the importance of risk analysis and management, and corporate governance
DESCRIPTION
TRANSCRIPT
1 © Atul Kuver 2011
Commercial Accountability Challenges in a Global Environment
The Nature and Relevance of Risk
The Importance of Risk Analysis and Management, and
Corporate Governance
Atul Kuver
February 2011
2 © Atul Kuver 2011
Executive Summary
Qantas operates in an industry that focuses on high availability, safety, has low
margins, intense competition and is vulnerable to external and internal business
shocks. Reputation and branding, and safety can be considered to be part of Qantas’
strategic and operational objectives. Failure in either area can have serious
consequences for Qantas.
This report examines the nature and relevance of risk, the importance of risk analysis
and management and corporate governance within the context of accountability
frameworks. Risk management, the implementation of risk analysis and risk
management systems with reference to the COSO ERM Framework are discussed.
Qantas’ risk management systems are compared with the COSO ERM Framework to
assess how Qantas manages reputation and branding, and safety risks. The
comparison indicates that the Qantas risk management structure closely follows the
COSO ERM Framework that support its strategic, operational, reporting and
compliance objectives.
The Qantas approach to Corporate Governance as documented in their Corporate
Governance Statement (Qantas 2010) is compared and contrasted with the approach
recommended in the ASX Corporate Governance Principles and Recommendations
(ASX 2007) and the Kiel and Nicholson model (Kiel & Nicholson 2002). The review
shows the Qantas approach is aligned with the ASX Corporate Governance Principles
and Recommendations (ASX 2007). The Qantas approach also satisfies the structure
and process of the Kiel and Nicholson model. Alignment of the ASX (2007) principles
as approached by Qantas with the Kiel and Nicholson model shows that the Qantas
Board accepts responsibility for the key functions regarding Corporate Governance.
3 © Atul Kuver 2011
Table of Contents
Executive Summary ................................................................................................... 2
1 Introduction ...................................................................................................... 4
2 Nature and relevance of risk to corporate accountability................................... 4
3 Risk Management .............................................................................................. 5
3.1 ‘Risk-Silo’ Mentality versus the Holistic Approach to Risk ............................ 5
3.2 Drivers of Risk Management ....................................................................... 6
3.3 Deficiencies in Risk Management ................................................................ 7
4 Implementation of Risk Analysis and Risk Management Systems ....................... 8
4.1 COSO Enterprise Risk Management Framework .......................................... 8
4.2 Managing Reputation and Branding Risk, and Safety Risk at Qantas .......... 12
4.2.1 Internal Environment ......................................................................... 13
4.2.2 Objective Setting ................................................................................ 13
4.2.3 Event Identification ............................................................................ 13
4.2.4 Risk Assessment ................................................................................. 13
4.2.5 Risk Response .................................................................................... 14
4.2.6 Control Activities ................................................................................ 14
4.2.7 Information and Communication ....................................................... 14
4.2.8 Monitoring ......................................................................................... 14
5 Corporate Governance .................................................................................... 14
5.1 Kiel and Nicholson Model .......................................................................... 14
5.2 ASX Principles of Good Corporate Governance .......................................... 16
5.3 Qantas Corporate Governance Statement ................................................. 16
5.3.1 Alignment with ASX Principles 2007 ................................................... 16
5.3.2 Alignment with the Kiel and Nicholson Model .................................... 17
5.4 Corporate Governance within the Context of Accountability Frameworks . 20
6 Conclusion ....................................................................................................... 21
References .............................................................................................................. 23
4 © Atul Kuver 2011
1 Introduction
This report examines the nature and relevance of risk, the importance of risk analysis
and management and corporate governance within the context of accountability
frameworks.
The report outline is as follows. Section 2 explores the nature and relevance of risk
to corporate accountability. Section 3 examines the practice of risk management.
The ‘risk-silo’ mentality versus a holistic approach to risk management is discussed,
followed by the drivers of risk management and deficiencies in risk management.
