The management ensures that it identifies the risks that the institution faces, proposes policies and measures to manage or avert these, and implements those that are approved by the board. These risks may arise in various forms, including but not limited to strategic, operational, political, economic, regulatory, geographic and demographic risks.
Guideline code
GG_03800
Mechanism
Mechanism
- The management should require senior officers to regularly and periodically submit studies and reports that analyse the risks faced by the institution, recommend risk strategies, and implement board-approved measures to manage or avert any and all risks facing the institution.
- The governance framework defined by the ISSA Guidelines on Good Governance may serve as a reference point to identify the potential areas that could be impacted upon by the various risks faced by the institution.
Section B.2 provides more guidelines on operational risk management, with corresponding structures and mechanisms to facilitate the application of the guidelines.
Structure
Structure
- Risk management should be embedded in the organizational structure of the institution.
- The management should ensure its competence to identify and evaluate any and all risks that may affect the programme, and recommend to the board the policies and measures to be taken to protect the institution.
- The management should assess the long-term and short-term impact of these risks on: (a) the financial sustainability of the scheme; (b) fund investments; (c) member contributions and member benefits; and (d) the human resources and the ICT infrastructure required for administering the programme.
Title HTML
Guideline 29. Risk management
Type
Guideline_1
Weight
42