A.

Overview

This learning material covers the topic, Risk Management.

This is relevant to Accountancy students because when you become professionals, you
become trusted advisors not only because of your knowledge of accounting standards but
also on matters that can overall improve the organization.

You will be able to achieve the desired learning outcomes by devoting time and effort in
studying this material, listening and participating actively in the online discussion, and
accomplishing the tasks assigned in the Classwork section of the Google Classroom for this
course.

B. Desired Learning Outcomes

After studying this module, you should be able to:

1. Define risk management.

2. Explain the basic principles of risk management.
3. Enumerate the elements of risk management.
4. Enumerate the importance of risk management.
5. Evaluate or suggest which policies can contribute to the organization’s efforts to avoid
or mitigate risks.

C. Values Integration

In studying this module, it is hoped that you will be able to develop and manifest the
following UA Core Value/s:

✓ Servant Leadership
✓ Integrity
✓ Excellence
✓ Obedience
✓ Open Communication

Faculty: Trixcel Marie Galura AY 2024-25-2 Page 1 of 6

 D. Content/Discussion

Our topic is risk management, but what is risk?

According to Millan, risk is the possibility of an entity suffering a loss or injury should an
uncertain future event occur.

So, if there is a possibility of loss, why do entities take risks? The entities accept risks
simply because there is also a possibility of receiving gains. Like they always say, the higher
the risk, the higher the reward.

Risks may come from uncertainties in the financial market, technological advances, entry of
a competitor, failing projects and products, lawsuits resulting in legal obligations, credit
risks, accidents and natural calamities among others.

Risk management on the other hand is the process employed by an organization or an

individual to identify, assess and control the risks.

Basic Principles of Risk Management based on Standard ISO 31000

❖ Risk management creates and protects value
Risk management can help the organization meet its objectives and improve
* cost Benefit Principle
performance. Also, the benefits of implementing a risk management process should
outweigh the costs so it can contribute.

❖ Risk management addresses uncertainty

The process should be able to identify the nature of the uncertainty so appropriate
actions can be implemented to address the risks.

❖ Risk management should be an integral part of the organization’s processes and

decision-making.

Risk management is part of the responsibilities of management and should be

included in the organization’s processes because the mere operation of an entity
exposes it to risks.

❖ Risk management should be dynamic, iterative, and responsive to change

Circumstances change so are risks. The entity should continually assess the
organization, its policies, environment and processes to identify and update the list
of potential risks to the organization.

❖ Risk management should be transparent and inclusive

Faculty: Trixcel Marie Galura AY 2024-25-2 Page 2 of 6

 Risks should be discussed with the stakeholders and/or decision makers so they
can consider the risks and make informed choices.

❖ Risk management should be tailored

Risk management should be customized according to the nature of the organization
so that the process can help the organization meet its objectives and address the
risks specific to the entity.

❖ Risk management should be continually updated and lead to the improvement of

the organization.

❖ Risk management should be based on the best available information.

❖ Risk management should take human and cultural factors into account.
The individuals internally or externally involved in the entity may help or hinder
the organization in its achievement of objectives hence the entity should create a
process to assess the capabilities and intention of these individuals.

❖ Risk management should be systematic, structured and continually reassessed.

These characteristics of risk management will contribute to efficient, consistent,
comparable and reliable results.

Process of Risk Management based on Standard ISO 31000

1. Establishing the context. This step will involve the following:
a. Listing the objectives of the organization – risk management process should
start with the organization’s objectives after all risks are controlled to help the
organization meet its objectives.
b. Understanding the entity’s external and internal environment to identify risks.
c. Plan the scope of the risk management. This may include the following
activities:
- Defining the goals and objectives of risk management.
- Determine who is responsible for risk management activities.
- Determine the method to evaluate the effectivity and efficiency of risk
management activities.
d. Determine the possible constraints to risk management activities.
e. Determine risks involved in the process and the corresponding policies that will
mitigate or eliminate the identified risks.

2. Identification of potential risks. Common methods used to identify risks are as follow:

B
a. Objective-based risk
b. Scenario-based risk
c. Taxonomy-based risk
d. Common-risk checking CRC

Faculty: Trixcel Marie Galura AY 2024-25-2 Page 3 of 6

 e. Risk-charting RC

3. Risk assessment – is the process of analyzing risks to assess the significance, impact to
the organization and the probability of the risk happening. Significant risks with higher
chances of occurring should be prioritized by management when developing risk
management policies.