The implementation of risk analysis and risk management systems is discussed in
Section 4. The Committee of Sponsoring Organizations of the Treadway
Commission’s (COSO) Enterprise Risk Management-Integrated Framework (COSO
ERM Framework) is described first. Then Qantas’ risk management systems are
compared with the COSO ERM Framework to assess how Qantas manages
reputation and branding, and safety risks. Section 5 discusses the alignment of the
Qantas approach to Corporate Governance as documented in their Corporate
Governance Statement (Qantas 2010) with the approach recommended in the ASX
Corporate Governance Principles and Recommendations (ASX 2007) and with the
Kiel and Nicholson model (Kiel & Nicholson 2002). The report concludes with Section
6.
2 Nature and relevance of risk to corporate
accountability
Organisations are facing increasing pressure from regulators, investors and other
stakeholders to increase transparency and disclosure. Principle 7 of the ASX
Corporate Governance Principles and Recommendations (ASX 2007, p. 32) states
that ‘companies should establish a sound system of risk oversight and management
and internal control’. ASX (2007, p. 32) emphasises that the responsibility for
reviewing the company’s policies on risk oversight and management lies with the
board. The board must satisfy itself that management has developed and
5 © Atul Kuver 2011
implemented a reliable system of risk management and internal controls. While
traditional risks such as credit, market and foreign exchange risk remain the primary
considerations, businesses are acknowledging the need to determine and assess risk
in areas such as human capital, reputation and climate change (Economics
Intelligence Unit 2007, p. 2). ASX (2007, p. 32) considers material business risks to
include but not limited to: ‘operational, environmental, sustainability, compliance,
strategic, ethical conduct, reputation or brand, technological, product or service
quality, human capital, financial reporting and market related risks.
3 Risk Management
Organisational objectives cover a range of areas including corporate strategy,
operations, processes and projects. Organisations can encounter a variety of risks
that can have an impact on these objectives. Risk management is how risks are
managed. The ASX Corporate Governance Council’s Corporate Governance Principles
and Recommendations (ASX 2007, p. 32) defines risk management as ‘the culture,
processes and structures that are directed towards taking advantage of potential
opportunities while managing potential side effects’.
3.1 ‘Risk-Silo’ Mentality versus the Holistic Approach to Risk
Risk management in the past has mostly been driven from the bottom up and been
fragmented across different divisions within an organisation (Bowling & Rieger
2005). This method sets up a series of ‘risk-silos’ managed by different groups within
the organisation. The different silos may have different risk tolerances, which can
lead to one group with low to no risk, while another group may take on significant
risks (Bowling & Rieger 2005, p. 32).
In contrast, Enterprise Risk Management (ERM) is a framework that takes all risk
areas into account. Risks are no longer considered in isolation. ERM looks at the
activities of the business as a whole and analyses how different areas of risk affect
each other (Bowling & Rieger 2005).
6 © Atul Kuver 2011
3.2 Drivers of Risk Management
There are many drivers that increase the rationale for risk management. Economics
Intelligence Unit (2007, p. 6) identifies risk management drivers that are both
internal and external to organisations.
Internal drivers include:
greater commitment from the board;
greater complexity experienced by organisations in the value chain due to
advanced business practices, globalised markets and rapid technological
change. The increase in the level of competition and rapid pace of change is
destroying predictability for businesses (Stevenson, cited in Rao 2009, p. 87);
specific risk events such as product recalls or fraud.
External drivers of risk management are those that arise from outside the
organisation. These include:
increased focus on regulation of business practices and investor demands for
greater disclosure and accountability. The consequence of recognition of
corporate accountability to stakeholders is that an organisation’s governance
system needs to consider the importance of satisfying the concerns of
stakeholders (Brooks & Dunn 2010, p. 462). According to Brooks and Dunn
(2010, p. 462-463), a focus on ethics risks and opportunities is necessary to
‘avoid potential loss of support for a corporations objectives, and to discover
opportunities of greater support’ and a much broader risk assessment
framework is required.
changes in competitive, technological, social, and political circumstances
have amplified the likely impact of operations-related failure (Lewis, cited in
Rao, p. 87).
The regulatory environment in Australia includes (Bissett 2010, p. 81):
the AS/NZS ISO 31000: 2009 Standard which provides a practical framework
for risk management;
7 © Atul Kuver 2011
ASX Corporate Governance Council’s Corporate Governance Principles and
Recommendations;
Australian Prudential Regulation Authority (APRA) and Basel II Accord for the
financial services industry;
Civil Aviation Safety Authority (CASA), International Civil Aviation
Organisation (ICAO) and the Australian Transport Safety Bureau (ATSB) for
the aviation industry.
3.3 Deficiencies in Risk Management
According to Bisset (2010, p.80), the Global Financial Crisis (GFC) has highlighted
shortcomings in the risk management process of many organisations. The causes and
consequences of the deficiencies is summarised in Table 1.
Table 1 Causes and consequences of risk management deficiencies. (Bisset
2010, p.80)
Deficiency Cause of Deficiency Consequence
Risk culture Organisation’s failure to define a risk culture or appetite
Inconsistent communication about risk within the organisation
Risk/return trade-off
Level of risk not considered
Uncertainty about the return on investment as higher returns are usually associated with higher risk
Incentive schemes
Incentive schemes do not sufficiently represent the organisation’s risk appetite
Reward structure not consistent with key performance indicators
Complexity and lack of integration
Over-complicated risk structures and procedures
Risk management procedures avoided or not used.
Risk measures
Effect of risk on the drivers of value and associated indicators of risk not well understood within the organisation
Limited holistic indicators of risk
Risk information Lack of a robust data analysis capability.
Over-reliance on financial models and data where the underlying
8 © Atul Kuver 2011
Deficiency Cause of Deficiency Consequence fundamentals may not be understood and assumptions are not verified or challenged.
Worst case scenarios No scenario planning. No stress testing of worst
possible case scenarios.
Empowerment of the risk function
Risk function not empowered.
Risk function seen merely as a compliance function or a roadblock function
4 Implementation of Risk Analysis and Risk
Management Systems
4.1 COSO Enterprise Risk Management Framework
The Committee of Sponsoring Organizations of the Treadway Commission’s (COSO)
Enterprise Risk Management-Integrated Framework (COSO ERM Framework)
describes the fundamental elements of risk-management principles for organisations
regardless of size (Bowling & Rieger 2005, p. 29). Enterprise Risk Management is
defined as follows:
Enterprise risk management is a process, effected by an entity’s board of
directors, management and other personnel, applied in strategy setting and
across the enterprise, designed to identify potential events that may affect
the entity, and manage risk to be within its risk appetite, to provide
reasonable assurance regarding the achievement of entity objectives.
(COSO 2004)
This definition is broad and complex, but probably necessarily so, because it tries to
be an all inclusive definition that can be used by all organisations. Bowling and
Rieger (2005, p. 30) provides a breakdown of the keywords and associated
meanings. This is shown in Table 2.
9 © Atul Kuver 2011
Table 2 Understanding the keywords in COSO's ERM definition (Bowling &
Rieger 2005, p. 30)
Keyword Meaning A process a means to an end.
Effected by people as opposed to sole reliance on policies, standard procedures, surveys or forms.
Applied in a strategy setting the ‘big-picture’ view
Across the enterprise view an aggregate or portfolio of risks rather than a narrow view of isolated risks.
Identifying events consider in the context of the entity’s appetite for risk
Reasonable assurance cannot have absolute guarantees.
Achievement of organizational objectives
can take place in one or more overlapping categories
The COSO ERM Framework is illustrated as the cube shown in Figure 1.
Figure 1 The COSO ERM Framework (COSO 2004, p.5).
The top of the cube corresponds to four objectives: strategic, operations, reporting
and compliance. The ERM Framework consists of eight components. These represent
10 © Atul Kuver 2011
what is needed to achieve each of the four objectives. A summary of the each of the
components is given in Table 3. Possible deficiencies (Bisset 2010, p. 80) in risk
management practices that could affect the significance of the component for an
organisation are given in Column 3 of Table 3. For example:
deficiencies in risk culture may be indicative of how risk is viewed or lack of
Board commitment;
a risk function that is not empowered may result in an inadequate response
to risk due to a lack of alignment between risks and the organisation’s
appetite or tolerance for risk.
