk Assessment Framework 5. Identify and map existing controls to relevant fraud risks. 6. Evaluate whether the identified controls are operating effectively and efficiently. 7. Identify, evaluate, and respond to residual fraud risks that need to be mitigated Association of Certified Fraud Examiners, Inc. 4 of 27
5 Fraud Risk Assessment Framework Identified Fraud Risks and Schemes Likelihood Impact Personnel / Departments Involved Existing Fraud Control Activities Control Activities Effectiveness Residual Fraud Risk Fraud Risk Response Financial Reporting: Asset Misappropriation: Corruption and Illegal Acts: External Risks: Other Risks: 2017 Association of Certified Fraud Examiners, Inc. 5 of 27
6 Step 1: Identify Potential Inherent Risks Use knowledge gathered from: Individuals throughout the entity Actual frauds and fraud investigations External sources To brainstorm: Incentives, pressures, and opportunities for fraud Risk of management s override of controls Population of internal and external fraud risks Risk of regulatory and legal misconduct Reputation risk (as byproduct of fraud risk) 2017 Association of Certified Fraud Examiners, Inc. 6 of 27
7 2017 Association of Certified Fraud Examiners, Inc. 7 of 27
8 Step 2: Assess the Likelihood of Identified Risks Subjective, and often difficult, process that allows management to apply preventive and detective controls rationally Two common approaches: The probability that the fraud will be attempted The frequency with which a fraud risk will occur Usually assessed using scale Can be qualitative or quantitative 2017 Association of Certified Fraud Examiners, Inc. 8 of 27
9 Step 2: Assess the Likelihood of Identified Risks Rating Based on Annual Frequency Based on Annual Probability of Occurrence Descriptor Definition Descriptor Definition 5 Very frequent >20 times per year Almost certain >90% chance of occurrence 4 Frequent 6 to 20 times per year Likely 65% to 90% chance of occurrence 3 Reasonably frequent 2 to 5 times per year Reasonably possible 35% to 65% chance of occurrence 2 Occasional 1 time per year Unlikely 1 Rare <1 time per year Remote 10% to 35% chance of occurrence <10% chance of occurrence 2017 Association of Certified Fraud Examiners, Inc. 9 of 27
10 Considerations in Assessing the Likelihood of Identified Risks Past instances of the particular fraud Prevalence of the fraud risk in the industry Internal control environment of the organization Resources available to address fraud Support of fraud prevention efforts by management Ethical standards and culture of the organization Number of individual transactions involved Number of people involved Complexity of the fraud risk Unexplained losses Complaints by customers or vendors Fraud surveys and statistics 2017 Association of Certified Fraud Examiners, Inc. 10 of 27
11 Considerations in Assessing the Likelihood of Identified Risks Risk trend is the direction of movement of a particular risk that impacts an organization. Might be part of likelihood or might be a separate assessment factor Association of Certified Fraud Examiners, Inc. 11 of 27
12 Step 3: Assess the Impact of Identified Risks As with likelihood, assessed using predetermined scale Can be qualitative or quantitative Need to consider both financial and nonfinancial factors 2017 Association of Certified Fraud Examiners, Inc. 12 of 27
13 Step 3: Assess the Impact of Identified Risks Rating Descriptor Definition 5 Catastrophic 4 Major 3 Moderate 2 Minor 1 Incidental Financial loss to company is in excess of $10 million International long-term media coverage Widespread employee morale issues; multiple senior leaders leave Incident must be reported to authorities and significant sanctions and financial penalties result Financial loss to company is between $100,000 and $10 million National long-term media coverage Widespread employee morale problems and turnover Incident must be reported to authorities and sanctions against company result Financial loss to company is between $10,000 and $100,000 Short-term regional or national media coverage Widespread employee morale problems Incident must be reported to authorities and immediate corrective action is necessary Financial loss to company is between $1,000 and $10,000 Limited local media coverage General employee morale problems Incident is reportable to authorities, but no follow-up Financial loss to company is less than $1,000 No media coverage Isolated employee dissatisfaction Event does not need to be reported to authorities 2017 Association of Certified Fraud Examiners, Inc. 13 of 27
