Financial Reporting and Accounting Newsletter - June 2015

By Kylee Byrne - June 29, 2015

In this month’s newsletter, we focus on corporate governance principle 7 - recognise and manage risk. It is essential that listed public companies ensure that a risk management framework is in place in accordance with the 3rd edition of the ASX’s Corporate Governance Principles and Recommendations. This newsletter provides some practical tips to directors and boards to assess the company’s compliance with corporate governance principle 7.

Third Edition of the ASX Corporate Governance Principles and Recommendations

Listed public companies with a 30 June 2015 reporting date will be expected to measure their governance practices against the recommendations in the third edition of the ASX Corporate Governance Principles and Recommendations. The Corporate Governance Principles and Recommendations are structured around, and seek to promote:

  • 8 central principles; 
  • 29 specific recommendations intended to give effect to the general principles; and
  • explanatory commentary in relation to both the principles and the recommendations. 

‘If Not, Why Not’ Disclosures

Listed public companies should disclose if it has not followed a recommendation of the third edition of the ASX’ Corporate Governance Principles and Recommendations for any part of the reporting period. The specific disclosure requirements are as follows:

  • the recommendation which has not been followed;
  • the period during which the recommendation was not followed;
  • the reasons for not following the recommendation; and 
  • what (if any) alternative governance practices it adopted in lieu of the recommendation during that period. 

Corporate Governance Principle 7 - Recognise and Manage Risk

Corporate governance principle 7 - recognise and manage risk - stipulates that a listed public company should establish a sound risk management framework and periodically review the effectiveness of that framework. Corporate governance principle 7 is further supported by 4 recommendations to recognise and manage risk. The following tables lists the relevant recommendations and provides some practical tips to directors and boards to assess the company’s compliance with these recommendations:


Practical Tip

Recommendation 7.1 requires that the board should have a committee or committees to oversee risk, each of which:

  • has at least three members, a majority of whom are independent directors; and
  • is chaired by an independent director.

Recommendation 7.1 also requires that organisations disclose:

  • the charter of the committee;
  • the members of the committee; and
  • as at the end of each reporting period, the number of times the committee met throughout the period and the individual attendances of the members at those meetings.


  • Do you have a dedicated committee who specifically focus on the uncertainty confronting your organisation?
  • Is it properly structured for your organisation?
  • Does the Charter for any committee with a responsibility for risk address all the requirements of the corporate governance principles?

Recommendation 7.2 states that the board or a committee of the board should:

  • review the entity’s risk management framework at least annually to satisfy itself that it continues to be sound; and
  • disclose, in relation to each reporting period, whether such a review has taken place.


  • Do you have a Risk Management Policy articulating your organisations position with respect to the uncertainty facing your organisation?
  • Have you defined and articulated your risk appetite and risk tolerance levels?
  • Does your Risk Management Plan clearly set out your approved appetite and tolerance levels to provide guidance to management in terms of how much risk they can pursue?

Recommendation 7.3 states that a listed entity should disclose:

  • if it has an internal audit function, how the function is structured and what role it performs; or
  • if it does not have an internal audit function, that fact and the processes it employs for evaluating and continually improving the effectiveness of its risk management and internal control processes.
  • Do you have an internal audit function?
  • If not, do you have alternate mechanisms in place to evaluate and continually improve the effectiveness of your risk management and internal control processes?
  • Do you understand that internal audit can be a value adding activity, not just a control activity?

Recommendation 7.4 stipulates that a listed entity should disclose whether it has any material exposure to economic, environmental and social sustainability risks and, if it does, how it manages or intends to manage those risks.

  • Do you understand what your key risks are?
  • Have key sustainability risks been identified and are strategies and controls in place to manage those risks?
  • Do you have a Risk Management Plan that articulates a consistent, holistic approach to risk management?

Other articles


Top of Page

 Back to News


Rob Southwell

Rob Southwell's picture


Managing Partner and Partner – Private Clients Group

> View profile

John Brazzale

John Brazzale's picture


Partner and National Chairman

> View profile

Michael Minter

Michael Minter's picture


Managing Partner

> View profile

Bryan Hughes

Bryan Hughes's picture



> View profile

Tom Verco

Tom Verco's picture


Managing Principal - Private Clients

> View profile

Ross Walker

Ross Walker's picture


> View profile

Partnership fraud


Paperwork and independent advice saves partnerships from fraud

Discover more

Kia Ora Horse Stud


Pitcher Partners fills a Financial Manager gap to keep the business on track

Discover more

Fuel Injection Company Administration


A fuel injection company began life as an Australian public company before being acquired by a UK publicly listed company while in the research and development stage of a “green...

Discover more

@PitcherPartner CPN PERTH | Our Critical Point Network presented our Budget Briefing in Bunbury yesterday, covering Tax, SMSF, Ille…