Table 3 Significance of the eight components in COSO's ERM Framework
Component Significance Possible
Deficiencies (Table 1)
Internal Environment
encompasses the tone of an organisation;
sets the basis for how risk is viewed and addressed by people in the organisation including:
risk management philosophy;
risk appetite;
integrity and ethical values;
operational environment.
Risk Culture
Objective Setting
objectives are necessary before the potential events affecting their achievement can be identified by management;
ensures that a objective setting process is in place;
ensures that the chose objectives align with the organisation’s mission and risk appetite.
Incentive schemes
Risk/return trade-off
Event Identification
internal and external events that could affect the achievement of any of the organisation’s objectives must be identified;
Worst case scenario planning
Risk information
11 © Atul Kuver 2011
Component Significance Possible
Deficiencies (Table 1)
risks and opportunities must be distinguished;
channel opportunities back into strategy or objective-setting process.
Risk Assessment
analyse risks by assessing their likelihood and impact;
analysis determines the risk management approach;
assess risks on an inherent and residual basis.
Risk measures
Risk Response
select the appropriate response to the risk:
avoid;
accept;
reduce; or
share;
develop actions to align the risks with the organisation’s tolerance and appetite for risk;
Risk information
Empowering the risk function
Control Activities
establish and implement policies and procedures to assist in ensuring that risk responses are carried out effectively.
Empowering the risk function
Information and Communication
identify, capture and communicate relevant information in a form and timeframe that enables people to carry out their responsibilities;
Complexity and lack of information
Monitoring
monitor entire ERM and modify as necessary;
accomplish monitoring through ongoing management activities, separate evaluations or both.
Empowering the risk function
12 © Atul Kuver 2011
4.2 Managing Reputation and Branding Risk, and Safety Risk at
Qantas
Qantas operates in an industry that focuses on high availability, safety, has low
margins, intense competition and is vulnerable to external and internal business
shocks (Bisset 2010, p. 82). The organisation faces risks in all four objectives areas
recognised in the COSO ERM Framework.
Being one of the world’s safest airlines has long been Qantas’ key brand value,
having never lost an aircraft. However, two recent safety incidents on two separate
models of aircraft have threatened Qantas’ reputation. Industrial safety regulations
that apply to the aviation industry will have extremely serious consequences for
Qantas if any of the safety risks are realised. According to Bisset (2010, p. 82–83),
risks ‘can’t be managed from 10,000 feet in the corporate head office. Effective risk
management needs to be embedded within the operations of the organisation’.
On July 25th, 2008, Qantas Flight 30 (QF30) was on a flight from London Heathrow
Airport to Melbourne Airport with a scheduled stop-over at Hong Kong International
Airport. Shortly after leaving Hong Kong an oxygen tank exploded, rupturing the
fuselage just forward of the starboard wind root. There were no injuries and the
aircraft made an emergency decent to 10,000 feet.
In November 2010, a Rolls Royce Trent-900 engine failed on a Qantas Airbus A380
while flying over Indonesia. This event force Qantas to ground its entire A380 fleet.
These events have raised questions about operations risk management (Washington
2010). The A380 issue created a complicated situation for Qantas in trying to
preserve its reputation. Dr Ulysses Chioatta from SSAMM Management Consulting
has commented that Qantas, by being ‘overly cautious and grounding more planes
sends out a less than confident message to customers’ (Washington 2010).
13 © Atul Kuver 2011
Reputation and branding, and safety can be considered to be part of Qantas’
strategic and operational objectives. Safety will also fall under the regulatory
framework for the aviation industry. Failure in either area can have serious
consequences for Qantas.
