B1: M2: Enterprise Risk Management (ERM)

Ace your homework & exams now with Quizwiz!

the possibility that events will occur and affect the achievement of strategy & business objectives

According to COSO's ERM (2017), what is the definition of risk?

(CCPIS) Culture, Capabilities & Practices, Integrated w/ Strategy-setting & Performance, that organizations rely on to manage risk in Creating, Preserving & Realizing Value

How is ERM defined according to COSO (2017)

creation, preservation, erosion & realization

Management decisions affect the development of value, including its... (4)

1. Governance & Culture (G) 2. Strategy & Objective Setting (O) 3. Performance (P) 4. Review & Revision (R) 5. [ongoing] Information, Communication & Reporting (O) (GO PRO)

What are the components of ERM?

1. Defines Desired Culture (D) 2. Exercises Board Oversight (O) 3. Commitment to Core Values (V) 4. Capable individuals [employees] (E) 5. Operating Structure (S) (DOVES)

What are the principles that support the *Governance & Culture* component of ERM?

1. Leverages Info & Technology (T) 2. Communicates Risk Info (I) 3. Reports on Risk Culture & Performance (P) (TIP)

What are the principles that support the *Info, Communication & Reporting (ongoing)* component of ERM?

1. Develops Portfolio View (V) 2. Assesses Severity of Risk (A) 3. Prioritizes Risk (P) 4. Identifies Risks [events] (I) 5. Implements Risk Responses (R) (VAPIR)

What are the principles that support the *Performance* component of ERM?

1. Assesses Substantial Change (S) 2. Pursues Improvement in ERM (I) 3. Reviews Risk & Performance (R) (SIR)

What are the principles that support the *Review and Revision* component of ERM?

1. Evaluates Alt Strategies (S) 2. Formulates Business Objectives (O) 3. Analyzes business context (A) 4. Defines Risk Appetite (R) (SOAR)

What are the principles that support the *Strategy & Objective Setting* component of ERM?

1. accept 2. avoid 3. pursue 4. reduce 5. share

Within the context of ERM, identify 5 common risk responses

Risk remaining after mgmt has taken action

Within the context of ERM, what is the meaning of actual residual risk?

Risk to an entity in the absence of any direct or focused actions by mgmt to alter its severity

Within the context of ERM, what is the meaning of inherent risk?

amount of risk an entity prefers to assume in the pursuit of its strategy & business objectives knowing that management will implement actions to alter severity of the risk

Within the context of ERM, what is the meaning of target residual risk?


Related study sets

Architect Journey: Development Lifecycle and Deployment

View Set

Art Chapter 14, 15, 16 Connect Questions

View Set