1.

Corporate governance aims and principles Corporate governance is the system by which businesses are directed and controlled A set of relationships between a company's directors, its shareholders and other stakeholders It also provides a structure through which the companies objectives are set and the means of achieving those objectives and the monitoring performance are determined What is corporate Governance aiming to achieve? Provide a framework within which a company can pursue its strategy Seeks to ensure Directors cannot ignore others and fulfill their responsibilities to shareholders and other stakeholders with legitimate interest in the organisation Aims to provide a means to management of risks the controls system that contribute to risk management must be appropriate for the organisation For stock exchange listed companies - Should improve investor confidence and attract more investor finance Principles behind corporate governance Integrity- Straightforward dealing and necessary if business relationships are to be based on trust Probity -telling truth not deliberately misleading anyone Fairness - Taking all stakeholders into account Judgement - taking decisions that enhance prosperity for company Accountability - account for actions Responsibility - directors accept consequences may have personal impact on themselves Transparency - for all information Independence - For effective monitoring Reputation - good reputation increases investor confidence 2. Shareholders and Stakeholders Agents have the following responsibilities to their principles including: Accountability for what they done Obedience to principles wishes Fiduciary duty to act in principal's best interests Should not delegate responsibilities Should act with appropriate degree of skill Should keep affairs confidential No conflict of interests Agency problem Shareholders will wish directors to take action to benefit shareholders interests - Shareholder wealth maximisation Directors may not do this Their performance may be to the required standard

The directors may also seek to benefit themselves that doesn't meet shareholder approval Agency costs include monetary costs, time spent monitoring the directors activities, communicating with the directors, reading the company accounts and attending the AGM The time spent by the directors preparing information for the shareholders and answering shareholder queries If directors salary is linked to short term goals they might work at the expense of long term goals. Stakeholders are anyone human or non human that can affect or be affected the actions or policies of an organisation Stakeholders should be classified by how much influence organisation has over them Internal stakeholders - employees, managers, directors Connected stakeholders - business relation - shareholders, customers, competitors External stakeholders - government, public, pressure groups Primary stakeholders - difficult to continue without support - employees customers, suppliers, government Secondary stakeholders - can do without -wider community Active stakeholders - seek to participate in organisations activity and decisions - managers, regulators employees, large shareholders pressure groups Passive stakeholders - Do not seek to participate in organisations activity and decisions - local community, most shareholders, government Narrow Stakeholders - most affected by strategy - shareholders, managers, suppliers, customers, employees Wider stakeholders - less affected by strategy - government, less dependent customers, wider community Stakeholder Theory Normative - businesses should try to accommodate stakeholders Implications - businesses have economic and ethical and philanthropic responsibilities Instrumental - Businesses mainly have economic responsibilities will thus make stakeholders happy and get more business 3. Governance codes and legislation Reasons for development of corporate governance: International investors want same security and rights surrounding investments as locals Governments and stock exchanges want to attract companies to country or stock market

Investors want high quality financial statements Corporate scandals (enron) help raised governance concerns Insider stock market system - dominated by few major investors Outsider stock market system - more dispersed shareholdings greater separation between owners and managers Characteristics of codes based on principles Focus on objective of governance Provide guidance on areas such as culture and relationship between stakeholders where it is difficult to set rules Can be applied across different jurisdictions Can be used as a benchmark for guidance in other countries Enforced on a comply and explain basis Advantages of Principles Based codes No need for inflexible legislation that companies can find difficult to implement Less costly to apply principles than to apply rules Allows companies to develop their own approach to governance that is appropriate to the companies needs Enforcement puts emphasis on effective disclosure and investors can draw their own conclusions Disadvantages of Principles Based codes Can be so broad that can be little help in practice May be difficult to ascertain what companies can do and cannot do Explain can be used as an easy option for non compliance with little explanation Advantages of Rules Based codes Emphasis on companies meeting required compliance Allow no leeway Issue is whether company complied or not Should be easy to decide whether a company has complied or not Disadvantages of Rules Based codes Rules have to be drafted so they are unambiguous May find difficulty with situations not covered in the rulebook Companies may concentrate on the rules rather than the spirit of the rules Corporate governance should be incorporated into a company's processes OECD Stresses the importance of companies maintaining the rights of shareholders and treating them equitably Aims to protect stakeholders and allowing stakeholders access to relevant information

Companies should develop performance enhancing mechanisms for employees Stresses need for timely and accurate disclosure of all relevant information Board should maintain direction of the company, be well informed and exercise independent judgement Codes have been seen to be lagging behind advances in other developed countries International codes are non binding Difficult to strengthen them because of global differences in legal structures, financial systems and ownership patterns Enron weaknesses Misleading financial accounts with off balance sheet financing Arrogant executive management team Failure of NEDs to monitor effectively Failure of external auditors Arthur Andersen to consider problems Directors selling their own shares when the company was beginning to fail but the employees being left with worthless shares Manipulation of short term profits to enhance bonuses Various law breaking and dishonesty SOX Should contain appropriate disclosure of any financial arrangements not included in the balance sheet Accounts must contain information on internal controls Must include internal control reports that state directors are responsible for internal control structure and financial reporting requirement Should include an assessment of the effectiveness of control procedures that relate to financial reporting Should state if a code of conduct has been adopted for senior financial officers Emphasised CEO and CFO are responsible for ensuring accounts are accurate CEO and CFO must certify accounts are appropriate and fairly reflect the operations and financial condition of the company If accounts need to restated CEO and CFO must forfeit their bonuses Compulsory rotation of audit partners Retention of audit working papers Quality control standards Auditors to review internal control procedures Auditors cannot provide internal audit, bookkeeping systems, development appraisal and valuation services, actuarial services, management functions, Human resources, investment management, legal and expert services All listed companies to have an audit committee of independent non executive directors and one or more members should have financial expertise Audit committee should be responsible for appointment, compensation and oversight of auditors

Audit committee should discuss key aspects of the accounts with auditors and setup whistle blowing mechanisms for reporting misdemeanors 4. Governance and social responsibility 4 levels of corporate social responsibility (Carroll) 1 Economic responsibilities to shareholders wanting a good return on their investment Employees demanding fair conditions Customers seeking good quality products 2 Legal responsibilities Organisations should obey the law as the law codifies society's moral views 3 Ethical responsibilities Organisations should act in Fair and unjust ways even if not compelled to do so 4 Philanthropic responsibilities contribution to local communities, charitable donations and better opportunities for employees Charities may have representatives on their board or a separate stakeholder board Corporate Citizenship key concepts minimising harm maximising benefit being responsible and accountable to stakeholders Organisations provide social reports/accounts as they want to be seen to be ethical and because of pressure from stakeholders Some people believe that by buying a right to a dividend people also buy the responsibility to ensure that a company behaves ethically However because of a wide dispersal of shareholdings small shareholders have little influence Institutional shareholders have a large influence as they have large investments in organisations Institutional shareholders should provide investors in pension scheme their policies