14 Considerations in Assessing the Impact of Identified Risks Financial statement and monetary impact Financial condition of the organization Value of the threatened assets Criticalness of the threatened assets Revenue generated by the threatened assets Impact on operations, brand value, and reputation Financial damages caused to employees or third parties Criminal, civil, and regulatory liabilities Requirements to report fraud to governmental authorities Reputational damage among stakeholders Adverse media coverage Competitive advantages to competing companies Decline in employee morale Lost productivity Loss of key staff Data loss Work stoppages Time and resources spent investigating and following up 2017 Association of Certified Fraud Examiners, Inc. 14 of 27
15 Considerations in Assessing the Impact of Identified Risks Risk velocity is the speed with which a particular risk occurs. It might be part of impact or it might be a separate assessment factor Association of Certified Fraud Examiners, Inc. 15 of 27
16 Step 4: Evaluate Who Is Most Likely to Commit Fraud Use the assessment of incentives and pressures to identify individuals and departments most likely to commit fraud Association of Certified Fraud Examiners, Inc. 16 of 27
17 Step 5: Identify and Map Existing Controls to Inherent Risks Preventive versus detective General versus process-specific Reference specific policy or procedure that supports the control 2017 Association of Certified Fraud Examiners, Inc. 17 of 27
18 Step 6: Evaluate Whether Controls Are Operating Effectively and Efficiently Review accounting policies and procedures. Consider the risk of override. Interview management and employees. Observe control activities. Test samples of transactions for compliance. Conduct transaction walk-throughs. Review previous audit reports. Review previous reports on fraud incidents, shrinkage, and unexplained shortages Association of Certified Fraud Examiners, Inc. 18 of 27
19 Step 6: Evaluate Whether Controls Are Operating Effectively and Efficiently If assessment team does not perform controls testing, they need to gain understanding of: Timing When was the last time the relevant controls were formally tested? Extent How many transactions were tested and which attributes of the internal controls were tested? Results Were deviations from expected internal controls discovered? 2017 Association of Certified Fraud Examiners, Inc. 19 of 27
20 Step 6: Evaluate Whether Controls Are Operating Effectively and Efficiently Control Risk Rating Description 5 Very effective reduces % of the risk 4 Effective reduces 61 80% of the risk 3 Moderately effective reduces 41 60% of the risk 2 Marginally effective reduces 21 40% of the risk 1 Not effective reduces 20% or less of the risk 2017 Association of Certified Fraud Examiners, Inc. 20 of 27
21 Step 7: Measure Residual Fraud Risks Identify residual fraud risks that have not been adequately mitigated due to: Lack of appropriate controls Noncompliance with established control measures Evaluate the likelihood and impact of these residual risks Association of Certified Fraud Examiners, Inc. 21 of 27
22 Addressing the Identified Fraud Risks Establish an acceptable level of risk to use as a basis for response (management). Rank and prioritize identified risks. Estimate the likely cost of each risk. Use a heat map Association of Certified Fraud Examiners, Inc. 22 of 27
23 Estimating Likely Cost of a Risk Risk Likely cost Likelihood of occurrence Potential loss Rank Risk of lost business and reputation damage from a disruption in data processing $100,000 (lost revenue) 2% $2,000 (2% x $100,000) 3 Risk of lost revenues from losing a major client $500,000 (lost revenue) 15% $75,000 (15% x $500,000) 1 Risk of employee embezzlement $150,000 7% $10,500 (7% x $150,000) Association of Certified Fraud Examiners, Inc. 23 of 27
24 Using Heat Maps 2017 Association of Certified Fraud Examiners, Inc. 24 of 27
25 Using Heat Maps 2017 Association of Certified Fraud Examiners, Inc. 25 of 27
26 Using Heat Maps 2017 Association of Certified Fraud Examiners, Inc. 26 of 27
27 Using Heat Maps 2017 Association of Certified Fraud Examiners, Inc. 27 of 27
28 Responding to Residual Fraud Risks Avoid the risk. Transfer the risk. Mitigate the risk. Reduce the likelihood. Reduce the impact. Assume the risk. Use a combination approach Association of Certified Fraud Examiners, Inc. 28 of 27
29 Documenting Risk Mitigation Plans Described new/revised internal control(s) Is the new control applicable to one or multiple fraud risks? Is it preventive or detective? Anticipated effect (i.e. reduction in impact and/or likelihood) Consider plotting effect on heat map Who is responsible for enacting? Anticipated completion date 2017 Association of Certified Fraud Examiners, Inc. 29 of 27
30 Reporting the Assessment Results Report objective not subjective results. Keep it simple. Focus on what really matters. Identify actions that are clear and measurable Association of Certified Fraud Examiners, Inc. 30 of 27
