ASSESSING RISK MANAGEMENT CONTROLS
When assessing controls, it is helpful first to differentiate the controls identified into their various types (see also Chapter 7, Risk management and indicators, for a further use of different types of controls). This enables the firm to assess whether it has a balance of the different types of controls or whether it has a number of, for example, detective and corrective controls but lacks directive and preventative controls. With this imbalance, a firm will be unlikely to prevent a risk from occurring, but may be well-placed to minimise the impact of a risk when it does occur. An example of such a risk would be an external event beyond the firm’s management influence, such as flooding or a terrorist attack. ...
Get Mastering Risk Management now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
