Reputation and the Business Model Flashcards Preview

IRMCert Mod 2 - Unit 5: Risk Assurance & Reporting > Reputation and the Business Model > Flashcards

Flashcards in Reputation and the Business Model Deck (18):

Why is it useful for org's to have a good understanding of the business model?

Understanding operational and compliance core processes allows for SWOT analysis risk assessment to be undertaken.


What are the CORES components of the business model?

CUSTOMER: Analysis of customer segments, recruitment/retention, delivery of products/service

OFFERING: Customer value proposition and benefits delivered to customer

RESOURCES: Data, capability and assets, partnerships and networks

ETHOS: Ethics and values, people, culture, leadership, governance

SUSTAINABILITY: Costs involved in delivering the offering and revenue streams that result


The CORES components can be risk assessed to identify improvements using the corporate social responsibility EM3 approach. What is EM3?

Embrace strategic risks
Manage tactical risks
Mitigate operational risks
Minimise compliance risks


How can good standards in CSR positive reputation achieve benefits?

- protecting and enhancing brand and trust
- attracting and motivating talent, retention.
- managing and mitigating risk
- improving operational cost and efficiency
- license to operate
- new business opportunities
- more secure and prosperous environment


What is the European Commission definition of CSR?

"The concept that an enterprise is accountable for its impact on all relevant stakeholders.

The continuing commitment by business to behave fairly and responsibly and contribute to economic development...

while improving the quality of life of the workforce and their families as well as the local community and society at large."


What CSR issues may be subject to risk assessment?

- Health and safety programme
- Employee environment and prof. development
- Customer value for money, quality service/product
- Environmental impact
- Supplier standards, worker welfare and environmental practices
- Community engagement through supporting non-political projects, orgs and charities
- Products/services that don't cause harm, death, social disruption, hardship


Give an example of how a hazard risk identified as part of CSR risk assessment can be turned into an opportunity?

Identifying and addressing poor working conditions for farmers can lead to increased value when company adopts 'fair trade' standard.


Why is it important to consider the public view of an org's CSR?

- public may be ahead of the org in the direction of travel, leading to emergence of risk

- unwanted stakeholders focussed on CSR are nevertheless stakeholders and concerns should be addressed e.g. Greenpeace


Through what practices can illegal or unethical trading in the supply chain damage reputation, reduce profit and impact customer/supplier relations?

- failure to comply with rules/regs
- trading with undesirable overseas governments
- excessive payments to political parties
- tax evasion or dubious tax arrangements
- inappropriate criticism of competitors
- false allegations about competitors
- unethical alliances with competitors
- socially unacceptable working conditions
- poor quality good/services


How might an org protect against illegal unethical supply chain/trading arrangements?

- policy on ethical behaviour of suppliers
- contractual terms and conditions of manunfacture
- statement to authorisation required before manufacturers can sub-contract
- details of staff training, accident/absence rates, pay/conditions
- results of audits/inspections of manufacturing premises


How might an organisation that doesn't have full public support (e.g. gambling) strengthen its value?

CSR policy



What might annual reports and accounts include with regards to CSR?

Conformity with standards

Added value through CSR activities


What asset is seen as the most valuable for organisations?



What are the CASE components of reputation?


Does the org have clear purpose and the commitment, vision, capabilities and resources to deliver that purpose?


Which sector and what activities does the org undertake and does it have the financial resources and stability to support those activities?


What range of products does the org offer and what are the standards of quality, delivery, support, execution, innovation and investments?


Does the org adhere to appropriate CSR, integrity, values and governance, and continuously monitor performance to learn and achieve improvements?


What are the threats to the CASE components of reputation?


- failure to explain to stakeholders that the org recognises its purpose
- failure to have adequate resources to ensure governance and delivery of quality service/products


- adverse publicity for the sector
- weak finances reducing customer base


- insufficient innovation so customers go elsewhere
- reduced quality of product/service, customer service


- poor CSR indicating unacceptable values
- failure to deal with customer complaints appropriately and with integrity


Who established the risk reporting framework within an org?

Risk Manager


What information should be presented to the board as a standing agenda item in order for them to make decisions on cost-effective controls?

Risks identified and their materiality

Control options with cost and effect info


What specific reports might be reported to the board to inform decision-making?

- staff turnover rates
- new legal cases
- significant cost to assets
- injury to employees
- product fault rates
- loss of business
- complaints
- sales figures