Module 41

  1. Best Forms of Executive Compensation
    Generally a combination of fixed compensation and insentive compensation that is related to long-term stock price.
  2. Monitoring Devices
    Internal & external devices that exist to monitor management including: BOD's, NYSE & NASDAQ, Internal Auditors, External Auditors, Investment Banks & securities analysts, creditors, credit rating agencies, attornies, SEC, IRS, Corporate takeovers, shareholder activism
  3. Control Environment
    Sets the tone of an organization: Integrity and ethical values, committment to competence, human resource polices and procedures, assignment of authority, management philosophy and operating style, board of directors or audit committee, organizational structure.
  4. Risk Assessment
    Management's process for identifying, analyzing, and responding to risks
  5. Control Activities
    Policies and procedures that help ensure that management directives are carried out: Performance reviews, Information processing controls, Phisical Controls, Segregation of duties (PIPS)
  6. Information and Commuication
    Should be implemented to capture info and process, summarized and report the info on an accurate and timely basis.
  7. Monitoring
    A process used to asses the quality of IC performance over time.
  8. Change Control Processess
    An effective change control process enables management to control (1) Change requests, (2) Change analysis, (3) Change decisions, and (4) Change planning, implementation and tracking
  9. Enterprise Risk Management (ERM)
    a process, effected by an entity's BOD, management, and other personnel, applied in a strategy setting and across the enterprise designed to indentify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievment of entity objectives.
  10. Compontents of ERM
    8 interrelated: (1) Internal Environment. (2) Objective setting, (3) Event identification, (4) Risk assessment, (5) Risk response, (6) Control activities, (7) Information and communication, (8) Monitoring
  11. Event Identification Techniques:
    • (1) Event inventories
    • (2) Internal analysis
    • (3) Escalation or threshold triggers
    • (4) Facilitated workshop or interviews
    • (5) Process flow analysis
    • (6) Leading event indicators
    • (7) Loss event data methodologies (black swan analysis)
  12. Inherent Risk
    The risk to the organization if management does nothing to alter its likelihood or impact
  13. Residual Risk
    The risk of the event after considering management's response. Risks are assessed in terms of their likelihood of occuring and their impact
  14. Risk Response
    • Management selects risk responses that are consistent with the risk appetite of the organization including:
    • (1) Avoidance - exiting activity
    • (2) Reduction - reduce risk likelihood/impact
    • (3) Sharing - reducing/trsfing/sharing portions of risk
    • (4) Acceptance - no action taken
  15. Limitations of ERM
    Risk relate to the future which is uncertain. ERM provides info about risks of achieving objectives but cannot provide reasonable assurance that objectives will be met. ERM cannot provide absolute assurance w/respect to any of the objectives. Specific limitations include: (1) effectiveness of ERM subject to limitations of human judgement, (2) well-designed ERM can breakdown, (3) Collusion amoung 2 or > employees, (4) can never be perfect due to cost-benefit contraints, (5) subject to management override.
Card Set
Module 41
Corporate Governance, IC, and Enterprise Risk Management