ca final - ssei.co.in...3.1 sources for identification of risks (internal/external – brief list...
TRANSCRIPT
-
CA FINAL
PAPER 6A : RISK MANAGEMENT
PREPARATION GUIDELINES
AND
MAPPING SHEET
-
CA Final - Paper 6A–Risk Management
Exam Day Guidelines
Time Allocation –
Choice of Case Study– always read the questions to the case study first and then make your choice in the following order ofpreference -
i. Repeated case study –case studies you have already solved earlier (RTP/Mock Test/Class or any other source)
ii. General Questions oriented case study – wherein questions asked are straightforward and unrelated to the write-up and thusanswers to these can be predictable and easily found in the ICAI study material
iii. Practical Questions oriented case study – answers to these are calculation based and thus easy to solve
iv. Case studies with fragmented questions – i.e., case studies with 4-5 sub questions and mark distribution which will guide youranswers
i. Reading time – make your selection by eliminating the one case study you are not willing to attempt given the nature and marks(discussed below). Once the 4 case studies to be attempted have been chosen, use the remaining reading time to find answers toMCQs/other questions.
ii. Exam duration - 1 hour for all MCQs + 45 minutes each for 4 case studies
vi. Choice by MCQs – In the event that you are unable to choose between 4 case studies (15 marks), choose the one where you arelikely to secure the higher MCQ score.
v. Case studies with open ended 15-mark reports – these case studies are tough to attempt since they are very vague in terms ofmarks scheme/requirements and hence ideally should be avoided. In case you are required to attempt these try to stick to theformat used by ICAI in its suggested answers.
-
Solving the case studies -always read the questions first – questions can be of 3 types and solved in this order –
i. Practical involving calculations – should be solved carefully while avoiding silly mistakes, refer questions solved in class ifrequired.
ii. General questions unrelated to the write-up – find exact answers to these in the ICAI Study Material – try to copy the same withno diversion while still staying relevant to case study to ensure maximum adherence to ICAI answers.
iii. Particular to the write-up – try to solve these by application of all resources available, i.e., take cues from the write-up to findrelevant chapter/terms, use language and information given in the study material/suggested answers, add your ownanalysis/measures where required
iv. Solve MCQs – these should be solved by finding the exact reference in the material to score full marks in all questions whileensuring no silly mistakes are made.
-
1
ca finalPAPER 6A - RISK MANAGEMENT – CONTENTS
SerialNo. CHAPTER 1 : INTRODUCTION TO RISK
StudyMAT
ClassNotes
1 INTRODUCTION & DEFINITIONS 1.11.1 ICAI Guide on RBIA (meaning of risk, business risk, frog in the well syndrome) 1.2
ICAI Standard on Internal Audit, SA 315 – table of definitions of risk 1.5Financial Risks 1.7
1.2 Occupational Health & Safety Advisory Services (OHSAS) 1.71.3 Classification of Business Risk (Internal & External / Controllable & Uncontrollable) 1.101.4 Risk Categories by COSO (Operations, Financial Reporting, Compliance) 1.111.5 Inherent Risk and Residual Risk 1.111.6 ICAI’s Standard of Internal Audit (Risk Classification as per ERM)(Open Group–effect, frequency) 1.111.7 Open Group Standard 1.121.8 ICAI Guide on Risk Based Internal Audit (RBIA) (Likelihood, Consequence, Risk score) 1.132 RISK & UNCERTAINTY (Distinction, define risk attitude, appetite and tolerance and VUCA) 1.143 CLASSIFICATION OF RISKS 1.16
