1.  In a short sentence for each, explain the meaning of these terms:

• Risk.
• Risk management.
• Risk appetite.
• Risk capacity.

• RISK: A risk is a potential and uncertain damage in the organisation or people in the organisation, which might be caused by internal and external factors of the organisation, risks should be economical, physical, psychological, and political, risks are not always negative; sometimes risks are taken by the organisation to improve their economic or environmental situation.

• RISK MANAGEMENT: Is the process of identifying, analysing, and manage the potential risks on the organisation, it is also visualised new opportunities for the business, making sure of the advantages and disadvantages of taking risks.

• RISK APPETITE: It refers to how much risk is you willing to take on a business, every organisation has a different level of appetite, it is because of its capacity of tolerating new risks.

• RISK CAPACITY: Every organisation when identifying its risk appetite, analyses the limit of the risk that the organisation can take and how much it can actually afford, it is called risk capacity.

2.  Why should risk management policies and procedures be periodically reviewed? (100 words)

Organisations are constantly exposed to risks that are the reason why risk management and procedures should be periodically reviewed.

It is helpful for the organisation in the creation of the balance of risks standards. Also, organisations are in everyday change; it brings together the decision-making process, the incursion of the new markets, the change of the internal processes of the company and others, these processes normally generate a risk.

There are also some risks that are already existents in the business and in the process of reviewing, they can become more or less frequent, it depends on the management of the risks. When a company is gradually reviewing its risks, it can identify the gaps existents in the management. Also, it is the key to take the corrective actions to the procedures that were not undertaken.

3-    Scenario:

You work for Australia Wide Taxations Solutions—a company of 1,500 employees offering taxation services in different cities across the country. The company offers five services: personal taxation, small business taxation, corporate services, personal wealth creation, and corporate asset management.

It is working in a highly regulated and legislated industry.

You have been asked to work with the team conducting a risk assessment for the entire organisation.

How will you identify the risk management scope—what things do you need to look at? What challenges does a scope of this size pose and how would you approach the risk assessment process? (350–400 words)

To identify risk management scope, it is necessary to first, evaluate the company and how it is established, every company has different processes also different exposure to the risks.

The identification of the risk management consists of different steps, and in this case, the proposal to identify them is:

Establish the context… Monitor and evaluate

Evaluate….

Identify risks…

Evaluate risks…

Treat risks

Reduce, transfer, accept, avoid.

Is de-identification of the present risks in the company, evaluating both internal and external. It is necessary to implement a survey or questionary, in order to ask the people present in the company, including managers, employees, and all the people who surround the company in general about their opinions and perceptions about company risks, the survey is conducted to identify the worst case of risk in the organisation, therefore