There should be regular meetings between boards of directors and representatives of institutional shareholders at which institutional shareholder representatives can give companies their views Institutional shareholders can use their votes at AGMs and contribute to lists of good or badly performing companies They should intervene if they are unhappy with operational performance or strategy or if they are concerned with risks being too high or they are concerned with directors remuneration Criticism of corporate social responsibility some people believe a company's responsibilities are economic responsibilities to shareholders Also been criticised as an inadequate response to underlying problems in society and failing to address the needs for fundamental structural reform of society Board responsibilities Overseeing strategy Monitoring risk Control systems and governance Communicating with shareholders and other stakeholders In order to effectively run a company a board must decide which matters it should decide upon such as: Mergers and takeovers Major asset sales and purchases Significant investments Entering into new loans or borrowing facilities Major foreign currency transactions Boards should: Demonstrate a duty of care attend board meetings reguarly Avoid conflict of interests Time limits on appointments Limits on length of service contracts Service contracts should be available for inspection Procedures for leaving office Prohibition of insider dealing

Nomination committee role and responsibilites Oversee board appointments Regularly review the size structure and composition of the board and whether NEDs are spending enough time on their duties Needs to consider the following:

Balance between executive and NEDs Skills, knowledge and experience of current board and whether there are obvious gaps Need for continuity and succession planning Desirable size of the board Need to recruit members from a variety of backgrounds Other measures of preserving board quality are annual board appraisals and professional training Directors Induction programme Build an understanding of the nature of the company, its business and its markets Build a link with the company's people Build an understanding of the company's main relationships including meetings with auditors Unitary board - All directors member of board - UK Two tier board - Executive board will run the company - Supervisory board with workers and stakeholders representatives - main responsibilities are to review company strategy and to ensure safeguard of assets - Germany Three tier board - Monocratic board - Symbolic role Policy board - long term strategic issues Functional board - Made up of Senior executives with a functional role Advantages of unitary boards (a) All participants in the single board have equal legal responsibility for management of the company and strategic performance. This implies a more involved approach by those directors who are not executive directors and therefore act in an independent and 'supervisory' capacity. (b) the independent directors are less likely to be excluded from decision-making and given restricted access to information. (c) The presence of non-executive directors with different perspectives and viewpoints to question the actions and decisions of executive directors as they are taking place should lead to better decisions being made. (d) The relationship between different types of directors may be better as a single board promotes easier co-operation. Disadvantages of unitary boards (a) Asking a non-executive or independent director to be both manager and monitor is too awkward and demanding a task. (b) The time requirements on non-executive directors may be onerous, both in terms of the time spent in board meetings and the commitment required to obtain sufficient knowledge about the company to properly fulfil their monitoring role. (d) The unitary board emphasises the divide between the shareholders and the directors as there is no crossover between them, and it means that the general meeting is the only place where shareholder grievance or concern can be heard.

Advantages of multi-tier boards (a) clear and formal separation between the monitors and the executive directors being monitored. (b) The supervisory/policy board has the capacity to be an effective guard against management inefficiency or worse. Indeed its very existence may be a deterrent to fraud or irregularity in a similar way to the independent audit. (c) The system actively encourages transparency within the company, between the boards and, through the supervisory board, to the employees and the shareholders. It also involves the shareholders and employees in the supervision and appointment of directors. d) Allows NEDs to concentrate their time where its most useful e) Better able to establish links with important stakeholders Disadvantages of multi-tier boards (a) Confusion over authority and doubt over who is responsible for what (b) In practice, The executive management board may restrict the information passed on to the supervisory board and the boards may only liaise infrequently. (c) The supervisory board may not be as independent as would be wished, depending on how rigorous the appointment procedures are. I d)members of the supervisory board can be,indeed are likely to be, shareholder representatives; this could detract from legal requirements that shareholders don't instruct executive directors how to manage if the supervisory board was particularly strong. e)Failure to take account of all views f) May be difficult for supervisory boards to question executives than it would be if they were members of the same board Why CEO and chairman should be separate roles Both demanding titles can't give both adequate time Reduces risk of conflict of interest The board cannot make the CEO accountable if the board is also led by the CEO Conflict of interest - person in charge assessing his own performance Shows Governance best practice Chairman can act as a reporting point that rest of board can use to express their concerns

Role of chairman Facilitating board appraisal Running and organising board agenda Reporting in and signing off financial reports Communicating information to shareholders Ensuring board are provided with necessary information in a timely fashion Ensuring adequate time is spent on controversial issues New director induction and training

Role of CEO Responsible for risk management and ensuring internal controls are adequate Responsible for company strategy and objectives Investment strategy and appraisal Recommendation for remuneration policy Managing risk profile of organisation Non-executive directors Should be independant and have no other business with company Should not take part in Share option schemes Should not be paid a pension Should be appointed for a specified term Reappointment not automatic Role Monitoring the activities of the company and its executive directors Uk corporate governance codes - at least half of board should be NEDs NEDs will likely concentrate on: Will critically examine strategy Will scrutinise the performance of executive management in meeting goals and objectives and they will monitor their performance should satisfy themselves that financial information is accurate and financial controls and systems of risk management are robust Should be involved in the selection and removal of senior directors and in determining their remuneration

2.6.1 Advantages of non-executive directors

Non-executive directors can bring a number of advantages to a board of directors. (a) They may have external experience and knowledge which executive directors do not possess. external experience and knowledge which executive directors do not possess. The experience they bring can be in many different fields. They may be executive directors of other companies, and thus have experience of different ways of approaching corporate governance, internal controls or performance assessment. They can also bring knowledge of markets within which the company operates. (b) Non-executive directors can provide a wider perspective than executive directors who may be more involved in detailed operations. (c) Good non-executive directors are often a comfort factor for third parties such as investors or creditors. (d) The English businessman Sir John Harvey-Jones pointed out that there are certain roles nonexecutive directors are well-suited to play. These include 'father-confessor' (being a confidant for the chairman and other directors), 'oil-can' (intervening to make the board run more effectively) and acting as 'high sheriff' (if necessary taking steps to remove the chairman or chief executive).

