In our last issue, we posed the following questions that we believe each quality executive should be able to answer about risk. The questions are:
- What does operational materiality mean to you?
- What is your organization’s risk appetite?
- What type of risk assurance do you require?
- To whom are risks reported?
OPERATIONAL MATERIALITY
Operational materiality relates to the importance of operations, product development, and supply management issues that may impact a company’s financials and be reportable. Generally Accepted Accounting Principles (GAAP) recommends:
“Information is material if its omission or misstatement could influence the economic decision of users taken on the basis of the financial statements.”
Why is operational materiality important? Supplier and operational risks are becoming critical and may be reportable in the financials. Operational executives should know these risks and what has to be done to mitigate them.
WHAT IS YOUR ORGANIZATION’S RISK APPETITE?
Risk appetite is the level of risk an organization, process, or project is willing to accept before controls should be implemented to reduce the risk. Risk appetite also determines the type and extent of controls that should be applied in critical operations that deal with risk and variance.
WHAT TYPE OF RISK ASSURANCE DO YOU REQUIRE?
Risk assurance is the level of confidence management has on the organization’s ability to control risks. Or, another way to express it is to determine how well problems are being solved and decisions are made based on the organization’s risk appetite.
TO WHOM ARE RISK REPORTED?
Are operational risks reported to a second level manager or are material operational risks reported to the Board of Directors? This is critical because it reflects the importance the organization puts on operational and supply management risk reporting.
We recommend supply chain, technical, cyber and operational material risks should be reported to the Board of Directors’ Audit Committee.
So, do you answers to these questions for your organization?
Bio:
Greg Hutchins PE and CERM (503.233.101 & GregH@QualityPlusEngineering.com) is the founder of:
CERMAcademy.com
800Compete.com
QualityPlusEngineering.com
WorkingIt.com
He is the evangelist behind Future of Quality: Risk®. He is currently working on the Future of Work and machine learning projects.
He is a frequent speaker and expert on Supply Chain Risk Management and cyber security. His current books available on all platform are shown below: