Best Practices in Internal Controls: Enterprise Risk Management

This case study explores what went wrong in Tesco that resulted in the fraud of accounting misstatements of the magnitude of £263 million, why the fraud remained undetected over a number of years, which resulted in catastrophic consequences for both Tesco and its stakeholders. Furthermore, it highlights the lessons learnt from this debacle in Tesco, with focus on enterprise risk management, change management, corporate governance, materiality of transactions from accounting perspective, auditors' independence, sound accounting practices, internal controls and, employees' incentives policies. Finally, while the ultimate price of these scandals is paid by the society at large - particularly stockholders who put their hard earned savings in these institutions just on the basis of their trust on them - and while such scandals are often attributed to gaps in internal controls and auditors' negligence, this study concludes that, whatever controls are put in place or whatever accounting and reporting standards are set, if the people who are the part of system themselves decide to bypass the control systems, it is next to impossible to prevent such fraudulent activities. This case study has been prepared for educational purposes based on public available sources such as newspapers, magazines, websites and other referred articles.

Download Full-text

Enterprise Risk Management Best Practices for Improvement Financial Performance in Manufacturing SMEs in Cameroon

International Journal of Management Excellence ◽

10.17722/ijme.v8i3.325 ◽

2017 ◽

Vol 8 (3) ◽

pp. 1004 ◽

Cited By ~ 1

Author(s):

Mbiki Mamai ◽

Song Yinghua

Keyword(s):

Risk Management ◽

Best Practices ◽

Financial Performance ◽

Enterprise Risk Management ◽

Enterprise Risk

Download Full-text

Enterprise Risk Management Best Practices

10.1002/9781118386699 ◽

2011 ◽

Cited By ~ 3

Author(s):

Anne M. Marchetti

Keyword(s):

Risk Management ◽

Best Practices ◽

Enterprise Risk Management ◽

Enterprise Risk

Download Full-text

Using Identity Theft To Teach Enterprise Risk Management Make It Personal!

Journal of Business Case Studies (JBCS) ◽

10.19030/jbcs.v4i6.4787 ◽

2008 ◽

Vol 4 (6) ◽

pp. 43-50 ◽

Cited By ~ 1

Author(s):

Norma C. Holter ◽

W. Michael Seganish

Keyword(s):

Risk Management ◽

Balanced Scorecard ◽

Identity Theft ◽

Internal Controls ◽

Enterprise Risk Management ◽

Organizational Strategies ◽

Business Policy ◽

The Balanced Scorecard ◽

Real Risk ◽

Enterprise Risk

This article introduces an innovative way to teach the Enterprise Risk Management (ERM) Integrated Framework (as developed by COSO), while at the same time informs the student of a real personal risk -- identity theft. This example of assessing and managing a real risk will enhance the students understanding of risk management, thereby increasing the skill set of the student. The student who gains an understanding of the ERM concepts can then apply this tool to all of the disciplines of business. The ERM framework can be tailored to any discipline, as shown by the following examples: presented in connection with the Balanced Scorecard; evaluating different organizational strategies in a Business Policy class; case analysis in Management or Marketing (particularly a new product or new market); in an Auditing class with discussion of internal controls; in Finance to evaluate the decision to invest in derivatives or capital project, and in an Entrepreneurship class.

Download Full-text

Adoption of enterprise risk management (ERM) in small and medium-sized enterprises: evidence from Malaysia

Journal of Accounting & Organizational Change ◽

10.1108/jaoc-11-2020-0181 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Consilz Tan ◽

Su Zy Lee

Keyword(s):

