REPORTING ON RISK TREATMENT IMPLEMENTATION


HOW TO REPORT ON RISK TREATMENT IMPLEMENTATION

The need for Risk Reporting


Effective risk reporting contributes to good corporate governance by providing reliable and current information to Boards/Accounting Officer, Senior Officials and other stakeholders regarding the risks faced by the organization as well as the treatment plans in place to manage these risks.  The availability of this information can be used to support management decision-making during strategic planning and operational management processes.



Foundation of Good Reporting

The following principles should be remembered when developing a risk reporting solution:


i.      The quality of risk reporting is dependent on a fully functioning risk management system. Incomplete  or  unreliable  risk  identification,  assessment,  prioritization  and  treatment outputs will reflect in poor reporting outputs.

ii.         There is no single risk report that meets the needs of all stakeholders. Report should be developed and customized to reflect the needs and preference of the target audience and its purpose.

iii.       Although   organizations   need   to   report   on   risk   to   various   stakeholder   groups, organizations with more mature and sophisticated risk management framework will typically produce a number of customized risk reports to meet the needs of different stakeholder groups throughout the year.

iv.      Avoid providing too much or too little information in risk reports.


v.         Senior Management and the Board will typically prefer a summary of risks and risk trends, focusing on high risk and strategic issues across the organization, while those involved in

managing  specific  risks  will  require  detailed  information  covering  their  areas  of responsibility.



How to Prepare the Reports


A single person, typically the risk management coordinator/manager, should be responsible for coordinating and drafting risk reports to ensure consistency in standards and format. Risk reporting can be compiled using the ‘Risk Management Quarterly Implementation Report. The risk process should ensure that risks are linked to strategic objectives and functions. This helps to report on risk within a strategic organizational context.




Frequency of Risk Reporting

At a minimum, an organization should update and report on its risk profile on an annual basis. The frequency of risk reporting should reflect the cycle of the organization’s regular internal reporting (e.g. monthly or quarterly progress reports on Financial, Operational, or IT matters).



Format of Risk Reports

The way that risk information is presented can make a huge difference in the value it adds. Report format is not restrictive, but the information provided depends on its level e.g. strategic level and operational level.

i.      Strategic level risk report


Include risk heat maps to report on the top risks faced by the organization (these are well received by most Accounting Officers and Boards). They are useful as they graphically illustrate the relative severity of risks in relation to each other.

The green areas represent the least severe risks, and as the risk moves upward and right towards the red shaded area, the level of risk exposure increases. Link an organisation’s key risks to its strategic objectives or business/ operational goals. This is a useful technique for identifying risks, i.e. what are the risks to the achievement of the objectives. Also provide a summarized implementation status of risk treatment action plans.


ii.      Operational risk report format


Table format is best suited to operational risk reporting. This is simply the summary of key components of the Risk Treatment Action Plans These reports are used by risk committees, programme coordinators and risk owners to monitor and manage the update, implementation and review of risk management activities/plans. This level of detail can be provided as supporting information to summary executive reports, or provided where the board or executive wish to review a specific risk or cluster of risks. A key advantage of table or spreadsheet reports is that they can easily be filtered or sorted to meet the reporting requirements of a specific target audience. It is also easy to add to or modify content following risk update processes.

Comments

Post a Comment

Popular posts from this blog

Routes of communications and their advantages and disadvantages

Communication has been defined as exchange of information creating and maintaining relationship as well as sharing understanding with those around us. Also communication is defined as process in which people share information, ideas and feelings. It involves spoken and written words, body language personal mannerisms, styles and anything that adds meaning to a message. Therefore, Communication is a transfer of information to achieve a goal. Organizational communication is the process by which information is shared within organizations such as businesses. Outside of informal social interactions, individuals in an organization typically communicate with coworkers in their departments who have attained the same status they have, or they communicate with their direct superiors or subordinates. Routs of Communication are ways in which information transfer from one place/person to another, these are: Lateral/Horizontal communication  is  communication  b...
Read more

How to listen properly? - Strategies to improve listening skills

Image
Strategies to improve listening skills Most groups of people such as students spend a lot of time listening to their teachers/instructors during learning/class sessions. Listening is practiced in our daily life experiences. It is important to improve the level of listening so that to improve communication. Oral communication is the one mostly involving the listening skills. Various strategies can be used to improve listening skills. Some of these strategies have been stipulated here below; Maintain eye contact with the instructor. Eye contact keeps you focused on the subject matter at hand and keeps you involved in the matter. Eye contact Increases the level of concentration and understanding. If eye contact is not maintained, it is likely to lose focus, concentration and understandability. Focus on content, not delivery. Content carries the message that someone is about to deliver during the speech. Focusing on the content increases the level of understandabil...
Read more