Read the chapter and pay careful attention to Appendix A: JAA Inc. Financial Statements and Appendix B: Risk Management Policy. Use this information to help you answer the following questions:
1. As you are aware, effective implementation of ISO 31000involves effective design and implementation of a risk management framework and effective implementation of the risk management processes. This will be verified by incorporation of 11 key principles. Find an example in the case for each of the 11 principles in action.
2. What characteristics do you see in the board of directors that lend themselves to a strong tone at the top and a culture that fully embraces risk management?
3. What is the linkage at JAA between the strategic objectives, context, stakeholders, and risk criteria? Support your comments with specific examples of the link in these four areas.
4. In many companies, it is typical for internal audit to itself perform a risk assessment which it will use for audit planning and execution purposes. Do you have any thoughts on what you see as the pitfalls in this? What is the ideal situation in a company?
5. How would the board of directors measure the success of their risk management?