Elements of Risk Management

1. Identification, checking the nature and assessment of threats.
2. Assessment how the assets of the organization will be affected by threats.
3. Determination of the risk or the likelihood of the threat occurring and the
resulting consequences.
4. Identification of ways to mitigate or eliminate the risks.
5. Prioritize risks based on the organization’s policies.

Examples of risks

I ❖ Business risk – pertains to the uncertainty of rate of return the business can
generate. This is directly connected to the entity’s financial performance which may
become uncertain depending on the circumstances like economic fluctuation,
industry changes, technological advances, changes in customer tastes, entry of new
competitors and change in the regulatory environment.

2 ❖ Default risk – possibility of the organization not being capable to pay its owners for
.

their investments. Say for instance the organization files for bankruptcy and there
may not be enough assets to pay the equity of owners.

3 ❖ Financial risk – this risk is determined by the sources of financing the organization
.

has. If all capital is financed by owners, net income will not fluctuate and will be
kept as equity for the owners, however if part of the capital is financed by creditors,
the net income will be affected by interest payments. The fluctuations in net income
causes additional uncertainty.

4
. ❖ Interest rate risk – interest rates change over time depending on market and
economic conditions. Changes in interest rates cause the value of investments to
change.

5 ❖ Liquidity risk – pertains to the uncertainty as to the ability to convert the asset or
investment into cash.

A ❖ Management risk – pertains to risks caused by the Company’s management through

their decisions, policies and governance to the owners of the organization.

Faculty: Trixcel Marie Galura AY 2024-25-2 Page 4 of 6

 7 ❖ Purchasing power risk – uncertainty brought by inflation and deflation. When there
.

is inflation (deflation), purchasing power of investors decline (increase).

inverse relationship

8 .
❖ Market risk – includes the following:
a. Product risk – the entity’s product may become obsolete and
inadequate. Also, costs of production, distribution, development and
warranty may increase.
b. Competitor risk – entry of a competitor will reduce the organization’s
market share. To keep up with the competition, the entity may also need
to incur additional costs for advertisement or reduce its selling price
and both affect the net income.

9 ❖ Operations risk – includes the following:

.

a. Delays in operations caused by faulty equipment or machinery.

b. Production process resulting to excessive waste
c. Inadequacy or obsolescence of equipment or machinery.
d. Fraud employed by management and/or employees

Potential risk treatments based on Standard ISO 31000 ARSR

❖ Avoidance
This is the entity’s avoidance of transactions that may bring risk to the entity
however by avoiding such risk, the potential gain is also not realized.

❖ Reduction
This can also be described as optimization and it pertains to the effort applied to
reduce the gravity of the loss or the likelihood of the loss happening.

❖ Sharing
Risk may be shared but this means potential gains will be reduced as well. Say for
example, you look for a business partner so that both you and the partner will share
the risks of operating a business.

❖ Retention
This means accepting the result of a risk which can either be a gain or loss. This is
the case for organizations maintaining their own insurances (self-insurance).

Importance of Risk Management

Risk management enable the entity to:
(a) Achieve its objectives.
(b) Improve profitability.
(c) Identify risks early and take appropriate actions to eliminate or reduce the risk.

Faculty: Trixcel Marie Galura AY 2024-25-2 Page 5 of 6

 (d) Help decision makers make sound decisions. Decision makers should be aware of
potential risks before making a decision.
(e) Prepare for potential risks by devising ways to minimize possible losses.

E. Assessment of Learning

For the self-regulated assessment of what you had learned from this module, please
accomplish the progress check/activity posted in our Google Classroom and submit it on or
before the due date.

F. References
Cabrera, M. B., & Cabrera, G. B. (2019). Corporate governance, business ethics, risk
management and internal control. GIC Enterprises & Co., Inc.
International Organization for Standardization. (2009). ISO 31000: Risk management -
Principles and guidelines.
https://bambangkesit.files.wordpress.com/2015/12/iso-31000_principles-guidelines-risk
-manajemen.pdf

Congratulations for having completed this module!

See you in the next module!

Faculty: Trixcel Marie Galura AY 2024-25-2 Page 6 of 6