31 Making an Impact with the Fraud Risk Assessment Use the results to: Begin a dialogue across the company. Look for fraud in high-risk areas. Hold responsible parties accountable for progress. Keep the assessment process alive and relevant. Modify or create the code of conduct or ethics policy. Monitor key controls Association of Certified Fraud Examiners, Inc. 31 of 27
ISO/DIS 9001:2015 Risk-Based Thinking
ISO/DIS 9001:2015 Risk-Based Thinking Whittington & Associates, LLC 6175 Hickory Flat Highway, Suite 110-303, Canton, GA 30115 www.whittingtonassociates.com 770-517-7944 Version 1.0: 01/10/15 2015 Whittington
More informationRisk Associated with Meetings
Risk Associated with Meetings Risks Associated with Meetings & Events: No Company is Exempt Meetings and events remain a necessary way for people and organizations to communicate information, build relationships,
More informationRisky Business. Jaidev Iyer Operational Risk Expert, CEO J-Risk Advisors
Risky Business Jaidev Iyer Operational Risk Expert, CEO J-Risk Advisors Speaker Information Jaidev Iyer Enterprise & Operational Risk Expert J-Risk Advisors Jaidev Iyer is a veteran of Citigroup, where
More informationTONGA NATIONAL QUALIFICATIONS AND ACCREDITATION BOARD
TONGA NATIONAL QUALIFICATIONS AND ACCREDITATION BOARD RISK MANAGEMENT FRAMEWORK 2017 Overview Tonga National Qualifications and Accreditation Board (TNQAB) was established in 2004, after the Tonga National
More informationGOV : Enterprise Risk Management Policy
Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management GOV-080-005: Enterprise Risk Management Policy Draft Date: November 2006; January 2012 Revised
More informationKidsafe NSW Risk Management Plan. August 2014
Kidsafe NSW Risk Management Plan August 2014 Document Control Document Approval Name & Position Signature Date Document Version Control Version Status Date Prepared By Comments Document Reviewers Name
More informationRisk Assessment Mitigation Phase Risk Mitigation Plan Lessons Learned (RAMP B) November 30, 2016
Risk Assessment Mitigation Phase Risk Mitigation Plan Lessons Learned (RAMP B) November 30, 2016 #310403 Risk Management Framework Consistent with the historic commitment of Southern California Gas Company
More informationRISK AND OPPORTUNITY ASSESSMENT GUIDE RISK CRITERIA
RISK AND OPPORTUNITY ASSESSMENT GUIDE RISK ASSESSMENT GUIDE TABLE OF CONTENTS 1. PURPOSE... 3 2. SCOPE... 3 3. RELATED DOCUMENTS... 3 4. PROCEDURE... 3 5. RISK MANAGEMENT PROCESS... 3 6. STEP 1 RISK ANALYSIS...
More informationUSF System Compliance & Ethics Program. Risk Assessment Process. Enterprise-Wide Risk Assessment
USF System Compliance & Ethics Program Risk Assessment Process Enterprise-Wide Risk Assessment Risk Assessment Process Risk Assessment: A disciplined, documented, and ongoing process of identifying and
More informationRisk Management. Seminar June Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small
Risk Management Seminar June 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Defining Risk Risk reflects the chance that the actual event may be different than the planned / expected
More informationUnderstanding Enterprise Risk Management: An Overview
Understanding Enterprise Risk Management: An Overview 05/2016 What is Risk? An uncertain event It exists in the future Has a cause and effect Impacts objectives Its effect may be positive and/or negative
More informationRisk Management. Webinar - July 2017
Risk Management Webinar - July 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Adapted and Facilitated by: Professor Enslin J. van Rooyen Risk Management - June 2017 2 Defining Risk
More informationRisk Management Policy and Framework
Risk Management Policy and Framework Risk Management Policy Statement ALS recognises that the effective management of risks is a fundamental component of good corporate governance and is vital for the
More informationRISK MANAGEMENT FRAMEWORK
Risk Management Framework RISK MANAGEMENT FRAMEWORK Purpose This Risk Management Framework introduces St. Michael s College s approach to risk management. It includes a definition of risk, a summary of
More informationRisk Management Framework
Risk Management Framework Anglican Church, Diocese of Perth November 2015 Final ( Table of Contents Introduction... 1 Risk Management Policy... 2 Purpose... 2 Policy... 2 Definitions (from AS/NZS ISO 31000:2009)...
More informationSCCE 2012 COMPLIANCE & ETHICS INSTITUTE. Workshop Agenda
SCCE 2012 COMPLIANCE & ETHICS INSTITUTE October 14, 2012 l Las Vegas, NV Ethics & Compliance Risk Management 101: Program Essentials and Effective Practice Key Steps to Implementing and Championing an
More informationRisk Management Policy and Procedures.
