内部审计转向风险管理的风险.ppt

What is operational risk? Risk reporting and corporate governance Turnbull - Some key points Residual Risk Action Plan Internal Audit to Risk Management A risky migration? Terry Cunnington Director, Risk Assurance Deputy President IIA-UK Summary of presentation ?? Integrating internal audit and operational risk - advantages and disadvantages ?? LIFFE risk management framework ?? Roles and responsibilities for risk management - how does internal audit fit in? ?? Defining operational risk and risk management? ?? Opportunities for internal audit arising from the Combined Code and Turnbull ?? Migration of internal audit to embrace risk management ?? Internal audit skill set going forward The threat of an adverse event or action occurring, which may: ?? lead to failure to respond to unforseen circumstances ?? impact our stakeholders ?? prevent opportunities being exploited ?? impact the achievement of corporate goals ?? result directly or indirectly in losses of any kind What is risk management? ?? Transfer risk to a third party ?? Reduce impact should it occur ?? Reduce likelihood of a risk event occurring ?? Take the right risks ?? Avoid the risk altogether ?? Accept the risk Who is responsible for risk management? ?? Operational Risk ?? Specialist Functions ?? Management ?? Audit Committee ?? Board ?? Internal Audit Identify risk Evaluate risk Manage risk Take risk Own risk Insurance Security Business continuity Health safety Risk strategy Risk framework Monitor and co-ordinate Risk reporting Independent audits Assurance Opinion Proactive advice and support Facilitate improvements Risk Management Responsibilities Management Specialist risk Corporate risk Internal audit ‘hands-on’ ‘hands-off’ ?? Facilitates CRSA and/or multi-disciplinary risk workshops ?? Proactive risk advice, support and training ?? Centre of expertise on risk processes ?? Facilitates improvements in risk manag