Qantas states that its risk management and internal control system aligns to the
principles in the AS/NZS ISO 31000: 2009 Standard and the COSO ERM Framework
(Qantas 2010, p. 23). Qantas’ risk management and the COSO ERM Framework are
compared below. The comparison illustrates how the strategic, operational,
reporting and compliance objectives are managed.
4.2.1 Internal Environment
The Qantas Corporate Governance Statement (Qantas 2010, p. 23) states that the
‘Board is responsible for reviewing and overseeing the risk management strategy’.
This shows commitment from the Board a top-down approach to risk management.
The Chief Risk Officer is also a member of the executive team.
4.2.2 Objective Setting
The Qantas Group Risk Management Framework is supported by three interrelated
elements: governance, risk management and assurance (Qantas 2010, p. 23).
4.2.3 Event Identification
A common standard for identifying, assessing and managing business risks across the
group — The Qantas Management System (QMS) — provides business units with
guidance regarding risk management. (Qantas 2010, p. 23).
4.2.4 Risk Assessment
Material risks and effectiveness of risk management plans are escalated to Executive
Management or relevant Board Committees. Assessments against different QMS
elements are undertaken (Qantas 2010, p. 24).
14 © Atul Kuver 2011
4.2.5 Risk Response
A Safety, Health, Environment & Security Committee (SHESC) is responsible for
assisting the Board in its corporate governance activities including risk management.
(Qantas 2010, p. 24).
4.2.6 Control Activities
The Qantas Group Risk Management Policy (Policy) sets the minimum requirements
and roles and responsibilities for managing risks across the organisation. The Board
reviews and approves this Policy (Qantas 2010, p. 23).
4.2.7 Information and Communication
A detailed risk register is prepared and reported every quarter by each business unit
(Qantas 2010, p. 24).
4.2.8 Monitoring
Independent, objective assurance and consulting services on the risk management
system is provided through an Internal Audit function (Qantas 2010, p. 24).
5 Corporate Governance
This section compares and contrasts the Qantas approach to Corporate Governance
as documented in their Corporate Governance Statement (Qantas 2010) with the
approach recommended in the ‘ASX Corporate Governance Principles and
Recommendations’ (ASX 2007) and the Kiel and Nicholson model (Kiel & Nicholson
2002).
5.1 Kiel and Nicholson Model
According to Kiel and Nicholson (2002, p. 18), despite uncertainty, practical solutions
to governance problems can be found. They highlight that the board has two primary
responsibilities:
1. conformance — relates to the past and present behaviour of the business.
Board monitors and supervises management and is accountable to
15 © Atul Kuver 2011
stakeholders. Achieved through reporting financial and non-financial
information about the business;
2. performance — is less developed. Board needs to focus on the future as
directors are held accountable for firm performance.
Kiel and Nicholson’s (2002) Corporate Governance Charter model aims to develop
more effective boards by providing both a structure and a process. When the model
is used as a process, it provides a forum to discuss ‘unmentioned’ issues that are
often not addressed and lead to poor governance. An updated version of the
Framework is shown in Figure 2.
Figure 2 Kiel and Nicholson's Corporate Governance Charter model (Effective
Governance Board Charter website).
The model’s focus is to assist the board in directing business success through a
process that aligns a company’s governance system to its organisational needs (Kiel
16 © Atul Kuver 2011
& Nicholson 2002, p. 23). The authors cite two primary benefits of the model. They
state that the model:
1. creates a major policy document that can assist in the corporation’s
leadership to deliver good governance;
2. guides strategic conversations at board level to move members to the
‘performing’ stage of group process.
(Kiel & Nicholson 2002, p. 23)
5.2 ASX Principles of Good Corporate Governance
The ASX Corporate Governance Council provides the following eight principles and
recommendations:
1. Lay solid foundations for management and oversight.
2. Structure the board to add value.
3. Promote ethical and responsible decision-making.
4. Safeguard integrity in financial reporting.
5. Make timely and balanced disclosure.
6. Respect the rights of shareholders.
7. Recognise and manage risk.
8. Remunerate fairly and responsibly.
(ASX 2007)
5.3 Qantas Corporate Governance Statement
5.3.1 Alignment with ASX Principles 2007
This comparison is fairly simple to establish from the Corporate Governance
Statement (Qantas 2010). According to Qantas’ Corporate Governance Statement
(Qantas 2010, p. 20), the ‘Board endorses the ASX Corporate Governance Council’s
Corporate Governance Principles and Recommendations’. Review of Qantas’
Corporate Governance Statement confirms that ASX Principles 1 to 7 is addressed.
