Risk management





                           Risk reporting




               Risk reports now form part of UK annual reports.


               8.1   Risk reporting


               A risk reporting system would include:

                    a systematic review of the risk forecast (at least annually)

                    a review of the risk strategy and responses to significant risks

                    a monitoring and feedback loop on action taken and assessments of significant
                     risks

                    a system indicating material change to business circumstances, to provide an
                     ‘early warning’

                    the incorporation of audit work as part of the monitoring and information
                     gathering process.


               8.2   Gross and net risk

               Risk reports would show:

                    Gross risk               Assessment of risk  before the application of any
                                              controls, transfer or management responses

                    Net (residual) risk      Assessment of risk, taking into account the controls,
                                              transfer and management responses























                                                                                                       25