- This topic has 1 reply, 2 voices, and was last updated 11 months ago by Kim Smith.
- You must be logged in to reply to this topic.
” The risk assessment process
The risk assessment process forms the basis for how management determines the business risks to be managed.
If the client has robust procedures for assessing the business risks it faces, the risk of misstatement overall will be lower.”
Dear professor, I don’t get how lower business risk will equal to lower RoMM?
One of the five components of internal control is the ENTITY’s risk assessment process – i.e. the means by which it identifies, assesses and MANAGES risks. To manage risk will require the entity to have controls in place.
You’re probably too young to remember but Nick Leeson became a household name as the “rogue trader” who brought down Barings Bank. Basically, management/the directors had no understanding of the risks involved in the bank’s dealings (in futures and derivatives – you don’t need to know any of this for AA – it’s just the concept I’m trying to illustrate) – transactions that were entered into by Leeson. If the bank had been aware of the risks involved, there would have been controls put in place (e.g. authorisation/approval and segregation of duties) to ensure that the bank could not be exposed to the risk of losses that brought about the bank’s collapse.