Risk Management Policy and Procedures. Rev Date Purpose of Issue/Description of Change Date 1. June 2006 Initial Issue 2. November 2009 Revised and updated 6 th November 2009 3. September 2010 Revised
More informationProcedure: Risk management
Procedure: Risk management Purpose To outline the procedures involved for identification, assessment and management of risks. Procedure Introduction 1. This procedure outlines the University s Risk Awareness
More informationFraud Risk Assessment CARRIE KENNEDY, PARTNER DUSTIN BIRASHK, PARTNER
Fraud Risk Assessment CARRIE KENNEDY, PARTNER DUSTIN BIRASHK, PARTNER Disclaimer The material appearing in this presentation is for informational purposes only and should not be construed as advice of
More informationApplying COSO s Enterprise Risk Management Integrated Framework. September 29, 2004
Applying COSO s Enterprise Risk Management Integrated Framework September 29, 2004 Today s organizations are concerned about: Risk Management Governance Control Assurance (and Consulting) ERM Defined:
More informationRisk Management Framework
Risk Management Framework Risk Management Framework 1. The University views Risk Management as integral to the successful execution of its Strategy. In order to achieve the aims set out in our strategy,
More informationWHS Risk Assessment and Control Form
WHS Risk Assessment and Control Form Step 1: Who has conducted the Risk Assessment Risk Assessment completed by (name): Staff / Student Number: Signature: Date: Step 4: Documentation and initial approval
More informationApplying COSO s Enterprise Risk Management Integrated Framework
Applying COSO s Enterprise Risk Management Integrated Framework COSO COSO stands for the Committee Of Sponsoring Organizations of the Treadway Commission. The sponsoring organizations are: Institute of
More informationApproved by: Diocesan Council 17 December 2015
DIOCESAN COUNCIL POLICY 39 Risk Management Approved by: Diocesan Council 17 December 2015 1 PREAMBLE The Perth Diocesan Trustees under the authority of the Diocesan Trustees Statute 1952 have the responsibility
More informationSunera Canada ULC. Effective Fraud Risk Assessment Annual Fraud Program. October 21, 2016
Sunera Canada ULC Effective Fraud Risk Assessment 2016 Annual Fraud Program October 21, 2016 Sunera LLC Snapshot Professional consultancy with core competency in Governance, SOx, NI 52-109, Internal Audit,
More informationENTERPRISE RISK MANAGEMENT (ERM) GOVERNANCE POLICY PEDERNALES ELECTRIC COOPERATIVE, INC.
1. Purpose: 1.1. Pedernales Electric Cooperative ( PEC ) is committed to delivering low-cost, reliable and safe energy solutions for the benefit of our members. In order to improve the likelihood of achieving
More informationEnterprise Risk Management Focusing on the Right Risks
2014 CliftonLarsonAllen LLP Enterprise Risk Management Focusing on the Right Risks VGFOA 2015 Fall Conference October 22, 2015 CLAconnect.com Session Objectives 1.Identify factors driving the need for
More informationRISK MANAGEMENT GUIDELINES
RISK MANAGEMENT GUIDELINES Purpose of Guidelines These guidelines outline the way South West Healthcare operates its Risk Management Program and are to assist the organisation, its divisions, departments
More informationPolicy Number: 040 Risk Management August 2018
Policy Number: 040 Risk Management August 2018 Policy Details 1. Owner Manager, Business Services 2. Compliance is required by Staff, contractors and volunteers 3. Approved by The Commissioner 4. Date
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK Approving authority Approval date University Council 5 August 2013 (3/2013 meeting) Advisor Vice President (Corporate Services) vpcorporateservices@griffith.edu.au (07) 373 57343
More informationRisk Management Policy
Risk Management Policy Date Published 6 th July 2016 Version 1 Approved Date 6 th July 2016 Review Cycle Annually Review Date June 2017 Learning together; to be the best we can be 1. Introduction 1.1.
More informationRISK AND BUSINESS CONTINUITY MANAGEMENT
RISK AND BUSINESS CONTINUITY MANAGEMENT EFFECTIVE: 18 MAY 2010 VERSION: 1.4 FINAL Last updated date: 29 September 2015 Uncontrolled when printed 2 Effective: 18 May 2010 CONTENTS 1 POLICY STATEMENT...
