We published a new book: Contemporary risk management After Gobal Economic Crisis (part I)
Twenty (20) components of the 1st comparative RM standards for listed and unlisted companies
Next, not only we suggest to implement a RM form in Appendix for the above 20 elements of RM quality standards, but we also continue to propose 20 principles of a so-called good risk management system which can be used in most of companies, esp. in developing countries including Vietnam as following:
Principle 1 – The company needs to define clearly responsibilities and risk reporting lines for the assigned personnel (maybe a CRO) or RM division, with implementation forms suggested.
Principle 2 – The corporation, as a whole, and CEO as well as Board need to understand RM culture in establishing business strategies and daily business operation.
Principle 3 – A disclosure policy need to disclose RM system in a corporate governance structure
Principle 4 – RM standards not only be consistent with the applicable laws and standards, but also business practice, and ISO standards
Principle 5 – The company ensures CRO qualifications and explain how they meet the rising business demand
Principle 6 – RM reports need to identify, measure and evaluate risk and analyze causes from internal or external environment in order to propose RM policies.
Principle 7 – The corporation understands it is important to establish suitable channels and communication to gather opinions and resolve complaints from stakeholders
Principle 8 – The internal control system should be implemented with proper policies and limits of authority by Board of Directors;
Principle 9 – Corporation needs to respect RM reports not only from internal audit but also from external audits.
Principle 10 – Corporate management needs to ensure financial statement quality and transparency and facilitate effective cooperation between financial and accounting functions or divisions.
Principle 11 – Corporate management needs to ensure RM functions responding properly to needs of internal and external stakeholders, community and environment.
Principle 12 – Risk management culture need to be understood and faciliatetd by CEO and Board.
Principle 13 – Board and management understand that building a financial risk management (FRM) and enterprise risk management (ERM) and risk models is important for business operation
Principle 14 – Depending on business situation, 3 or 4 lines of risk defense are needed to build.
Principle 15 – Clear duties and roles as well as effective co-ordination among RM, internal control, internal audit, compliance and external audit are necessary.
Principle 16 – CEO and Board maintains good communication with Management, investors and stakeholders, while departments keep effective dialogues with clients.
Principle 17 – Board and mangement are in charge of efficient meetings relating to RM.
Principle 18 – Corporation ensures a Good Corporate Governance system which involves interests of not just shareholders but also include employees, customers, suppliers, the environment, and government agencies.
Principle 19 – CEO, Board and Management contribute to build RM culture and reduce risks of low productivity from group conflicts within organization;
Principle 20 – Internal and External Audit functions need to ensure reliability and transparency of financial and accounting reports.
(Source: made by main author)