Mitigating Business Risks: An Example of Risk Management
The purpose of this questionnaire is to help boards and management think about how they can develop a deeper knowledge of the risk oversight and risk management processes, understanding both the current state and desired future state.
Sample questions include: Is the board satisfied with the risk reports it receives from management and has it considered how those reports can be improved to meet its needs? Does the board periodically evaluate the effectiveness of its risk oversight process to ascertain whether any enhancements are needed? Does the board understand, and appropriately challenge, the organization’s strategy and its underlying assumptions and inherent risks?