Surprisingly though, Principle 8 — Remunerate fairly and responsibly — unlike the
first seven principles, is not specifically mentioned in the Statement. The
17 © Atul Kuver 2011
remuneration function is incorporated under the declaration of Principle 1. The
report states that it is the Boards responsibility to ensure that ‘a clear relationship
between performance and executive remuneration’ exists (Qantas 2010, p. 20). This
seems to satisfy the requirements of Principle 8.
5.3.2 Alignment with the Kiel and Nicholson Model
The details of the Corporate Governance Statement (Qantas 2010) have been
examined to compare and contrast the content of the Corporate Governance
Statement with Kiel and Nicholson’s model and the corresponding ASX principles.
The results are shown in Table 4 on the following page.
18 © Atul Kuver 2011
Table 4 Qantas Corporate Governance compared and contrasted with the
Kiel and Nicholson model and corresponding ASX principles.
Kiel and Nicholson Model Top Level Governance
Statement ASX
Principle
Defining Governance
Roles
Board Structure
The Board is structured to add value
2
Role of the Board
The Board lays solid foundations for management oversight
1
Role of Individual Directors
The Board is structured to add value
2
Role of the Chairman
The Board is structured to add value
2
Role of the Company Secretary
The Board is structured to add value
2
Role of the CEO
The Board lays solid foundations for management oversight
1
Key Board Functions
Strategy
The Board lays solid foundations for management oversight
The Board is structured to add value
1
2
CEO The Board lays solid
foundations for management oversight
1
Monitoring
The Board lays solid foundations for management oversight
The Board safeguards the integrity of financial reporting
1
4
Risk Management
The Board recognises and manages risk
7
Compliance
The Board lays solid foundations for management oversight
1
Policy Framework
The Board lays solid foundations for management oversight
1
Networking The Board makes times 5
19 © Atul Kuver 2011
Kiel and Nicholson Model Top Level Governance
Statement ASX
Principle and balanced disclosure
The Board respects the rights of shareholders
6
Stakeholder Communication
The Board makes times and balanced disclosure
The Board respects the rights of shareholders
5
6
Decision Making
The Board lays solid foundations for management oversight.
The Board promotes ethical and responsible decision making
1
3
Effective Governance
Director Protection
The Board is structured to add value
The Board promotes ethical and responsible decision making
2
3
Board Evaluation
The Board is structured to add value
2
Director Remuneration
The Board is structured to add value
2, 8
Director Development
The Board is structured to add value
2
Director Selection and Induction
The Board is structured to add value
2
Improving Board Processes
Board Meetings
The Board lays solid foundations for management oversight
1
Board Meeting Agenda
The Board lays solid foundations for management oversight
1
Board Papers The Board lays solid
foundations for management oversight
1
Board Minutes The Board lays solid
foundations for management oversight
1
The Board Calendar
The Board lays solid foundations for management oversight
1
Committees The Board lays solid 1
20 © Atul Kuver 2011
Kiel and Nicholson Model Top Level Governance
Statement ASX
Principle foundations for management oversight
The Board is structured to add value
2
5.4 Corporate Governance within the Context of Accountability
Frameworks
The objectives of the Kiel and Nicholson model are to create a major policy
document to assist the organisation’s leadership deliver good performance and to
guide strategic conversations at that board level to move members to the
‘performing’ stage of the group process (Kiel & Nicholson 2002, p. 23).