(e) The most important advantage perhaps lies in the dual nature of the non-executive director's role. Non-executive directors are full board members who are expected to have the level of knowledge that full board membership implies. Should take an objective view At the same time they are meant to provide the so-called strong, independent element on the board. This should imply that they have the knowledge and detachment to be able to monitor the company's affairs effectively. In particular they should be able to assess fairly the remuneration of executive directors when serving on the remuneration committee, and to be able to discuss knowledgeably with auditors the affairs of the company on the audit committee. In addition, of course, appointing non-executive directors ensures compliance with corporate governance regulations or codes. Disadvantages of Non executive directors May be difficult to recruit sufficient high calibre NEDs NEDs may find it difficult to impose their views or prevent problems The limited time of their appointment may restrict their contribution Remuneration committee role - staffed with only NEDs Establishing general policy on remuneration Complying with laws and best practice Determining disclosures Determining remuneration packages for directors Remuneration corporate governance policies (Greenbury code) Set by independent board members Remuneration in particular bonuses should be related to measurable performance The accounts should include disclosures of any remuneration arrangements Key issues when determining remuneration policy: The pay scales applied to each directors package The different elements of each package The period within which performance related elements become payable what proportion of rewards should be related to performance The disclosures in the accounts Need to consider when determining remuneration what are other companies in the same sector paying? The need to attract directors Whether directors are likely to leave Packages will need to attract, retain and motivate directors of sufficient quality, whilst at the same time taking into account shareholders' interests as well.

3.4.1 Basic salary

Basic salary will be in accordance with the terms of the directors' contract of employment, and is not related to the performance of the company or the director. Instead it is determined by the experience of the director and what other companies might be prepared to pay (the market rate).

3.4.2 Performance related bonuses

Directors may be paid a cash bonus for good (generally accounting) performance. To guard against

excessive payouts, some companies impose limits on bonus plans as a fixed percentage of salary or pay. Transaction bonuses tend to be much more controversial. Some chief executives get bonuses for acquisitions, regardless of subsequent performance, possibly indeed further bonuses for spinning offacquisitions that have not worked out.

3.4.3 Shares
Directors may be awarded shares in the company with limits (a few years) on when they can be sold in return for good performance.

3.4.4 Share options

Share options give directors the right to purchase shares at a specified exercise price over a specified time period in the future. If the price of the shares rises so that it exceeds the exercise price by the time the options can be exercised, the directors will be able to purchase shares at lower than their market value.

3.4.5 Benefits in kind

Benefits in kind could include transport (eg a car), health provisions, life assurance, holidays, expenses and loans. The remuneration committee should consider the benefit to the director and the cost to the company of the complete package. Also the committee should consider how the directors' package relates to the package for employees; ideally perhaps the package offered to the directors should be an extension of the package applied to the employees.

3.4.6 Pensions
Many companies may pay pension contributions for directors and staff. In some cases however, there may be separate schemes available for directors at higher rates than for employees. The UK Combined Code states that as a general rule only basic salary should be pensionable. The Code emphasises that the remuneration committee should consider the pension consequences and associated costs to the company of basic salary increases and any other changes in pensionable remuneration, especially for directors close to retirement. Directors performance should not be assessed on short term gains only and a variety of measures are used to assess directors individually Service contracts should be no longer than 12 months otherwise the company may have to pay significant compensation if contract is terminated before its due to end Accounts should include information regarding the remuneration policy and remuneration for each director Shareholders may be able to vote on the remuneration statement in the accounts

3.3.1 Performance measures related to Directors remuneration

A key issue in determining remuneration policy is what performance measures to use to determine the remuneration of directors. There are a number of potential problems with this decision: Simply, the choice of the wrong measure, achieving performance that does not benefit the company significantly and does not enhance shareholder value Simply, the choice of the wrong measure, achieving performance that does not benefit the company significantly and does not enhance shareholder value Excessive focus on short-term results, particularly annual financial performance (which can also be manipulated) Excessive focus on short-term results, particularly annual financial performance (which can also be manipulated) Remuneration operating with a time delay, being based on what happened some time ago rather

than current performance Other issues the remuneration committee have to consider include: The potentially complex relationships with a variety of strategic goals and targets (including cost of capital, return on equity, economic value added, market share, revenue and profit growth, cost containment, cash management, compliance goals, revenue and environment goals) The differentials at management/director level (difficult with many layers of management) The ability of managers to leave, taking clients and knowledge to a competitor or their own new business Individual performance and additional work/effort 6. Communication policies Directors should have to stand for reelection regularly at least once every 3 years Companies should hold regular meetings with institutional shareholders Should use briefings and opinion surveys AGMs Shareholders should receive at least 20 working days notice of the AGM Boards should give a business presentation There should be Q&A sessions with leading board members such as committee shares Shareholders should be able to vote separately on different issues A motion on the annual reports and accounts should be included in order to allow shareholders to express their opinion on how the company is doing generally Communication with other stakeholders Companies may allow employee representatives on the board Best practice of accounts disclosure Should contain a narrative report on how the principles of the corporate governance codes were applied Should state if the company has complied with the code and give reasons for non compliance Specific disclosure are likely to include: Information about the board of directors Reports from the main board committees Details of relationships with auditors and shareholders A review of internal controls A statement that the company is a going concern An operating and financial review Companies may also include voluntary disclosures such as: Risk data Social impact report environmental reports Sustainability reports Elements of internal control systems Plan - what the system is designed to achieve - must be based on objectives Sensor - gathers information about system behaviour while the main elements of operations (the inputs, processes and outputs) are going on Comparator - compares actual systems behaviour with the plan

Effector - takes action to change the behaviour with the system Turnbull report report on Main purposes of Internal control systems Control systems should facilitate the organisation operating efficiently and effectively Should enable the organisation to respond appropriately to risks Should help to ensure the quality of internal and external reporting Should help to ensure compliance with applicable laws and regulations Controls must be embedded in the operation of the organisation and form part of its culture Must be capable of responding quickly to evolving risks Should include procedures for reporting significant control failings to management Controls at best reduce the chances of losses but they cannot eliminate the risk of losses Controls may be undermined by human error when operated They may be deliberately circumvented Managers may override them Most controls are designed to cope with circumstances that can be foreseen and may be unable to cope with the unexpected COSO enterprise risk management framework 1. The internal or control environment- this include management attitudes,Risk appetite, the stress on integrity and ethical values 2. Objective setting - The objectives set should align with the companies mission statement and be consistent with its risk appetite 3. Event identification - Events that may determine whether or not a company achieves its objectives need to be identified 4. Risk assessment - Risks need to be analysed systematically with consideration of their likelihood impact 5. Risk response - Management must select an appropriate response 6. Control procedures - Controls should ensure risks are dealt with effectively 7. Information and communication - Management and staff should have enough information to carry out their responsibilities and important stakeholders should receive the information they require 8. Monitoring - Risk management processes should be monitored and modifications made if required An alternative framework is the Canadian framework (COCO) that emphasis 1. Purpose - all activities should be directed with a sense of purpose 2. Commitment - managers and staff should actively commit to the organisations values 3. Capability - Managers and staff must be equipped with the resources and competenceneccesary 4. Action - If employees are given the right opportunities and and are committed to doing their best they should be successful 5.Monitoring and learning - These are essential if the organisation is to evolve successfully

