This is a TEST. Image should match group

This is a TEST. Image should match group

Risk Assessment

Risk Assessment is the identification of risk, probability of occurrence, measurement of impact and analysis of risks related to the achievement of business objectives. Basically, you identify the things that could go wrong and would have a significant impact on financial reporting, compliance with laws and regulations, UCAR’s reputation etc. It forms the basis for determining how risk should be managed. 

A precondition to risk assessment is the establishment of clear, consistent organizational goals and objectives at both the organization and activity level (laboratory, program, function or department). Once the objectives have been set, best practice establishes that the organization needs to identify the risks that could impede the efficient and effective achievement of those objectives at the organizational level and the activity level. The management of the activity typically is responsible for maintaining focus on a process for objective setting, risk identification, risk analysis, and management of risk during times of change.

The initial assessment of risk considers the inherent risk of a particular risk occurring in the absence of internal controls. After all relevant risks have been identified; internal controls are mapped to the identified risks. Risks that remain unaddressed by appropriate controls comprise the population of residual risks. Assessing the likelihood and impact of each potential risk is a subjective process.

Once risks have been identified, they should be analyzed for their possible effect. Best practices requires that management then formulate an approach for risk management and decide upon the internal control activities required to mitigate those risks and achieve the internal control objectives of efficient and effective operations, reliable financial reporting, safeguarding of assets and compliance with laws and regulations.

The Risk Assessment team should discuss in detail starting with the identified risks, existing internal controls and their effectiveness and determine where they feel residual risks remain. You can document this process on a  Risk Assessment spreadsheet, and a Risk Assessment Responses Summary Chart created to summarize where the risks will be placed based on the risk score. These are tools and you may simplify or document in another way. See Definitions for the Risk Assessment spreadsheet.

AttachmentSize
Office spreadsheet icon RiskAssessmentbasicchart.xls16.5 KB
File RAspreadsheet.xlsm14.7 KB


Last updated by jalipit on October 24, 2012 - 11:04am.
For questions regarding the content of this page, please contact the content editor.