Figure 3 illustrates the analysis given in Table 4. The numbers next to each quadrant
represent the corresponding ASX principles. The significant result here is the loading
of the ASX principles as the Key Board Functions. This may not be a generic result but
a consequence of where Qantas places its governance responsibilities. The content
in Table 4 was generated by examining the details of each Board function and
Qantas could have chosen to arrange the Board’s responsibilities slightly differently.
This would have changed the distribution of the ASX principles slightly. However,
while redistribution may have been possible, it is not entirely flexible. Many ASX
principles fall in particular quadrants and some associations seem rigid. For example,
ASX Principle 7 — Risk Management — will always fall in the Key Board Functions
quadrant.
21 © Atul Kuver 2011
Figure 3 Kiel and Nicholson model and ASX principles overlap for Qantas corporate
governance.
Figure 3 highlights the areas of the ASX guidelines that the Board needs to focus on
during each of the four phases. It is also important to keep in mind that while the
Kiel and Nicholson model suggests structure and process, it is probably not intended
to be normative. Compliance with the ASX guidelines already provides a satisfactory
starting point.
6 Conclusion
This report examined the nature and relevance of risk, the importance of risk
analysis and management and corporate governance within the context of
accountability frameworks. Risk management, the implementation of risk analysis
and risk management systems with reference to the COSO ERM Framework were
discussed. Qantas’ risk management systems were compared with COSO ERM
Framework to assess how Qantas may manage reputation and branding, and safety
22 © Atul Kuver 2011
risks. Reputation and branding, and safety are of critical importance to Qantas. The
comparison indicated that the Qantas risk management structure closely follows the
COSO ERM Framework that support its strategic, operational, reporting and
compliance objectives.
The Qantas approach to Corporate Governance as documented in their Corporate
Governance Statement (Qantas 2010) was compared and contrasted with the
approach recommended in the ASX Corporate Governance Principles and
Recommendations (ASX 2007) and the Kiel and Nicholson model (Kiel & Nicholson
2002). The review shows the Qantas approach is aligned with the ASX Corporate
Governance Principles and Recommendations (ASX 2007). The Qantas approach also
satisfies the structure and process of the Kiel and Nicholson model. This alignment
demonstrates that the Qantas Board accepts responsibility for the key functions
regarding the Corporate Governance.
23 © Atul Kuver 2011
References
ASX 2007, ASX Corporate Governance Council, Principles of Good Corporate
Governance and Best Practice Recommendations 2nd edition
Bissett, A 2010, 'Enterprise risk management -- is it achievable?', Keeping Good
Companies (14447614), 2, pp. 80-83.
Bowling, D, & Rieger, L 2005, 'Making Sense of COSO's New Framework for
Enterprise Risk Management', Bank Accounting & Finance (08943958), 18, 2, pp. 29-
34.
Brooks, L. & Dunn, P. (2008) Business & Professional Ethics for Directors, Executives &
Accountants, Mason, South-western Cengage Learning.
COSO 2004, Enterprise Risk Management — Integrated Framework. Available at
http://www.coso.org/documents/COSO_ERM_ExecutiveSummary.pdf [Accessed
February 15, 2011].
Effective Governance Board Charter website. Available at:
http://www.effectivegovernance.com.au/Board-Charter.html [Accessed February
15, 2011].
Economics Intelligence Unit 2007, Best practice in risk management | BUSINESS
RESEARCH. Available at: http://businessresearch.eiu.com/best-practice-risk-
management.html [Accessed February 16, 2011].
Kiel, G & Nicholson, G 2002, Real world governance: driving business success through
effective corporate governance, Mt Eliza Business Review vol. 5, no. 1, pp. 17 – 28
Qantas 2010, Annual Report 2009 - 2010.
24 © Atul Kuver 2011
Rao, A 2009, 'IMPLEMENTATION OF ENTERPRISE RISK MANAGEMENT (ERM) TOOLS -
A CASE STUDY', Academy of Accounting & Financial Studies Journal, 13, 2, pp. 87-
103.
Washington, T 2010, Qantas engine troubles raise risk questions. Available at:
http://www.riskmanagementmagazine.com.au/articles/66/0c06d866.asp [Accessed
February 15, 2011].