More informationRisk Management at the Deutsche Bundesbank March 2011
Risk Management at the Deutsche Bundesbank March 2011 (C) Deutsche Bundesbank - Division Organisation 1 Agenda Definition of risk management [3] Factors of influence to review the RM set up [4] The Framework
More informationBoston Chapter AGA 2018 Regional Professional Development Conference. Brandeis University Professor Erich Schumann May 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Brandeis University Professor Erich Schumann May 2018 1 Identifying Strategic Risk Risks Owned by Strategic Risk Taker Strategic Risk
More informationCOMPANION POLICY CP TO NATIONAL INSTRUMENT CERTIFICATION OF DISCLOSURE IN ISSUERS ANNUAL AND INTERIM FILINGS TABLE OF CONTENTS
COMPANION POLICY 52-109CP TO NATIONAL INSTRUMENT 52-109 CERTIFICATION OF DISCLOSURE IN ISSUERS ANNUAL AND INTERIM FILINGS PART 1 GENERAL 1.1 Introduction and purpose 1.2 Application to non-corporate entities
More informationDelivering Clarity to Credit Unions Through Expertise and Experience
Jeff Owen, The Rochdale Group September 2012 Delivering Clarity to Credit Unions Through Expertise and Experience Enterprise Risk Management Lending Execution and Risk Management Merger Strategy and Realization
More informationRisk Management Policy
Risk Management Policy Date First Published June 2016 Version 3 Date Last Approved 20 th June 2018 Review Cycle 1 Year Review Date June 2019 Learning together; to be the best we can be 1. Introduction
More informationRisk Management Framework. Group Risk Management Version 2
Group Risk Management Version 2 RISK MANAGEMENT FRAMEWORK Purpose The purpose of this document is to summarise the framework which Service Stream adopts to manage risk throughout the Group. Overview The
More informationRisk Management: Principles, Methodologies and Techniques. Peter Getugi Internal Audit Manager ILRI
Risk Management: Principles, Methodologies and Techniques Peter Getugi Internal Audit Manager ILRI NAIROBI 22 JUNE, 2010 Session Objectives What is Risk Management? Why is Risk Management importance rising?
More informationRisk Management Policy. September 2015
Risk Management Policy September 2015 Contents Policy Statement... 3 AA s Commitment to Risk Management... 3 Risk Management Principles... 4 Governance Framework... 6 Roles and Responsibilities... 7 Board...
More informationEnterprise Risk Management Program
Enterprise Risk Management Program David W Sundvall, Risk Manager 3/2/2016 Page 0 of 12 Table of Contents Introduction... 2 Approach... 2 Risk Appetite... 3 Roles and Responsibilities... 3 Process... 4
More informationQuality Control & Compliance Initiative. This document is publicly available to any staff member on the following network path:
Quality Control & Compliance Initiative RISK ASSESSMENT Author: Phonovation Quality Control Group Gavin Carpenter Effective Date: 20 th Nov 2013 Revised: 20 th Jan 2015 Revised by: To: Pedro Quintas All
More information13.1 Quantitative vs. Qualitative Analysis
436 The Security Risk Assessment Handbook risk assessment approach taken. For example, the document review methodology, physical security walk-throughs, or specific checklists are not typically described
More informationTopic RISK MANAGEMENT Procedure Category Risk Management Updated 07/2011
Topic RISK MANAGEMENT Procedure 07.01 Category Risk Management Updated 07/2011 RELATED POLICIES, PROCEDURES AND FORMS Policies Procedures Forms Risk Management Policy Code of Conduct Public Interest Disclosure
More informationRisk Diverse Environments: Prioritizing the Priorities
Risk Diverse Environments: Prioritizing the Priorities Presented by: Sheryl Vacca, CCEP, CHC-F, CHRC SVP/Chief Compliance and Audit Officer University of California Sheryl.vacca@ucop.edu Risk Diverse Environments:
More informationVersion: th November 2010 RISK MANAGEMENT POLICY
Version: 1.2-25th November 2010 RISK MANAGEMENT POLICY Document History Document Location To be completed. Revision History Date of this revision: 17/09/2010 Date of next revision: N/A Revision Number
More informationInternational Standard on Auditing (Ireland) 240
International Standard on Auditing (Ireland) 240 The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements July 2017 MISSION To contribute to Ireland having a strong regulatory
More informationRisk Assessment Workshop Pam Walaski, CSP, CHMM Director, Health and Safety GAI Consultants, Inc. Pittsburgh, PA
Risk Assessment Workshop Pam Walaski, CSP, CHMM Director, Health and Safety GAI Consultants, Inc. Pittsburgh, PA Today s Plan of Action Benefits of Risk Assessment Risk Assessment Definitions Identifying
More informationNATIONAL RISK MANAGEMENT SYSTEM
Scouts Australia NATIONAL RISK MANAGEMENT SYSTEM 2003 First Published 2003 Reviewed August 2006 in consideration of AS/NZS 4360-2004 and Organisational Performance Since First Published. Amendment by Chair
More informationHSC Business Services Organisation Board
Paper BSO 25/2009 HSC Business Services Organisation Board Risk Management 1. Purpose of this report The purpose of this report is to brief the Board on the BSO Risk Management process. 2. Background HSC
