This Statement on Management Accounting (SMA) provides board members, corporate executives, and the risk, compliance, and audit professionals who support them, with a set of guidelines, best practices, and practical examples for developing and implementing an effective risk appetite statement (RAS) framework. Moreover, a maturity model is provided to help an organization assess its current state of RAS implementation, with useful benchmarks included for further development.
Establishing risk tolerance is one of the major challenges in developing an RAS framework, but it is essential to its success.
The only thing certain in business is uncertainty. The RAS framework is an essential tool for any organization that strives to pursue its business strategy while managing all of its significant risks.
Requirements of a risk appetite framework, including key concepts and definitions.
Developing an RAS, including implementation steps and ongoing refinement.
Roles and responsibilities of the board, senior management, and business and operating units.
Monitoring and reporting processes, including links between the RAS metrics at different levels of the organization.
A practical example of an RAS with illustrative metrics and risk tolerance levels by key risks.
An RAS maturity model that provides benchmarks to support self-assessment and benchmarking.