3.1 Nature of Risks (can be opportunities or threats) 1.163.2 Categorization of Risks (as per Paul Hopkins- hazard(pure), control, opportunity),
(Pure, fundamental, particular, dynamic, control, speculative risk)1.16
4 TYPES OF RISKS 1.18(Internal & External / Controllable & Uncontrollable) table given 1.19Financial risk, Credit risk, Liquidity risk, Market risk, Operational Risk, Strategic Risk, Compliance Risk,Regulatory Risk, Reputation risk, Legal risk, Interest rate risk, Foreign exchange risk, Managementrisk, Staffing risk, Technology risk, Business continuity risk, Information (data security) risk, Countryrisk, Fraud risk, Price risk, Process risk, Security Risk , Governance risk, Safety risks
1.19-1.22
-
2
SerialNo. CHAPTER 2 : SOURCE AND EVALUATION OF RISKS
StudyMAT
ClassNotes
1 IDENTIFICATION AND SOURCES OF RISKS 2.11.1 Risk identification is the initial step in the process of risk management 2.11.2 Risk identification sets out to identify an organisation’s exposure to uncertainty 2.21.3 Additional objective information can be provided by persons outside the team 2.42 QUANTIFICATION OF RISK AND VARIOUS METHODOLOGIES
(Risk Assessment, Risk Measurement, Risk assessment, Risk quantification)2.4
2.1 Qualitative Risk Assessment 2.59 grid matrix table 2.6
2.2 Quantitative Risk Assessment (decision tree example) 2.62.3 Tools and Techniques for Risk Quantification (expert judgment, delphi approach, scoring, Simulation etc) 2.72.4 Other Business Risk Measurements 2.92.5 Outputs from Risk Quantification 2.93 RISK IDENTIFICATION AND ASSESSMENT APPROACHES (16 techniques given like WIFT, FTA, Bow Tie) 2.10
ICAI guide on Risk Assessment – questions and purpose for risk evaluation 2.133.1 Sources for Identification of Risks (internal/external – brief list set out), SWOT Analysis Table 2.143.2 High Value Threats & Risk Analyzed (for Mumbai City case study) 2.173.3 Global Risk Outlook (World Economic Forum) 2.183.4 Risk Identification and Root Cause Analysis 2.193.5 Use of specific tools to identify risk (PESTLE Analysis) 2.203.6 Risk Treatment Options (table given – avoid/reduce/transfer/accept), (insurance, outsource, SLAs) 2.204 IMPACT OF BUSINESS RISK 2.22
3 imp tables given – likelihood, consequence, risk rating 2.255 IDENTIFY AND ASSESS THE IMPACT UPON THE STAKEHOLDERS INVOLVED IN BUSINESS RISK
(internal/external)2.26
-
3
SerialNo. CHAPTER 2 : SOURCE AND EVALUATION OF RISKS (contd...)
StudyMAT
ClassNotes
6 ROLE OF RISK MANAGER AND RISK COMMITTEE IN IDENTIFYING RISK 2.296.1 Role of Risk Manager (CRO) (15 tasks) 2.306.2 Role & Responsibility of Risk Management Committee (10 roles, 19 responsibilities) 2.306.3 IBM Case Study – Role of Risk Management Function 2.326.4 Principles for Effective Implementation of RM recommended by OECD 2.33
SerialNo.
CHAPTER 3 : RISK MANAGEMENTStudyMAT
ClassNotes
1 CONCEPT OF RISK MANAGEMENT (famous views on risk and risk management) 3.11.1 Risk Attitude, Appetite, and Tolerance 3.31.2 Determining Risk “Appetite” 3.31.3 Risks appetite – Principles &Approach (5 key principles underpinning risk appetite) 3.42 OBJECTIVES AND PROCESS OF RISK MANAGEMENT 3.5
2.1 Objective of risk management (common objectives, risk management cycle) 3.52.2 Step by Step process of Risk Management (5 steps table) 3.6
(ISO 31000 Risk Management Checklist- Risk architecture, strategy, protocols) 3.83 IMPORTANCE OF RISK MANAGEMENT 3.94 RISK MANAGEMENT TECHNIQUES (Tolerate, Transfer, Terminate, Treat) 3.115 RISK MANAGEMENT CASE STUDIES (4 case studies given) 3.12
-
4
SerialNo.
CHAPTER 4 : EVALUATION OF RISK MANAGEMENT STRATEGIESStudyMAT
ClassNotes
1 RISK MANAGEMENT STRATEGY ALIGNMENT WITH BUSINESS STRATEGY 4.11.1 Alignment of risk with strategy 4.21.2 Case Example – Risk Management at core of Business Strategy – Unilever Code of Business Principles 4.41.3 Integrating Risk in the Strategic Planning Process 4.41.4 Integrating Risk with Performance 4.52 INTERNAL CONTROL ENVIRONMENT AND LINKAGES WITH RISK MANAGEMENT 4.53 RISK CULTURE AND ATTITUDES TO RISK MANAGEMENT 4.7
3.1 Risk Culture 4.73.2 Case Example – Risk Culture Development – Risk Focus Integrity 4.8
3.2.1. Supporting our Culture of Integrity 4.83.2.2 Integrity Leaders 4.9
4 INTEGRATED RISK REPORTING AND STAKEHOLDER RESPONSIBILITIES 4.94.1 Organisational Overview and External Environment (Organisational Overview, External Environment) 4.104.2 Governance 4.124.3 Business Model (Inputs, Business Activities, Outputs, Outcomes) 4.124.4 Risks and Opportunities 4.134.5 Strategy and Resource Allocation 4.144.6 Performance 4.144.7 Outlook 4.154.8 Basis of Preparation and Presentation 4.155 RISK & OPPORTUNITY REPORTING 4.15
SEBI (Listing Obligations and Disclosure Requirements) Regulations 2015 4.176 IT RISK MANAGEMENT – DISASTER RECOVERY 4.18
6.1 Disaster Recovery Plan 4.186.2 Testing the Disaster Recovery Plan 4.20
-
5
SerialNo.
CHAPTER 5 : RISK MODELStudyMAT
ClassNotes
1 VALUE AT RISK (VAR) 5.11.1 Calculating VAR (Conversions, Parameters - guidance) 5.21.2 VAR Methods (Delta Normal, Full Revaluation – Historical/Bootstrap/Monte Carlo) 5.41.3 Coherent Risk Measures (Subadditivity/Homogeneity/Monotonicity/Risk-free) 5.51.4 Expected Shortfall 5.61.5 Limitations of VAR (4) 5.72 STRESS TESTING 5.7
2.1 Role of Enterprise wide Stress Testing(Binding Constraint, Management attention, Intuition, Transparency, Consistency)
5.8
2.2 Applications of Stress Testing (Risk Reporting/Strategic Planning/Risk Appetite/Limits) 5.82.3 Stress Test Process 5.103 SCENARIO ANALYSIS 5.11
3.1 Categories of Stress Scenarios (Normal/Severe/Near-Default/Reverse or Stress to Default) 5.113.2 Scenario Selection 5.123.3 Drawbacks of Scenario Analysis 5.123.4 Basel Committee on Banking Supervision (BCBS) (21) Principles for Stress Testing 5.134 COUNTRY RISK 5.14
4.1 Types of Country Risk (Political, Financial and Economic) 5.154.2 Country Risk Management Process 5.164.3 Country Risk Assessment Tools (Qualitative & Quantitative – table of 6 tools) 5.16
-
6
SerialNo.
