883 resultados para Enterprise risk management
Resumo:
Purpose The paper examines the impact of internal auditors’ involvement in Enterprise Risk Management (ERM) on perceptions of their willingness to report a breakdown in risk procedures and whether a strong relationship with the audit committee affects such willingness to report. The study also investigates the use of ERM and the role of internal audit in ERM in Australian private and public sector entities. Design/methodology/approach The study uses an experimental design, manipulating (i) the internal auditor’s involvement in ERM and (ii) the strength of the relationship between internal audit and the audit committee. Participants are 117 certified internal auditors. The study also gathers descriptive data on the use of ERM. Findings The study indicates that a high involvement in ERM impacts the perceptions of internal auditors’ willingness to report a breakdown in risk procedures to the audit committee. However, a strong relationship with the audit committee does not appear to affect their perceived willingness to report. The study also finds that the majority of organisations have recently adopted ERM. Internal auditors are involved in ERM assurance activities but some also engage in activities that could compromise objectivity.
Resumo:
Enterprise Risk Management (ERM) is the discipline by which enterprises monitor, analyze, and control risks from across the enterprise, with the goal of identifying underlying correlations and thus optimizing the risk-taking behavior in a portfolio context. This study analyzes the valuation implications of ERM Maturity. We use data from the industry leading Risk and Insurance Management Society Risk Maturity Model over the period from 2006 to 2011, which scores firms on a five-point maturity scale. Our results suggest that firms that have reached mature levels of ERM are exhibiting a higher firm value, as measured by Tobin's Q. We find a statistically significant positive relation to the magnitude of 25 percent. Upon decomposition of the maturity score, we find that the most important aspects of ERM from a valuation perspective relate to the level of top–down executive engagement and the resultant cascade of ERM culture throughout the firm. Firms that have successfully integrated the ERM process into both their strategic activities and everyday practices display superior ability in uncovering risk dependencies and correlations across the entire enterprise and as a consequence enhanced value when undertaking the ERM maturity journey ceteris paribus.
Resumo:
Dissertação de Mestrado apresentado ao Instituto de Contabilidade e Administração do Porto para a obtenção do grau de Mestre em Auditoria, sob orientação do Mestre Fernando Teixeira Pinto
Resumo:
Enterprise Risk Management (ERM) is gaining relevance among financial and non-financial companies but its benefits still are uncertain. This paper aims at investigating the relationship between ERM adoption and firm performance based on a sample of 1130 non-financial companies belonging to the STOXX® index. A content analysis of individual accounts is performed to distinguish adopters, and a regression analysis explores the effect of ERM adoption on firm performance, proxied by Tobin’s Q. The findings suggest that there is a statistical significant positive effect of ERM adoption on firm performance, meaning that firms are benefiting from the implementation of this process.
Resumo:
Purpose – The purpose of this paper is to examine the impact of internal auditors’ involvement in enterprise risk management (ERM) on perceptions of their willingness to report a breakdown in risk procedures and whether a strong relationship with the audit committee affects such willingness to report. The study also investigates the use of ERM and the role of internal audit in ERM in Australian private and public sector entities.
Design/methodology/approach – The study uses an experimental design, manipulating the internal auditor’s involvement in ERM and the strength of the relationship between internal audit and the audit committee. Participants are 117 certified internal auditors. The study also gathers descriptive data on the use of ERM.
Findings – The study indicates that a high involvement in ERM impacts the perceptions of internal
auditors’ willingness to report a breakdown in risk procedures to the audit committee. However, a strong relationship with the audit committee does not appear to affect their perceived willingness to report. The study also finds that the majority of organisations have recently adopted ERM. Internal auditors are involved in ERM assurance activities but some also engage in activities that could compromise objectivity.
Research limitations/implications – There are internal and external validity threats associated with the experimental design.
Practical implications – The findings reinforce the need for organisations to adhere to the recommendations of the Institute of Internal Auditors and to ensure that internal auditors do not play an inappropriate role in ERM.
Originality/value – The paper contributes to our understanding of the impact of involvement in ERM on internal audit objectivity and of the current role of internal audit in ERM in Australia.
