12/10/55

Risk Management
To identify and assess key business risks across
the organization including identifying actions
to be taken to mitigate high and medium risks.

Why Risk Management ?

Good Corporate Governance.

Proper resource allocation.
Assurance for the Company & Board.
Ascertain that things go according to plan

1
 12/10/55

What is Risk ?

Events that may occur and causes unwanted negative

consequences to the Company.

Risk = Likelihood x Impact

Types of Risk ?

Strategic Risk
Financial Risk
Operation Risk
Compliance Risk

2
 12/10/55

Factors that affect Risk ?

External Factors
Economics/Politics/Law/Natural
disaster/Technology/Competitors
Internal Factors
Organization/Management/Control/ IT
technology/Fraud

Process Overview

Set Objectives.
Risk Identifications.
Risk Assessments.
Risk Responses.
Report / Communication / Monitoring.

3
 12/10/55

IMPLEMENTATION

Questionnaires / Surveys for each site/dept../Workshop.

Standard framework for risk identification and assessment.

Sites/dept. are risk owners and not IA Dept.

Risk responses must be from site/dept. and should be in line with company
policies on risk appetite.

Overall Risk Map for the company.

Risk Assessment.

Likelihood.
High/medium/low
Impact.
High/medium/low

Set Risk Assessment Criteria (RAC)

4
 12/10/55

Risk Treatment.

Take
Transfer
Treat
Terminate