CHAPTER 6 : CREDIT RISK MEASUREMENT AND MANAGEMENTStudyMAT
ClassNotes
1 UNDERSTANDING CREDIT RISK 6.11.1 Two Way Risk 6.21.2 Risk – Return Trade Off (4 decisions in context of credit risk calls) 6.21.3 Credit Risk in Capital Market 6.22 COMPONENTS OF CREDIT RISK (Default, Exposure, Recovery Risks – Collateral & Third party) 6.23 MEASUREMENT OF CREDIT RISK IN BANKING TRANSACTIONS AND FACTORS AFFECTING THE CREDIT RISK 6.3
3.1 Measurement of Credit Risk in Banking Transactions 6.33.2 Factors Affecting the Credit Risk (Internal and External factors) 6.44 TYPES OF CREDIT FACILITIES 6.4
4.1 Fund Based Facilities (Personal/Mortgage/Working Capital/MPBF Tandon Committee etc.) 6.54.2 Non Fund Facilities (Bank Guarantee/Letter of Credit) 6.75 CLASSIFICATION OF ASSETS (Standard/Sub-Standard/Doubtful/Loss Assets) 6.76 EVALUATING CREDIT RISK (6 ground rules to assess credit risk of customers) 6.87 MITIGATING CREDIT RISK 6.9
7.1 Identification of Credit Risks 6.97.2 How Credit risk is Mitigated (Basel II – Funded/Non-funded), 6.10
(3 approaches – Standardized, Internal Rating, Credit Risk Mitigation), (Other techniques) 6.118 QUALITATIVE TECHNIQUES OF CREDIT RISK MANAGEMENT 6.12
8.1 Borrower / Transaction specific risk management (5 C’s of Credit) (CDD for Retail, wholesale) 6.138.2 Credit Rating Scales (agencies, scales) 6.158.3 Portfolio Risk Management (mechanism for Retail/wholesale) (SMA account sub-categories) 6.178.4 Credit Risk Rating Process 6.188.5 Credit Loss Estimation (Expected Loss, Unexpected loss) (PD,LGD,EAD) 6.19
8.5.1 Estimation of Probability of Default (PD) (Pooling method, Statistical method, Structural method) 6.208.5.2 Estimation of Loss Given Default (Cyclical LGD, Long-run LGD, Downturn LGD) 6.21
-
7
SerialNo.
CHAPTER 6 : CREDIT RISK MEASUREMENT AND MANAGEMENT (contd...)StudyMAT
ClassNotes
8.6 Credit Default Swaps (including RBI guidelines) 6.218.7 Credit Insurance 6.248.8 Difference between Credit Insurance and Credit Default Swaps 6.248.9 Other Qualitative Techniques of Credit Risk Management
(covenants, collateral, structure, sell-down syndication, etc.)6.25
9 QUANTITATIVE TECHNIQUES OF CREDIT RISK MANAGEMENT 6.269.1 Altman Z Score 6.269.2 Risk Adjusted Returns / Capital
(Alpha, Beta, Sharpe Ratio, R squared, RORAC, VaR, Economic Capital, RAROC)6.28
9.3 Ratios and Financial Assessment (Financial Statement, Cash Flow, Working Capital Analysis) 6.3110 CREDIT SCORING MODELS 6.33
10.1 What is a Credit Scoring Model? 6.3310.2 Types of Credit Scoring Model (FICO, Vantage, PLUS, Experian Equivalency, Equifax) 6.34
-
8
SerialNo.
CHAPTER 7 : RISK ASSOCIATED WITH CORPORATE GOVERNANCEStudyMAT
ClassNotes
1 EVALUATION OF RISK ASSOCIATED WITH GOVERNANCE (Governance Risk) 7.1(Sound Governance Practices by FSB – BOD, Risk Committee, Audit Committee CRO) 7.2
2 THE RISK MANAGEMENT FUNCTION (CRO, Risk Appetite Framework (RAF), (RAS), risk limits) 7.53 INDEPENDENT ASSESSMENT OF THE RISK GOVERNANCE FRAMEWORK (RM Framework policy statement) 7.6
3.1 Entity’s Risk Assessment Process with respect to Financial Reporting (ICAI GN on IFC) 7.63.2 Role of Risk Assessment with respect to Financial Reporting 7.73.3 Risk Based Internal Auditing (RBIA) 7.83.4 Audit Risk & Sampling 7.94 RISK MANAGEMENT DISCLOSURES IN INDIA 7.9
4.1 Indian Scenario (Indian Companies Act, SEBI LODR) 7.94.2 Risk Management Disclosures – Global Scenario (SEC via MD&A, COSO, IRF, IFAC) 7.124.3 Risk Management Disclosures – A Global Case Study 7.134.4 Risk & Opportunity Disclosures – An Indian Example 7.145 DESCRIPTION AND EVALUATION OF FRAMEWORK FOR BOARD LEVEL CONSIDERATION OF RISK 7.16
5.1 Corporate Risk Management 7.175.2 Risk Management Frameworks, Approaches and Techniques (questions to be raised by the Board) 7.185.3 Striking the Right Balance in Action and Reaction 7.206 OECD GUIDELINES (PRINCIPLES) FOR CORPORATE GOVERNANCE 7.20
6.1 Ensuring the basis for an effective corporate governance framework 7.216.2 The rights and equitable treatment of shareholders and key ownership functions 7.216.3 Institutional investors, stock markets, and other intermediaries 7.216.4 The role of stakeholders in corporate governance 7.216.5 Disclosures and Transparency 7.216.6 The responsibilities of the board 7.22
-
9
SerialNo.