Assessing an Internal control framework The turnbull report stresses the link between the Internal control framework and How it copes with the risks facing the company? The control systems will be affected by the risks facing the organisation and whether these risks are likely to materialise The board should consider: What level of risks it regards as acceptable, How much the organisation can reduce these risks and The costs and benefits of doing so- a small company will not need a complex and an expensive system Costs of controls include: Direct costs -the salary of internal auditors and the time taken by management in monitoring- a rigid control system may also have the added costs of reduced flexibility, reduced responsiveness and reduced creativity Benefits of controls Financial -not incurring costs of compensating dissatisfied customers Non-Financial - Improvements in design and effectivesness 8. COSO 1st stage. Control environment The control environment is made up of: 1. the philosophy and operating style of the directors and managers 2. The companies culture particularly whether control is seen as an integral part of the corporate framework or something imposed on the company 3. The organisational structure and methods of assigning responsibility such as segregation of duties 4. the directors methods of imposing control (for example the internal audit function) 5. The integrity, Ethical values and competence of directors and staff Turnball highlights elements of a strong control environment such as: Clear risk management strategies Culture and systems supporting business and controlobjectives Senior management demonstrating their commitment Clear definitions of authority and accountability Communication to employees of what's expected of them and their freedom to act Staff having the knowledge, skills and tools to play their roles in risk management and internal control Control environment does not address physical or quantitative controls but also encompasses management style and culture

Risk Culture The culture will affect attitude to risk and how successfully risks are managed Risk management should be embedded in the organisations culture with an active emphasis placed on active management of risk Needs to focus on risk that will seriously affect the organisation such as risks linked with the core business and future growth opportunities

Managers need to be aware of how a culture can be changed including: Internal communication programs Staff training Involvement of staff in risk identification Staff remuneration and incentives need to be linked to the way in which staff deal with risks Changing culture can be easier if supported by key personnel and if staff are protected from practical problems when changes come into effect 9. COSO. Risk management responsibilities Risk management responsibilities may be divided between operational managers and staff and specialist risk management staff All staff will have some responsibility for managing risk Risk Committee Responsible for determining the organisations risk management strategy and policy Should monitor the organisations overall risk exposure and the way changing circumstances are likely to alter the risks it faces Should review internal reports on risks Should regularly assess the effectiveness of risk management systems Should review the disclosures in the accounts on risk management and internal control Can be made up of executive and NEDs and other senior managers If role is to monitor managers should be made up of only NEDs Specialist risk management personnel Risk manager/Risk management function may assist the Risk committee and champion risk management in the organisation Responsible for building a risk awareness culture in the organisation Establishing risk policy and structures Developing and reviewing risk management processes Line managers will also be responsible for identifying and evaluating risks in their areas Staff will be responsible for following risk management procedures and having a good understanding of the risks associated with what they do and reporting dangers Risk policy statement defines risk management objectives and demonstrates how risk management is linked to strategic decision making Defines the responsibility of key individuals Details the control and reporting framework

Risk register Collects risk and response information Lists and prioritises risks states who is responsible for dealing with risks and the action taken 10. COSO 2nd stage. Objective setting

Highlights need for risk management to be compatible with organisations strategy Board should set clear objectives that should be consistent with organisations mission and its risk appetite Risk appetite - the extent to which a company or an individual is prepared to take risks in order to achieve its objective Risk averse attitude - an investment should not be undertaken if there is an alternative investment offering either the same return with lower risk or a higher risk with the same risk However a higher risk investment may be undertaken if it has a higher return Risk seeking attitude - Believes an investment should be undertaken if it offers higher possible returns even if risk is higher Attitudes to risk depend on: The views of shareholders The size, structure and stage of development of the organisation Managers personal views A formal organization may be risk averse because of the checks on decision making An organisation where results are emphasised is likely to take more risks A larger organisation may have varying attitudes to risks depending on the department or locations Managers attitudes to risk will depend on taking preference for risks whether they believe their actions could seriously affect risk levels Risk tolerance should be aligned with risk appetite COSO framework classifies objectives into four categories 1. Strategic - high level goals aligned with mission 2. Operational - effective and efficient use of resources 3. Reliability of reporting 4. compliance with applicable laws and regulations Objectives should be set for all departments in the organisation and the organisation as a whole They should relate to the key factors that will ensure the company succeeds including profitability, market share, cash flow, customer satisfaction and product quality 11. COSO Risks Risk - when there is a variation in the outcomes that could arise from a situation or event Hazard - The result of those outcomes Uncertainty - occurs when the possible outcomes or the chances of each outcome are unknown Risks can result in positive or negative outcomes Some risks can be controlled by individuals or organisations and some risks cannot be controlled Good risk management means cashflows are more predictable and the risks of verse effects are minimised

Risk is inherent in any situation. Companies cannot avoid all risks and to make a profit a company will need to incur some level of risk and it could be said that managers are not working to the best interests of shareholders Managers should consider what level of risk is acceptable Categories of risk Strategic risks - Risks are linked to what the organisation does - will have a major impact on costs, prices, products and sales - significant factors include: Type of industry, dependence on raw materials inputs, the competition, financial structure Major changes in the business environment will also generate strategic risks (for example new products generated by research or development or advances in technology) Operational risks - risks arising from failure in internal business and control processes representing what could go wrong from day to day - (for example IT failures loss of key staff human error) Financial risks - threats to the organisations existence due to a lack of available funds arising because actual financial conditions may differ from those expected- important financial risks include risks from changes in exchange rates, interest rate or the market value of investments Also credit risks that customers will not pay risks arising from the volatility and uncertainty of timings of cashflows Legal risks - risks of suffering fines, being closed down or incurring costs to fight legal action Political risks - Risks to disruption of operations or cashflows arising from political actions such as nationalisation, exchange controls or tariffs Environmental risks - risks that arise from the environmental effects of operations such as pollution or waste generation - organisations may face fines or consumer boycotts Technological risks - Loss to the organisation through their IT systems being disrupted or being unable to cope with the demands placed upon them including accidents, human error, fraud and computer hacking Health and Safety risks - can arise from insufficient health and safety policies, a poor culture, lack of emergency procedures and failure to deal with hazards Consequences of health and safety risks include - loss of employees time due to injury at work and having to pay compensation and legal costs Property risks - include risks from damage, destruction or theft of property Resource wastage risks - include incurring excessive costs through poor purchasing policies and employees time and resources being wasted Trading risks - risks to disruption to an organisations trading activities - include goods going astray during distribution and the customer refusing to accept the goods

