AS/NZS 4360:2004, "Risk Management."
Canadian Standards Association. 1997. Q850-97 "Risk Management: Guideline for Decision-Makers."
COSO Internal Control Framework. 1992/1994. "Committee of Sponsoring Organizations of the Treadway Commission."
COSO Internal Control Framework. 2013. "Committee of Sponsoring Organizations of the Treadway Commission."
Financial Reporting Council. "Consultation Draft on Risk Management, Internal Control and the Going Concern Basis of Accounting."
Fraser, John, and Betty J. Simkins, eds. 2010. Enterprise Risk Management: Today's Leading Research and Best Practices for Tomorrow's Executives. Hoboken, NJ: John Wiley & Sons.
HB 436:2004, "Implementation Guidelines to AS/NZS 4360:2004."
HB 436:2013, "Implementation Guidelines to ISO 31000 Risk Management."
ISO 31000:2009, "Risk Management Framework."
ISO 31010:2009, "Risk Management – Risk Assessment Techniques."
ISO Guide 73:2009.
"King III Report on Corporate Governance." 2009.
Purdy, Grant. 2011. "Risk Appetite: Is Using This Concept Worth the Risk?" Broadleaf Capital International, Risk Post, NZ Society for Risk Management, September.
ABOUT THE CONTRIBUTORS
Julian du Plessis has more than eight years' financial sector experience. He is the Head of Internal Audit at AVBOB Mutual Assurance Society, a long-term insurer in the life and savings business. He joined AVBOB during 2011 as its Governance Officer. He previously worked at FirstRand Bank, one of the largest banking institutions in South Africa, as a senior risk manager starting out in the Group ERM department focusing on strategic risk management. Julian is a South African chartered accountant, and completed his professional training at Pricewaterhouse- Coopers. Julian has an MPhil (business management) master's degree obtained from the University of Johannesburg (2011), a B Compt Honors accounting degree from the University of South Africa (2000), and a B Admin (international politics) degree majoring in economics and political science from the University of Pretoria (1994).
Arnold Schanfield is a Principal with Schanfield Risk Management Advisors LLC. He is an internal audit and risk professional with diversified industry expertise, including consumer products, higher education, life sciences, manufacturing, not for profit, retail, trading companies, and higher education. He specializes in risk management implementations and has leveraged his prior experiences in internal audit, public accounting, and governance to the risk management discipline. Arnold holds an undergraduate degree (BSC) from Loyola College in Montreal and a graduate degree in public accountancy from McGill University in Montreal. In addition, he holds certifications of certified public accountant and certified internal auditor in the United States as well as a Chartered Accountant from Canada. Arnold has a passion for the risk management discipline and has used his experiences to develop seminar and training material that has been delivered to numerous companies. In addition, he comments and speaks frequently on risk management-related matters.
Alpaslan Menevse is currently the Risk Officer at Sekerbank T.A.S., which has in excess of 310 branches in Turkey. He has 28 years of experience in information systems, both as an academic and as a practitioner. In the early years of his career, he joined work groups as a team member of Business Process Management (BPM) in the manufacturing industry. During his academic career, as a computer and aeronautics engineer he was involved in several Information and Communication Technology (ICT) projects and completed his master's thesis in EUCLID RTP 11.3 artificial intelligence project of F-16 fighter jet simulator development, where he modeled pilot behaviors of risk assessments in BVR (beyond visual range) flight. He also led different sizes of local area network (LAN) and wide area network (WAN) projects during 1995-2004, specializing in business continuity and disaster recovery management.
He is a silver member of Information Systems Audit and Control Association (ISACA) and holds Certified Information Systems Auditor (CISA) and Certified in Risk and Information Systems Control (CRISC) certificates where he was one of the members of the review work group of the CRISC 2011 manual, which is the first book published in this area. He joined Sekerbank as the Internal IS Auditor and started working with AS/NZS 4360 in 2007. He is responsible for implementing ISO 31000 throughout the organization. He has a special interest in human behaviors and the human side of change management. Additionally, he is a member of the ISO 31000 TC 262 Technical Committee, United Nations Economic Commission for Europe (UNECE) – Risk Management Group (GRM) and also the chairman of the Turkish Standards Institute TS ISO 31000 MTC 132 Risk Management National Mirror Technical Committee.
Note: Authors of this case study manage the group on LinkedIn titled "Risk Management: Creating Value From Uncertainty." Any questions or comments can be forwarded either personally or as a discussion topic.