More informationEvent Risk Assessment Tool (ERAT) Version 1.0 RARE. UNLIKELY Could occur at some time. POSSIBLE Might occur at some time LIKELY ALMOST CERTAIN
Group Name: Activity Being Assessed: Date of Assessment: Review Assessment By: Referenced Documents (Legislation, Codes of Practice, Standards and Industry Guidelines etc): Persons Involved in the Conduct
More informationRisk management procedures
Purpose and scope In accordance with the BizOps Enterprises risk management policy, these procedures describe the organisation s standard process for risk management, including: 1. Risk identification
More informationGENERAL RISK CONTROL AND MANAGEMENT POLICY
GENERAL RISK CONTROL AND MANAGEMENT POLICY Translation originally issued in Spanish and prepared in accordance with the regulatory applicable to the Group. In the event of a discrepancy, the Spanishlanguage
More informationRisk Management at Central Bank of Nepal
Risk Management at Central Bank of Nepal A. Introduction to Supervisory Risk Management Framework in Banks Nepal Rastra Bank(NRB) Act, 2058, section 35 (a) requires the NRB management is to design and
More informationPractical aspects of determining and applying a risk appetite for SMEs
Practical aspects of determining and applying a risk appetite for SMEs By Tim Timchur acis, Director, ActivePro Consulting Pty Ltd Important to determine appetite for risk before determining what risk
More informationFINANCIAL STATEMENT FRAUD: DETAILED LOOK AT UNCOVERING CREATIVE ACCOUNTING FRAUD: P R E S E N T E D B Y : J O H N E K A D A H
FINANCIAL STATEMENT FRAUD: DETAILED LOOK AT UNCOVERING CREATIVE ACCOUNTING FRAUD: P R E S E N T E D B Y : J O H N E K A D A H Definitions Financial statement frauds is the deliberate misrepresentation
More informationProcedures for Management of Risk
Procedures for Management of Policy Sponsor: Name of Parent Policy: Policy Contact: Procedure Contact: Vice President Finance and Administration Enterprise Management Policy Vice President Finance and
More informationBERGRIVIER MUNICIPALITY
BERGRIVIER MUNICIPALITY ENTERPRISE RISK MANAGEMENT POLICY November 2016 P217 HISTORY OF REVIEW AND APPROVAL Author of Document: Version Author 1.0 Chief Risk Officer: Madell Lihou 1.1 1.2 1.3 Date Compiled
More informationEnterprise Risk Management (ERM) & Compliance
Enterprise Risk Management (ERM) & Compliance Mid Atlantic Regional Meeting, May 1, 2015 Society of Corporate Compliance and Ethics Jason Lunday, consultant Compliance Opportunities in ERM Increase compliance
More informationPerpetual s Risk Management Framework
Perpetual s Risk Management Framework Perpetual s Risk Management Framework Context Perpetual Limited (Perpetual) is a diversified financial services firm, listed on the Australian Securities Exchange.
More informationCompanion Policy CP to National Instrument Certification of Disclosure in Issuers Annual and Interim Filings.
This is an unofficial consolidation of Companion Policy 52-109CP Certification of Disclosure in Issuers Annual and Interim Filings reflecting amendments made effective January 1, 2011 in connection with
More informationRisk Management Policy
Risk Management Policy Version: 3 Board Endorsement: 11 January 2014 Last Review Date: 3 January 2014 Next Review Date: July 2014 Risk Management Policy 1 Table of Contents 1 Introduction... 3 2 Overview...
More informationInternational Standard on Auditing (UK) 240 (Revised June 2016)
Standard Audit and Assurance Financial Reporting Council July 2017 International Standard on Auditing (UK) 240 (Revised June 2016) The Auditor s Responsibilities Relating to Fraud in an Audit of Financial
More informationRISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS
RISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS Presenter CLAIRE GOMEZ MILLER CIA CRMA FCCA CA BOARD DIRECTOR/AUDITCOMMITTEE MEMBER UNITEDINDEPENDENT PETROLEUM MARKETING COMPANY LIMITED TRINIDAD AND TOBAGO
More informationRisk Management Framework
Risk Management Framework Purpose: Scope: This Risk Management Framework introduces Central Queensland Christian College s approach to risk management. It includes a definition of risk, a summary of the
More informationScouting Ireland Risk Management Framework
No. SID 124A/15 Gasóga na héireann/scouting Ireland Issued Amended 20 th June 2015 Deleted Source: National Management Committee Scouting Ireland Risk Management Framework Revision Date Description # 20/06/2015
More informationRISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS
RISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS Presenter CLAIRE GOMEZ MILLER CIA CRMA FCCA CA BOARD DIRECTOR/AUDIT COMMITTEEMEMBER UNITEDINDEPENDENTPETROLEUM MARKETINGCOMPANYLIMITED TRINIDAD AND TOBAGO
More informationBusiness Auditing - Enterprise Risk Management. October, 2018
Business Auditing - Enterprise Risk Management October, 2018 Contents The present document is aimed to: 1 Give an overview of the Risk Management framework 2 Illustrate an ERM model Page 2 What is a risk?
More informationRISK REGISTER POLICY AND PROCEDURE
RISK REGISTER POLICY AND PROCEDURE Lead Manager: Head of Clinical Governance Responsible Director: Board Medical Director Approved by: Date Approved: Date for Review: Feb 2012 Replaces Version: 1.0 Page
More information2.2 For Board Members to approve the five high risks the Trust is facing:
HEREFORD HOSPITALS NHS TRUST PUBLIC BOARD MEETING 28 TH JANUARY 2011 COMPANY SECRETARY S REPORT NICOLA.LICENCE@HHTR.NHS.UK BOARD ASSURANCE FRAMEWORK 1.0 INTRODUCTION 1.1 The attached Board Assurance Framework
More informationThe Auditor s Responsibilities. Audit of Financial Statements
HKSA 240 Issued July 2009; revised July 2010, May 2013, February 2015 Effective for audits of financial statements for periods beginning on or after 15 December 2009 Hong Kong Standard on Auditing 240
More informationIntegrated Risk Management Framework Sept Page 1 of 17
Integrated Risk Management Framework 2017-2018 Sept 2017 Page 1 of 17 Reference: Title: Author/Nominated Lead: Approval Date: Approving Committee: Review Date: Target Audience: Circulation List: Cross
More informationEvent Risk Assessment Tool (ERAT) Version 2.0. Activity Being Assessed: RARE LIKELY ALMOST CERTAIN
Group Name: Date of Assessment: Activity Being Assessed: Review Assessment By: Referenced Documents (Legislation, Codes of Practice, Standards and Industry Guidelines etc): Persons Involved in the Conduct
More informationRISK MANAGEMENT POLICY AND STRATEGY
1 RISK MANAGEMENT POLICY AND STRATEGY Version No: Reason for Update Date of Update Updated By 1 Review Timeframe September 2014 2 Review June 2017 Governance Manager Governance Manager 3 4 5 6 7 8 Introduction
More informationThe Risk Assessment Executives Are Begging For. Presentation Overview. Terminology
The Risk Assessment Executives Are Begging For Brian Zawada Rob Giffin Avalution Consulting LLC Presentation Overview Level-setting Regarding Terminology Likelihood Versus Severity Common Approaches to
More informationBoard Risk Appetite Statement
SH NCP 62 Version: 3 Summary: Keywords (minimum of 5): (To assist policy search engine) Target Audience: This document establishes the key areas of risk and guidance on the level of risk the Board is prepared
More informationAuditing and Assurance Standards Council
Auditing and Assurance Standards Council Philippine Standard on Auditing 240 (Redrafted) THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS PHILIPPINE STANDARD ON AUDITING
More informationUniversity System of Georgia s 2016 Georgia Summit Fraud in Higher Education
University System of Georgia s 2016 Georgia Summit Fraud in Higher Education How to Protect your Institutions! September 14 2016 Jeff Fucito, CPA Aleisa Howell, CPA Jon Schultz, CPA Augusta Marriott at
More informationGuide to an ERM Risk Map and Working in Practice
Guide to an ERM Risk Map and Working in Practice Edith Pfister Chief Financial Officer & Chief Risk Officer RGA Reinsurance Company of Australia Ltd 2 nd ASHK Risk Management Regional Conference, February
More informationENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals
Purpose This Enterprise Risk Management Policy (the ERM policy) provides the framework for managing risks across ( RGHC or the Company ). It contains the policies to guide employees, management and the
More informationRisk Management FUN! Humor Me
Risk Management FUN! Humor Me Leveraging Project Risk Management to Solidify Your RIM Business Continuity P R E S E N T E D B Y : M A R Y L. C L I N T O N, M B A, P M P W E D N E S D A Y, J U N E 2 1,
More informationAN INTRODUCTION TO RISK CONSIDERATION
AN INTRODUCTION TO RISK CONSIDERATION Introduction This cookbook aims at recalling basic concepts and providing simple tools and possibilities of applying the "considering of risks and opportunities" in
More informationBournemouth Primary MAT Risk Management Policy
Bournemouth Primary MAT Risk Management Policy 1. Introduction The Bournemouth Primary Multi-Academy Trust (the Trust) operates a risk management system in order to identify and manage key exposures and
More informationclient user GUIDE 2011
client user GUIDE 2011 STEP ACTION Accessing Risk Register 1. Type https://www.scm rms.ca/riskregister/login.aspx 2. Click in the Username field on the Risk Register home page. 3. Type your Username and