Risk Management ◽

Best Practices ◽

Business Environment ◽

Risk Tolerance ◽

Enterprise Risk Management ◽

Risk Governance ◽

Success Factor ◽

Content Type ◽

Enterprise Risk ◽

Risk Appetite

Purpose The critical success factor of enterprises is the ability to identify risks and subsequently adapt to the ever-changing technology, as well as the business environment. This paper aims to investigate the top risks faced by small and medium-sized enterprises (SMEs). In the meantime, this paper outlines the perspectives on enterprise risk management (ERM)-based best practices and the adoption level of ERM practices in SMEs. Design/methodology/approach A mixed methodology was used to collect a comprehensive understanding of the adoption of ERM, especially in SMEs. The research is based on cross-sectional questionnaires and collected from risk practitioners in Malaysia. Detailed analysis of the top risks and best practices presented in this paper to identify the developments of risk management in changing organizations. This study used chi-square tests to examine the distribution of the adoption of the ERM programme using risk and insurance management society risk maturity model attributes. Logit regression was used to test the association of ERM efforts with the probability of adopting/considering ERM practices. Findings The findings indicated that business interruption risk and economic slowdown risk are the major concern for companies in Malaysia. A business continuity plan was found to be the most common risk management practice. Efforts such as the establishment of a risk management team and the development of risk appetite and/or risk tolerance statements in an organization are associated with the probability of adopting/considering ERM practices. Research limitations/implications This paper helps to identify challenges of implementing risk governance and management in SMEs that shed light on the regulatory setting which we rather know a little about its impacts. Originality/value There are limited studies conducted in emerging countries on ERM and the application of the ERM framework in SMEs. Prior research studies are mostly generalized and lack details of risk management strategies applying to specific risks. This paper successfully examined the low maturity level of ERM practices and how SMEs in Malaysia managed those risks that emerged in their organizations.

Download Full-text

An enterprise risk management knowledge-based decision support system for construction firms

Engineering Construction & Architectural Management ◽

10.1108/ecam-03-2015-0042 ◽

2016 ◽

Vol 23 (3) ◽

pp. 369-384 ◽

Cited By ~ 11

Author(s):

Xianbo Zhao ◽

Bon-Gang Hwang ◽

Sui Pheng Low

Keyword(s):

Risk Management ◽

Decision Support ◽

Best Practices ◽

Support System ◽

Enterprise Risk Management ◽

Action Plans ◽

Content Type ◽

Construction Firms ◽

Knowledge Based ◽

Enterprise Risk

Purpose – The purpose of this paper is to develop a knowledge-based decision support system for enterprise risk management (KBDSS-ERM) for Chinese construction firms (CCFs) to facilitate their ERM implementation. The specific objectives of the KBDSS-ERM are: first, assess the ERM maturity in a CCF; second, visualize the ERM maturity assessment results; third, provide action plans for improving the ERM implementation along the maturity continuum; and finally, generate a printable ERM maturity assessment report. Design/methodology/approach – Microsoft Visual Studio 2010 was used to develop the KBDSS-ERM. Based on literature review and structured interviews, 191 action plans for improving ERM implementation were identified and included in the knowledge base. A fuzzy ERM maturity model, including 16 maturity criteria and 66 best practices, was embedded into the KBDSS-ERM. A total of ten experts from ten different CCFs, who were not involved in the survey or the development of the action plans, were invited to validate the KBDSS-ERM. Findings – The validation results indicated that the results of the KBDSS-ERM were consistent with the expert judgments, and that the KBDSS-ERM had the accuracy ranging from 92.9 to 83.7 percent in assessing the maturity criteria and the overall ERM maturity of CCFs. In addition, the experts recognized the KBDSS-ERM as being a robust, convenient and useful tool for ERM implementation in CCFs. Research limitations/implications – First, the maturity criteria and ERM best practices that were identified in this study may not be exhaustive even though close attention was paid in the research methodology adopted to circumvent this risk. Additionally, as the applicability of the best practices and the importance of the maturity criteria were checked in the context of CCFs, one should be cautious when the KBDSS-ERM is being applied in other construction firms outside of the CCFs domain. Practical implications – Using the KBDSS-ERM, the management can clearly understand its ERM implementation as well as the strengths and weaknesses, and obtain the action plans recommended by the KBDSS-ERM. Thus, with the information from the KBDSS-ERM, the management would make better decisions relating to ERM. In addition, while using the KBDSS-ERM, the staffs need to read the ERM best practices, which allows them to learn the ERM fundamentals and produce practical or innovative ideas relating to ERM. Thus, the KBDSS-ERM would contribute to the organizational learning of companies. Originality/value – The primary contribution is the provision of 191 specific action plans that could be followed to enhance ERM practice. These action plans are arguably the first to be presented for the construction industry and therefore add to existing knowledge of ERM, now embedded in the KBDSS. In addition, the KBDSS-ERM is also the first computerized ERM tool developed specifically for construction firms. Although the KBDSS-ERM is primarily designed for CCFs, the implications of this study are not limited to CCFs because researchers and practitioners could adopt the research method of this study to develop KBDSSs for other construction firms.

Download Full-text