位置: 趙永祥 >
Risk managements
The Board Responsibilities for Risk Management and Internal Control
by 趙永祥 2015-02-12 08:39:11, 回應(0), 人氣(770)
The Board Responsibilities for Risk Management and Internal Control
The board has responsibility for an organisation’s overall approach to risk
management and internal control. According to my research, the board’s responsibilities mainly included are:
1. ensuring the design and implementation of appropriate risk management and
internal control systems that identify the risks facing the company and enable the
board to make a robust assessment of the principal risks;
2. determining the nature and extent of the principal risks faced and those risks
which the organisation is willing to take in achieving its strategic objectives
(determining its “risk appetite”);
3. ensuring that appropriate culture and reward systems have been embedded
throughout the organisation;
4. agreeing how the principal risks should be managed or mitigated to reduce the
likelihood of their incidence or their impact;
5. monitoring and reviewing the risk management and internal control systems, and
the management’s process of monitoring and reviewing, and satisfying itself that
they are functioning effectively and that corrective action is being taken where
necessary;
6. ensuring sound internal and external information and communication processes
and taking responsibility for external communication on risk management and
internal control.
The board’s specific responsibility for determining whether to adopt the going concern
basis of accounting and related disclosures of material uncertainties in the financial
statements is a sub set of these broader responsibilities.
A company that is able to
adopt the going concern basis of accounting and does not have related material
uncertainties to report, for the purposes of the financial statements, is not necessarily
free of risks that would threaten the company’s business model, future performance,
solvency or liquidity were they to materialise.
The board is responsible for ensuring this
distinction is understood internally and communicated externally.
It is the role of management to implement and take day-to-day responsibility for board
policies on risk management and internal control. But the board needs to satisfy itself
that management has understood the risks, implemented and monitored appropriate
policies and controls, and are providing the board with timely information so that it can
discharge its own responsibilities. In turn, management should ensure internal
responsibilities and accountabilities are clearly established, understood and embedded
at all levels of the organisation. Employees should understand their responsibility for
behaving according to the culture.
Dr. Chao Yuang Shiang
12-February-2015
附件: