DQ1: 7 Essential Elements of Enterprise Risk Management and the Role of Internal Audit
DQ2: The five elements of a fraud and corruption management program are each very important. However, of those five, do you think any is particularly critical (more than the others) to the success of the program?
DQ3: Those nine points seem rather self-explanatory, in my view, except for #8. What does Harb and Morley have in mind with that one? (#8. Use risk registers to scope internal audit assignments)
DQ4: What might be some drawbacks to the "one minute" risk management approach?
DQ1. 7 steps to effective enterprise risk management
1. Management's role: Management should engage in qualitative risk assessment and prioritization
2. Setting the context: The context should be set which links company's mission and objectives to the management of risks
3. Identify and prioritize enterprise risks: Identify and categorize risks into different areas. Each risk category should have different mitigation strategies.
4. Choose tools for risk identification and assessment: Both qualitative and quantitative risk assessment tools should be used
5. Consider potential outcomes
6. Evaluate how existing systems mitigate risk: This to identify where intervention of management systems and processes are required.
7. Link ERM to overall governance, risk and compliance
The role of internal auditors in ...
The document provides answers to discussion questions related to enterprise risk management and role of internal audit.