Product risks - risks of financial loss due to producing a poor quality product - include the need to compensate dissatisfied customers, loss of future sales because of customer unhappiness and the costs of improving quality control procedures Fraud risks - the risks of loss through the fraudulent activities of employees, managers or outsiders Fraud risks are often increased through poor corporate governance procedures allowing staff to commit fraud because mechanisms to challenge their behaviour are ineffective Fraud risks include - questionable management integrity, incompetent management, serious financial reporting pressures, poorly designed systems, unusual transactions and problems in obtaining audit evidence Organisational risks - risks that managers of employees will behave in ways that are detrimental to the organisation for example failing to adapt to change Reputation risk - risk of a loss of reputation resulting of the adverse consequences of another risk. Reputation risk is not only affected by the chance that other risks will materialise but also the reaction of important stakeholders. If stakeholders arent worried reputation risk will be low but if stakeholders are concerned and respond to a loss of reputation by ceasing to do business with the organisation the consequences could be serious 12. COSO Risk Identification 1st stage of reviewing risk Many techniques can be used to identify risk including - Brainstorming sessions, Swot analysis, physical inspection, utilising past experience, statistical analysis, interviews and meetings Aim to identify events or conditions that result in risk Risk identification should be a continuous process Risk identification procedures need to be able to identify the following types of events: External events such as economic changes, political developments or technological advances that affect the business Internal events such as problems with products,faulty equipment or human error Business should be also aware of leading event indicators (conditions that could give rise to problems) for example customers owing money for a long time Escalation triggers - events businesses must watch for as they will need immediate action Once risks have been identified business may develop their analysis and seek to identify trends and causes of risks. This may help to deal the risks in the best way. May also be able to identify links between risks and risks that could materialise Businesses need to be aware of both positive and negative risks As risk identification is a costly processes business may focus their attention on unacceptable risks 13. COSO - Risk assessment (a review of all the risks facing an organisation) If risks are underestimated risk management procedures may be inadequate If risks are overestimated the costs of dealing with them may be excessive

How frequently organisation assess risk will depend on the amount of environmental change and turbulence that they face Risks will have to be assessed frequently if sudden changes in risks could be significant particularly if the ways those risks are managed will have to change 1st stage of risk assessment - analyse the risk in terms of the nature of the risk, what its implication might be and make an initial judgement of the seriousness of the risk Some risks may need to be quantified 2nd stage of risk assessment - risk mapping - the process of evaluating risks in order to manage them effectively- The organisation should create a risk profile Many risks will have to be subjectively assessed since the consequences of the risks materialising and the financial implications cannot be predicted confidently Final stage of risk assessment - consolidate the risks over the whole organisation, categorising them into groups, highlighting related risks and keeping major risks under review Turnbull recommends that the board: Regularly receive and review reports on risk management and internal control Boards will focus on strategic risks and the high likelihood of risks Stakeholders attitude may influence how seriously risk are viewed, Different stakeholders will have different attitudes to risks 14. COSO - Risk Responses Risk responses will depend on the consequences and the likelihood and the consequences of risks materialising There are 4 main types of response 1. Acceptance 2. Transfer 3. Reduction 4. Avoidance Risk acceptance - Low likelihood, Low consequences An organisation is likely to accept risks that are unlikely to materialise and the possible consequences if they do arise will be small All organisations face risk partly because no risk management system will be able to identify all risks an organisation could possibly face Another reason to accept risk may be the costs of taking the risk may outweigh the benefits of reducing or avoiding the risks Risk transfer - Low likelihood, High consequences An organisation is likely to transfer the risks that are unlikely to materialise but will have serious consequences if they do for example one off catostrophes Methods of transferring risk include using insurance and transferring responsibilities of operations to other parties for example carriers of goods

Risks can also be shared (joint venture) Risk Reduction - High likelihood, Low consequences An organisation will likely reduce risks that are likely to materialise but have small consequences if they do Risk reduction involves attempting to reduce the chances of an adverse event happening and attempting to minimising the consequences if the risks do materialise Risk reduction methods include risk diversification and contingency methods if there is a breakdown in operations Risk Avoidance - High likelihood, High consequences An organisation is likely to avoid risks that are likely to materialise and have serious consequences if they do An extreme case with be to cease business operations if the risk of loss is too high and the costs of taking action to combat the risk are too great Organisations should give regular disclosures about risks to ensure investor confidence 15. COSO - 6th Stage - Control Activities SPAMSOAP Segregation of duties Physical controls (a lock on a door) Authorisation Management Supervision Organisation Arithmetic and accounting Personell Prevent, Detect and Correct controls Prevent controls - Prevent mistakes (check invoices against delivery records before paying the invoices) Detect controls - Detect error (inventory checks) Correct controls - Minimise the effect of problems (regular computer backup) Pyramid controls Corporate controls - general policy statement and board comittees Management controls - performance monitoring and accountability structure Business process controls - Authorisation limits and reconcilliations Transaction controls - Accuracy and completeness checks Financial controls - designed to ensure proper accounting records are kept and financial information is reliable Non-Financial controls - Quantitative and qualitative controls Quantitative controls include performance indicators such as the Balanced scorecard Qualitative controls include strategic plans and organisational structure and policies 16. COSO - 7th Stage - Information and Communication

Effective communication about the risks the organisation faces is important if risks are to be managed effectively Directors need information about risks the organisation faces particularly risks to the strategic objectives of the organisation Directors will obtain information about risks from regular reports from subordinates and control functions such as internal audit Staff should be able to report serious concerns to directors and directors may make their own contact with staff Having obtained the relevant information directors should consider and compare the information They should take the necessary actions and give feedback to those who need to know Directors should also regularly consider whether they are receiving sufficient information and whether communication channels need to be approved Accurate Information should be: Accurate Complete Cost beneficial User targeted Relevant Authoritative Timely Easy to use Communication needs to be two way Turnbull - Staff need to be aware of policies in Customer relations Service levels Health and safety Environment Asset security Business continuity Permissible expenditure Accounting and finance Directors should use a variety of communication methods including Guidance from the CEO Risk manuals Staff involvement in policy development Workshops and training