More informationSession 4 Mainstreaming Anti-Corruption into Climate Finance
Session 4 Mainstreaming Anti-Corruption into Climate Finance Workshop on Corruption Risks and Anti- Corruption Strategies in Climate Finance Manila, Philippines 25 to 27 May 2015 Session objectives and
More informationGUIDELINE ACTIVITY RISK MANAGEMENT GUIDELINE
GUIDELINE ACTIVITY RISK MANAGEMENT GUIDELINE Contact Officer Director, Risk Management Purpose The risk management process can be complex and requires the exercise of good judgement. This guideline provides
More informationRisk-based land use planning
Risk-based land use planning Wendy Saunders, James Beban, Margaret Kilvington, Independent Social Research What is risk based planning? Not new Developed as part of PhD Envirolink Tools funding to further
More informationRisk Management Policies and Procedures
Risk Management Policies and Procedures As at May 5 2017 Masters Swimming Australia ABN 24 694 633 156 Level 2, Sports House, 375 Albert Road, Albert Park 3206 t: (03) 9682 5666 e: gm@mastersswimming.org.au
More informationInternal Audit Report
Internal Audit Report Health and Safety - Estates February 2017 To: Acting Chief Operating Officer Director of Resources Head of Estates Head of Safety, Health and Wellbeing Partnership Director, CSG Operations
More informationBuilding a Risk Assessment Process from the Ground Up
Building a Risk Assessment Process from the Ground Up David Fong, SVP Audit Director Bank of the West Governance, Risk & Compliance G12 CRISC CGEIT CISM CISA Table of Contents Session Objectives Purpose
More informationChapter 1. Introduction to Enterprise Risk Management and Insurance. Enterprise Risk Management. Risk Classification.
Chapter 1 Introduction to Enterprise Risk Management and Insurance Enterprise Risk Management Logical process used by firms to deal with multifaceted exposures to loss. Continuous process that identifies
More informationRisk Evaluation, Treatment and Reporting
Chapter 8 Risk Evaluation, Treatment and Reporting In the previous chapter we looked at how risks are identified, described and estimated using a likelihood and consequences matrix. This is an essential
More informationAn Update On Association Policies, Health Checks & Guidelines To A Safer Hockey Association. Lauren Woods Member Engagement & Operations
An Update On Association Policies, Health Checks & Guidelines To A Safer Hockey Association Lauren Woods Member Engagement & Operations Association Health Checks Issues arising from the health check: 3/27
More informationEnergize Your Enterprise Risk Management
Energize Your Enterprise Risk Management Presented By Mark Caiazzo, CISA, CISM, CRISC Tammy Michaud, CPA May 15, 2017 Reviewed: Agenda Enterprise Risk Management Defined Benefits of ERM Key Components
More informationHazard Identification, Risk Assessment and Control Procedure
Hazard Identification, Risk Assessment and Control Procedure 1. Purpose To ensure that there is a formal process for hazard identification, risk assessment and control to effectively manage workplace and
More informationFraud Risk Assessment
Fraud Risk AHIA Southeast Regional Seminar Houston Texas Friday, November 12, 2010 Today s Discussion Agenda What is fraud? Industry fraud statistics Common fraud scenarios Fraud risk assessment (FRA)
More informationINTERNATIONAL STANDARD ON AUDITING 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS
INTERNATIONAL STANDARD ON AUDITING 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD (Effective for audits of financial statements for periods beginning on or after December 15, 2004) CONTENTS Paragraph
More informationInternal Audit Report
Internal Audit Report Community Infrastructure Levy (CIL) and Section 106 (S106) Phase I, Income, May 2017 To: Commissioning Director of Growth and Development, LBB Resources Director, LBB Commissioning
More informationMUSTER AG RISK MANAGEMENT
MUSTER AG RISK MANAGEMENT Risk Management Policy Risk Management Process Risk Management Guidelines Version 1.0 as of 9. October 2011 TABLE OF CONTENTS 1. PRINCIPLES OF RISK MANAGEMENT... 3 1.1. Concept...
More informationManaging business risks in SMSEs
www..com/pg Managing business risks in SMSEs CPA PNG Kokopo conference June 2018 Presented by Stephen Beach Partner, PwC Managing business risks in MSMEs What we will cover. Perspectives on risk and opportunity
More information