Resumo:
Risk and knowledge are two concepts and components of business management which have so far been studied almost independently. This is especially true where risk management (RM) is conceived mainly in financial terms, as for example, in the financial institutions sector. Financial institutions are affected by internal and external changes with the consequent accommodation to new business models, new regulations and new global competition that includes new big players. These changes induce financial institutions to develop different methodologies for managing risk, such as the enterprise risk management (ERM) approach, in order to adopt a holistic view of risk management and, consequently, to deal with different types of risk, levels of risk appetite, and policies in risk management. However, the methodologies for analysing risk do not explicitly include knowledge management (KM). This research examines the potential relationships between KM and two RM concepts: perceived quality of risk control and perceived value of ERM. To fulfill the objective of identifying how KM concepts can have a positive influence on some RM concepts, a literature review of KM and its processes and RM and its processes was performed. From this literature review eight hypotheses were analysed using a classification into people, process and technology variables. The data for this research was gathered from a survey applied to risk management employees in financial institutions and 121 answers were analysed. The analysis of the data was based on multivariate techniques, more specifically stepwise regression analysis. The results showed that the perceived quality of risk control is significantly associated with the variables: perceived quality of risk knowledge sharing, perceived quality of communication among people, web channel functionality, and risk management information system functionality. However, the relationships of the KM variables to the perceived value of ERM are not identified because of the low performance of the models describing these relationships. The analysis reveals important insights into the potential KM support to RM such as: the better adoption of KM people and technology actions, the better the perceived quality of risk control. Equally, the results suggest that the quality of risk control and the benefits of ERM follow different patterns given that there is no correlation between both concepts and the distinct influence of the KM variables in each concept. The ERM scenario is different from that of risk control because ERM, as an answer to RM failures and adaptation to new regulation in financial institutions, has led organizations to adopt new processes, technologies, and governance models. Thus, the search for factors influencing the perceived value of ERM implementation needs additional analysis because what is improved in RM processes individually is not having the same effect on the perceived value of ERM. Based on these model results and the literature review the basis of the ERKMAS (Enterprise Risk Knowledge Management System) is presented.
Resumo:
This paper starts from the viewpoint that enterprise risk management is a specific application of knowledge in order to control deviations from strategic objectives, shareholders’ values and stakeholders’ relationships. This study is looking for insights into how the application of knowledge management processes can improve the implementation of enterprise risk management. This article presents the preliminary results of a survey on this topic carried out in the financial services sector, extending a previous pilot study that was in retail banking only. Five hypotheses about the relationship of knowledge management variables to the perceived value of ERM implementation were considered. The survey results show that the two people-related variables, perceived quality of communication among groups and perceived quality of knowledge sharing were positively associated with the perceived value of ERM implementation. However, the results did not support a positive association for the three variables more related to technology, namely network capacity for connecting people (which was marginally significant), risk management information system functionality and perceived integration of the information systems. Perceived quality of communication among groups appeared to be clearly the most significant of these five factors in affecting the perceived value of ERM implementation.
Resumo:
Risk management and knowledge management have so far been studied almost independently. The evolution of risk management to the holistic view of Enterprise Risk Management requires the destruction of barriers between organizational silos and the exchange and application of knowledge from different risk management areas. However, knowledge management has received little or no attention in risk management. This paper examines possible relationships between knowledge management constructs related to knowledge sharing, and two risk management concepts: perceived quality of risk control and perceived value of enterprise risk management. From a literature review, relationships with eight knowledge management variables covering people, process and technology aspects were hypothesised. A survey was administered to risk management employees in financial institutions. The results showed that the perceived quality of risk control is significantly associated with four knowledge management variables: perceived quality of risk knowledge sharing, perceived quality of communication among people, web channel functionality, and risk management information system functionality. However, the relationships of the knowledge management variables to the perceived value of enterprise risk management are not significant. We conclude that better knowledge management is associated with better risk control, but that more effort needs to be made to break down organizational silos in order to support true Enterprise Risk Management.
Resumo:
Risk management and knowledge management have so far been studied almost independently. The evolution of risk management to the holistic view of Enterprise Risk Management requires the destruction of barriers between organizational silos and the exchange and application of knowledge from different risk management areas. However, knowledge management has received little or no attention in risk management. This paper examines possible relationships between knowledge management constructs related to knowledge sharing, and two risk management concepts: perceived quality of risk control and perceived value of enterprise risk management. From a literature review, relationships with eight knowledge management variables covering people, process and technology aspects were hypothesised. A survey was administered to risk management employees in financial institutions. The results showed that the perceived quality of risk control is significantly associated with four knowledge management variables: perceived quality of risk knowledge sharing, perceived quality of communication among people, web channel functionality, and risk management information system functionality. However, the relationships of the knowledge management variables to the perceived value of enterprise risk management are not significant. We conclude that better knowledge management is associated with better risk control, but that more effort needs to be made to break down organizational silos in order to support true Enterprise Risk Management.
Resumo:
This study examines the impact of the scope of risk management and ethical environment on internal audit activities and the quality of accounting control procedures (ACPQ). The conceptual framework for the study is guided by COSO’s frameworks on internal controls and enterprise risk management and data from a questionnaire survey of 64 Australian firms are analysed using a structural equation model. The results of the study support that (1) internal audit activities have a significant intervening effect on the relationship between the scope of risk management and ACPQ, and (2) a direct and positive relationship exists between ethical environment and ACPQ. Our findings suggest that widening the scope of risk management activities do not directly improve ACPQ, but that it leads to more extensive internal audit activities and in turn such activities promote better ACPQ. Further, the results indicate that fostering a more ethical environment directly leads to higher ACPQ. These results have implications for the design of internal controls, namely with respect to the role of internal audit activities and ethical environment in enhancing ACPQ.