17. COSO - 8th Stage - Monitoring - Internal audit

Monitoring means the regular assessment of the design and operation of control systems in order to ensure they continue to operate effectively Internal audit can include: Review of accounting systems and controls Examination of financial or operating information Review of systems for risk identification and management Review of compliance with corporate policies, laws or regulations Value for money analysis Checking whether assets are safeguarded Review of whether the organisations objectives are being implemented Special investigations such as suspected fraud Review of risk management may be Internal audits most important role The work Internal audit does will depend on the risks the organisation faces and the organisations appetite for risk Internal audit will either take out their own assessments or rely on the assessments management have made Internal audit departments key attribute is its independence. Internal audit department should be granted special status to set them apart from other departments and should be unbiased in the way they treat other departments. There shouldn't be any no go areas for audit departments and they should not be intimidated by aggressive managers They shouldnt be auditing any departments that they have worked in - No self review Should report directly to board of directors or audit committee Benefits of internal audit Produce reports more efficiently and show compliance with regulations Monitor accuracy of reports to board Liaise with external auditors Monitor effectiveness of control and advise management of improvements Carry out value for money audits and other audits on different departments/functions/operations Carry out risk assessment Internal auditors should be assessed on the following quality standards: Independence and scope of work Professional proficiency (using staff with relevant experience and complying with professional standards and due care) Audit performance - using structured approach to all audit assignments

Management - A well run internal audit department should have a mission statement, written policies, a quality assurance system and be coordinated with the external auditors The board or audit committee should conduct an annual review that looks at internal audits scope, independence, authority and resources Audit committee Required for all American listed companies (SOX) Should be staffed with all NEDs At least one member should have relevant recent financial experience Duties 1. Review of the financial statements focusing on key accounting policies and areas of judgement 2. Liaison with external auditors -should be responsible for recommending the appointment and removal of external auditors - should also address any concerns surrounding the independence of external auditors - Should discuss the scope of the audit with the external auditors and act as a liaison point for the external auditors and the internal auditors and finance director - the external auditors should be able to raise any matters of concern with the audit committee 3. Review of internal audit - annual review of internal audit department - should review what Internal audit has done throughout the year - Should consider if Internal audit plans are well directed and should review the results of internal audit work - The head of internal audit should have direct contact with audit committee and be able to raise any concerns with the audit committee 4. Review of internal control and risk management systems - Audit committee should consider adequacy of internal control and risk management systems - Review should consider whether control comply with laws and ethical requirements and how systems address the risk of fraud Advantages of an audit committee include: Improving the quality of financial reporting Creating a climate of discipline and control Providing an environment for NEDs to contribute an independent judgement Strengthen the position of both internal and external auditors by providing a greater degree of independence from management and providing a channel of communication for issues of concern
18. COSO - 8th Stage - Monitoring and Reporting

Monitoring means the regular assessment of the design and operation of control systems in order to ensure they continue to operate effectively involving ongoing monitoring of controls and separation evaluation work If weaknesses in control systems are identified they should be reported and assessed and action taken to deal with them Monitoring should be part of management's role to implement board policies on risk and control

The size and complexity of the organisation will be important influences on the amount of monitoring that takes place Effective monitoring requires a strong control environment and and emphasis from top management on the importance of internal control and the assignment of responsibilities of monitoring to the right staff Monitoring procedures may include: Internal audit testing Monitoring programs within IT systems Operational reports Reconcilliations Audit committee inquiries Turnbull report emphasises the need for the board to carry out regular reviews of risk and internal controls The review should concentrate on the main risks and the strategy for dealing with them considering whether actions are being taken to reduce the risks identified The review should also consider the effectiveness of the management and internal control systems They should help answer the question - should internal control systems be monitored more extensively? A review of internal control systems effectiveness should cover: The control environment Information systems Communication systems Monitoring procedures These issues should be considered at every board meeting Turnbull - The board should carry out a deeper wide ranging annual review of controls This review should look at how things have changed throughout the year covering changes in the risk that the organisation faces and changes in the organisations ability to respond to risks This review should cover Internal audit (assuming the company has an internal audit department) If it does have an internal audit department they should consider what its scope should be The annual review should cover the scope and quality of management monitoring a key issue will be how effectively directors can monitor given the extent and frequency of the reports to the board The board will need to consider the key accounting controls and any failings or weaknesses that may impact the accounts

Board will need to be forward thinking about risks As part of corporate governance reports boards should report on how they have managed risks They should state that a process exists and they have reviewed its effectiveness They should identify whether the process complies with corporate governance guidance in the Turnbull report Directors should state their responsibilities for the internal control system and state that they are responsible for reviewing its effectiveness The report should make clear the internal control manages but not eliminates risks and it provides reasonable but not absolute assurance against loss The report should summarise the review the directors have carried out and state how the directors have dealt with any problems they have found The report should also give details in weaknesses that have resulted in material losses 19. Personal ethics There is a temptation for businesses to act unethically in order to maximise profits Ethical behaviour should be a fundamental aspect of a companies mission Society places a lot if trust in professionals such as accountants so if they are to maintain that level of trust or respect accountants should behave ethically 3 major ethical positions 1st position There are no absolute ethical standards that will apply in all circumstances - non cognitivist states we cannot acquire knowledge of objective ethical standards Moral relativist - objective standards do not exist Ethics vary in different times and in different cultures The relative approach highlights the importance of culture and how our senses shapes our ethical views However it can lead to a philosophy that anything goes and neglect possibility that the concepts of truth and objectivity have some value The 2nd position is the cognitivist ethical position - objective universal principles do exist and people can identify them Deontological approach (Kant) Acting ethically should be an end in itself not a means The outcome of the act is irrelevant to whether its ethical or not Acts can be judged in advance by 3 criteria: 1. We should act as if what we do will establish universal ethical rules 2. We should regard those rules as binding

3. We should respect other humans as autonomous beings and we should see others solely as means to achieving our own ends An absolutist viewpoint implies what is regarded as ethical by society cannot ever change for the better Can acts be considered ethical if we know they will have undesirable consequences? 3rd Ethical position Teleological ethics - we must consider the outcomes of what we do How do we judge what is the best ethical outcome? Utilitarian ethics - What is the greatest good for the greatest number of people Criticism - could lead to a large majority achieves great happiness at the expense of creating great misery for a small minority Pluralism - the best outcome is consensus - Ethics are a social phenomenon Egoism - If everyone seeks individual self interest the operation of the free market means that this will produce the best outcome for society Even if ethics are regarded as absolute an individual's ethical decision making is influenced by a variety of factors Models of these ethical decision making divide these factors into 2 categories 1. Individual factors - the characteristics of the individual making the decision 2. Situational factors - the features within the context the decision is made Important individual factors include beliefs (such as the importance of the individual versus the collective good and how the exercise of power is accepted in society The education and employment experience will also be important factors Psychological factors will also be influential The locus of control (How much influence individuals believe they have over their own lives) individuals will be more inclined to take up strong ethical positions of their own if they believe they can make a significant difference Individuals may also be influence by how much awareness they have of the moral consequences of their own acts Kohlberg ethical decision making stages of moral development Pre Conventional stage - make decisions depending on the benefits and punishments they will receive by making a decision Conventional stage - Will act on the basis of what is expected of them by those they know or society in general Post Conventional stage - Will make ethical decisions on what they believe to be right Situational factors that influence individuals (Jones)