CHAPTER 8 : ENTERPRISE RISK MANAGEMENTStudyMAT
ClassNotes
1 DEFINITION AND SCOPE OF ENTERPRISE RISK MANAGEMENT 8.12 IMPLEMENTING ERM (COSO definition of ERM, ERM policy, Risk Register) 8.33 TECHNIQUES OF ENTERPRISE RISK MANAGEMENT
(ISO 31000 SUGGESTS KEYS TO ERM IMPLEMENTATION) (7 keys to implement ERM)8.4
4 RISK MATURITY OF AN ORGANIZATION (levels table – naïve, aware, defined, managed, enabled) 8.65 PROCESS OF ENTERPRISE RISK MANAGEMENT AND INTERNAL AUDIT (Lifecycle of RM) 8.86 STAKEHOLDER VALUE CREATION BY ENTERPRISE RISK MANAGEMENT 8.8
-
10
SerialNo.
CHAPTER 9 : OPERATIONAL RISK MANAGEMENTStudyMAT
ClassNotes
1 INTRODUCTION 9.11.1 What is Operational Risk? 9.11.2 Why does operational risk originate? 9.22 RELEVANCE OF OPERATIONAL RISK (Companies Act, SA 315, Clause 49, ICAI GN, SOX, ISO) 9.23 OPERATIONAL RISK MANAGEMENT GOVERNANCE 9.5
3.1 Operational Risk Management Policy 9.53.2 Operational Risk Management Committee (ORMC) 9.63.3 Lines of Defence (3 lines of defence) 9.73.4 Effective policy framework (Entity Level Policies, Departmental Policies) 9.93.5 Process notes / Standard Operating Procedures (SOP) 9.94 RISK IDENTIFICATION AND RISK-TYPES 9.10
4.1 Definition of RCM and RCSA 9.104.2 Description of the Inherent Risk 9.10
Op Risk Types - Regulatory, Financial, Financial Reporting, Legal, Reputation, Fraud, External 9.114.3 Risk Grading / Rating (table of 7 parameters) (impact/probability – HIHP,HILP,LIHP,LILP) 9.124.4 Residual risk and Rating/Grading 9.145 UNDERSTANDING OF CONTROLS (11 categories) 9.156 RISK CONTROL SELF-ASSESSMENT (RCSA) (indicative table) 9.177 TECHNOLOGY RISK (8 issues) 9.178 KEY RISK INDICATORS AND SCENARIO ANALYSIS 9.219 BUSINESS CONTINUITY PLAN 9.21
9.1 Business Impact Analysis (BIA) 9.229.2 Functional Recovery Plan (FRP) 9.2310 OUTSOURCING RISK 9.2511 CYBER RISK AND INFORMATION SECURITY CONTROLS (malevolent attack, ransomware, phising, etc) 9.25
-
11
SerialNo.
CHAPTER 9 : OPERATIONAL RISK MANAGEMENT (Contd....)StudyMAT
ClassNotes
12 OPERATIONAL LOSS DATA MANAGEMENT (table event category wise given) 9.2812.1 Identification 9.3112.2 Quantification 9.3112.3 Reporting (indicative table given) 9.3212.4 Corrective action 9.3213 BUSINESS ANALYTICS AND ARTIFICIAL INTELLIGENCE 9.32
13.1 Machine Learning 9.3313.2 Analytics – Risk Management Applications 9.3413.3 Artificial Intelligence 9.3513.4 Distributed Ledger Technology 9.3514 INSURANCE 9.36