Individuals use various criteria related to the situation to to decide how ethically significant a decision is They will look at the decision in the following order 1st The magnitude of the consequences 2nd How society views the problem 3rd The probability of the harms or benefits that could result from the decision actually 4th when the consequences of the decision are likely to occur 5th The proximity to the decision maker of those who will bear the consequences of the decision 6th How much those affected by the decision will suffer Ethical decisions may also be influenced by the nation or culture in which they are made The organisational culture may be very important - This includes the values and beliefs of those that work in the organisation, what they naturally assume and what is regarded as acceptable conduct within the organisation A key aspect of culture is how ethical issues are perceived in an organisation The stress placed on fairness and honesty and how much managers see issues in ethical terms will be very significant Other organisational influences include: The reward system Whether managers set a good example The structure of the organisation In a very bureaucratic structure rules will override an individual's viewpoint and ethics is likely to be seen in terms of following procedures The roles individuals have at work may influence their decisions Individuals may have different ethical decisions depending on if they are in work or not Step by step approach for questions on Ethics 1. Identify the key facts 2. Identify the ethical issues and related norms principles and values 3. Consider alternative actions and their consequences 4. Recommend an appropriate course of action 5. Justify your decision in practical business terms and ethical terms American accounting association model stages 1. What are the facts of the case? 2. What are the ethical issues in the case? 3. What are the norms principles and values related to the case? (This may include the required professional codes of conduct or the societys expectations) 4. What are the alternative courses of action? 5. What is the best course of action that is consistent with the norms principles and values identified in stage 3?

6. What are the consequence of each course of action? 7. What is the decision? (This should be based on analysis of stages 1-6) Tuckers model 1. Is the decision profitable? 2. Is the decision legal? 3. Is the decision fair? 4. Is the decision right? 5. Is the decision sustainable? 20.Professional ethics and the Public interest Accountants have to comply with the corporate code of conduct established by their employer as well as their professional codes of conduct. Corporate codes set out an organisations expectations of how its employees should behave They are formal documents that focus on regulating the behaviour of employees. They are likely to be founded on ethical principles and state the various commitments the organisation is making to Fair competition, the Environment and the Community. They are likely to include guidance on the treatment of customers and suppliers The code needs to have clear backing from Senior managers Staff need to understand the importance of the code and be committed to it The organisation needs to introduce various measures to support the code These include An ethics training programme Channels for whistleblowing and Ethics audit Insuring that reward schemes do not encourage unethical behaviour is important Staff need to understand that ethical behaviour is in their and their organiations best interest Problems with codes Codes may be seen as inflexible and unclear sets of rules that are not relevant to the ethical situations that managers and employees encounter Accountants must also comply with their own professional codes. Accountants codes stress the importance of acting in the public interest and then set out the fundamental principles on which they are based. They then provide a conceptual framework that requires the accountant to identify and deal with threats to compliance they then mention that accountants should apply safeguards to eliminate the threats or reduce them to an acceptable level Fundamental principles of accountants ACCA code of Ethics (principles Based) Integrity - should be straightforward and honest in all business and personal dealings

Objectivity - should not allow bias, conflicts of interest or undue influence of others to override professional judgement Professional competence and due care- duty to maintain professional knowledge and skill at a level to ensure a client or employer receives a competent professional service. Members should act diligently and in accordance with applicable technical and professional standards when providing providing professional services Confidentiality - Should respect information acquired by as a result of business or professional relationships and shall not disclose this to third parties without authority or unless required by law or professional duty. confidential information should not be used for personal advantage of members or third parties
Voluntary disclosure may be applicable in the following situations: necessary to protect the member's interests, for example to enable him to sue for fees or defend an action for, say, negligence. compelled by process of law, for example where in an action a member is required to give evidence of discovery of documents. public duty to disclose, say where an offence has been committed which is contrary to the public interest. Disclosure is to non-governmental bodies which have statutory powers to compel disclosure the

profession Professional behaviour - Should comply with relevant laws and regulations and should avoid any action that would discredit Advantages of basing codes on principles Emphasises the need for accountants to actively consider ethical issues The aim is to go beyond a legalistic approach that reduces ethics to compliance with narrowly drawn rules However principles based codes can be supported with specific guidance - for instance prohibition on clearly unethical behaviour and examples of difficult situations A principles based approach allows greater flexibility in different situations and can respond to changes in circumstances Disadvantages of basing codes on principles They cannot provide examples of all ethical dilemmas They require a good understanding of the principles They can be difficult to enforce legally

The auditor must be and be seen to be independant. They detail specific threats to independence which are: Threats to independence

Self interest - personal, audit firm or family has direct financial or indirect material interest in client Mitigate threat Dispose of interest or remove from audit Or using an independent partner to review the audit work - Auditors should also have quality control processes that require staff to declare any financial interests held by themselves or their immediate family No acceptance of gifts unless trivial. If client is a public entity and for two consecutive years companies fees account for 15% of audits total fees must disclose to board, arrange for independent accountant/regulator to do a pre or post issuance review. Pre issuance is better If not public entity must discuss with audit committee, take steps to reduce dependence on client, obtain internal/external quality reviews Self review - Provision of other services in addition to audit to client and reviewing your own work Mitigate threat safeguards use separate team - if public interest company an auditor must not prepare financial reports and audit the reports. Can provide tax services although cant provide calculations of current or deferred tax for the financial accounts that will be then audited by the same firm except in exceptional circumstances. Must not assume management responsibilities when providing tax info or when providing an internal audit function. Cannot be advocate in tax dispute if amounts are material. When providing internal audit function for public interest firms cannot provide: Services that relate to a significant part of internal controls Financial Accounting Systems that generate significant financial information of financial statements being audited Material amounts or disclosures Can provide IT legal or litigation support services Advocacy - Auditor promotes a position or opinion to the point that subsequent objectivity is compromised Commenting publicly on future events or acting as an advocate on behalf of a client during a dispute with third party Familiarity - Member become too sympathetic to the interests of others which can result in a significant loss of professional scepticism can occur because of family links or long association with client Mitigate threat Rotation of key audit partners after no more than 7 years Intimidation - Close business relationship or family relationship or threats of legal action by the client against the auditor the threat of loss of business and bad publicity may make the auditors feel pressured into producing a favourable audit report Mitigate threat Disclose to audit committee

Get additional audit work done Resign from audit Registration, eligibility and training of auditor is regulated by ACCA, CIMA etc These organizations have stringent entrance requirements, strict codes of ethics and conduct and requirements of continuing professional development How does an accountant weigh up his responsibilities to his employer with his responsibilities to other stakeholders? The public interest is the collective well being of the community the accountant serves Professionalism means complying with laws and regulations and avoidance of actions that may bring discredit to the accounting profession However some critics believe accountants dont act in the public interest because the work that they do has helped make decisions that impact on society (for example helping businesses decide to close operations down and assisting governments in deciding on the tax regime. Critics claim accounting standards are too flexible, auditing standards are too weak and ethical standards wrongly emphasis confidentiality over the public interest. They also criticise the assumptions that lie behind sets of accounts and that the accounts emphasis profit and not labour 21. Corporate and Social responsibility stances Corporate citizenship shapes an organisations basic values and the decisions made by its directors and managers Key concepts are Minimising harm, maximising benefit and being responsible and accountable to stakeholders How far corporate citizenship extends is debatable - for example should organisations be actively promoting civil and political rights. Possible ethical positions (Johnson and Scholes) Short-term Shareholder position - emphasis on maximising shareholder wealth in the near future - Business ethics will be confined to obeying laws and regulations Long-term Shareholder position - Goes beyond strict obeying of rules and regulations and acknowledges wider ethical responsibilities - However this stance is taken on pragmatic grounds - being seen to act ethically is seen a being better for the organisations reputation and is preventing stricter regulation being imposed on it Multiple stakeholder position - This focuses on building relationships with a variety of stakeholders - However the organisation will have to consider which stakeholders have legitimate interests that it should pursue

Shaper of society position - Organisations should be primarily accountable for how they contribute towards building a better society (most relevant for public sector organisation and charities) Gray, Owens and Adams Social responsibility stances Pristine capitalist - similar to short term shareholder position (Johnson scholes) - It emphasis property rights, that companies exist to make profits and achieve economic efficiency Expedient position - similar to long term shareholder position (Johnson scholes) - For pragmatic reasons business should acknowledge that there activities may have undesirable consequences and they should accept limited moral and social responsibilities Social contract proponents - Emphasize that businesses must deliver to the stakeholders who provide the business with power - this includes society in general thus businesses must adhere to societys norms Socialists - Socialists claim that the economic framework of society should promote equality. The requirements of capitalist businesses should not be given priority Radical feminists - state that a fundamental readjustment of society is needed away from masculine values such as competition to more feminine values such as cooperation and reflection Social ecologists - believe there needs to be modification of economic processes that result in resource exhaustion waste and pollution Deep ecologists - stress that human rights to existence should not exceed other species rights. economic imperatives should not be pursued if they threaten the survival of other species

22. Social and environmental issues Businesses deplete natural resources by taking the raw materials they need for manufacturing The noise operations make, the visual impacts of factories, drilling and so on all spoil the local environment. The disruption businesses cause can be considerable through for example the increased traffic they generate, the emissions businesses generate and waste disposal activities can also have adverse impacts not just on the wellbeing of the local community but in terms of their contribution to climate change. Interaction with the environment can also generate significant costs for businesses including waste management costs, rectification of adverse impacts, costs of obtaining permits to carry out activities and costs of complying with legislation. Environmental impacts can also lead to contingent liabilities such as adverse impacts on employees or the need to pay compensation if problems arise

Reputation risk is also important- increasingly customers are aware of environmental impacts and they require businesses to do more with them - If businesses get the reputation as poor corporate citizens they could be faced with consumer boycotts Businesses position on the environment is a key part of an organisations ethical strategy Environmental impact is often discussed in terms of sustainability Sustainability means ensuring economic development meets the needs of the present without compromising the future ability to meet its own needs Sustainability for business means a business should only use resources at a rate that can be replenished and that emissions of waste dont exceed the environments ability to absorb them Supporters of strong sustainability claim that a fundamental change is need in societys perceptions - Society needs to consider whether it should continue to pursue economic growth Society should be aiming to live in harmony with the natural world Sustainability should mean sustainability of all species Supporters of weak sustainability argue that the focus needs to be on preventing catastrophe and sustaining humanity -resource usage needs to be regulated but it should be possible to do this in the current system Other issues are the level of population that should be sustained Sustainability may just be related to the natural world or it may be extended to discussing maintenance of humanities social and economic needs Other questions are what to do about raw materials that may only be available for a finite period and whether the aim should be to preserve the current environment or invest in replacing aspects of it

Business must also consider how they report their environmental impacts The Global Reporting initiative (GRI) aims to develop sustainability reporting The guidelines that have been published suggest organisations need to report on their overall strategy and management systems. They ought to also use a series of performance indicators such as: Direct impact on stakeholders Environmental impacts including use of natural resources and emissions Labour and employment practices including training, health and safety and diversity Human rights including policies on discrimination or use of low paid labour Society including community contributions and political activities Products including policies connected with customer rights, advertising and privacy

Full cost accounting allows the incorporation of all costs and benefits into the accounting equation including environmental and social externalities - This should assist decision making particularly in assessing different investment options knowing the extent of your businesses environmental footprint can help to reduce it however information gathering may be difficult and it may be hard to assess all the financial implications of all environmental impacts on the business Businesses need to make Environmental Management Systems (EMS) part of their overall control systems and they will be most effective if built into strong control systems and shouldnt be regarded as a separate add on to other systems European Unions Eco-Management and audit scheme is a rigorous model that emphasizes continuous improvement in environmental performance To obtain registration under this scheme organisations not only have to have policies and systems in place they will also have to undergo environmental audits The results of these audits must form the basis for setting new environmental objectives and revising environmental policies to achieve those objectives Organisations must also make a detailed public statement thats validated by external verifiers The ISO14000 model places greater emphasis on management systems and internal audit The disclosures it requires are less rigorous than the EU Eco management and audit scheme Even if it does not adopt an external model an organisation should have appropriate monitoring and risk management systems in place. It should be monitoring Emerging environmental issues, Likely changes in legislation and Evolving attitudes of stakeholders Risk assessment should include environmental impact assessment Waste minimisation and pollution prevention should be a part of risk management A business may have social or environmental audits carried out on it activities Social audits can concentrate on particular decisions for example whether to rationalise operations or the impact of employment practices on the local community More general social audits can assess whether social responsibility are set out clearly as part of their mission where the mission feeds through as part of objectives and evaluating whether the organisations activities are consistent with that mission Environmental audit assess how the organisation is safeguarding the environment Environmental audits may be SWOT surveys or concentrate on particular products or projects Environmental audits are necessary for products that are to be eco labelled indicating that they meet the highest environmental standards A general environmental audit is likely to examine board review, management systems, performance targets, extent of recent improvements, and reporting

Auditors will consider the adequacy of environmental policy and test whether the organisation has followed it