Management develops approaches for observing changes in the external market and assessing the potential impact on the entity's operations and financial reporting. This may include reviewing the following:

Last year, Clear Blue Auto Manufacturing became aware of a hurricane approaching one of its off-shore operations that had the potential to cause significant supply disruptions. In response, the company immediately established an internal working team to assess the risks of such a disruption to its manufacturing capabilities, and the risks of its own affected facilities to its overall manufacturing footprint. All significant suppliers were contacted and asked to assess the impact the hurricane might have on their production abilities. A detailed list of parts that might be delayed in production and shipping was created, and then alternative suppliers were identified. Where no alternative suppliers could be found, management identified a prioritization list of which manufacturing location should receive the limited number of parts as they became available.

During this process, the accounting and finance departments of Clear Blue Auto determined how plant shutdowns would affect the financial statements. This included potential penalties contained within various sales contracts, possible obsolescence of parts required for a particular model year being phased out, and greater impacts from extended delays in supply of parts. They also evaluated what insurance coverage was available to mitigate potential losses. These teams were also responsible for identifying incremental risks from required system and process changes when working with the company's suppliers.

The potential impact of this hurricane was updated and communicated to the company's board of directors later that day.

Following a decision to pursue a new business strategy or significantly change the current strategy, management conducts a detailed risk assessment to consider how the changes might impact the achievement of all objectives set across the entity.

Geoffrey McPherson was recently appointed the CEO of Garner's Heating, a manufacturer of heating and air conditioning components. One of his first tasks in his new position was to establish a 100-day plan to assess the overall business and determine where changes were required. To initiate the process, Mr. McPherson called a meeting with the leaders of all key functional areas to talk about risk.

Over the next 100 days, Mr. McPherson will be holding individual meetings with each functional team to discuss their current objectives, how those objectives might be changed, and how those changes would impact the assessment of risks to reliable financial reporting. He expects that some at Garner's Heating will be surprised with his proposed changes to policies, which have been largely unchanged for several years. This includes the company's CFO, Ruth Koziak, who is responsible for analyzing the change in strategy and the implications to financial reporting.

At the end of the 100 days, Mr. McPherson intends to reconvene the larger group to discuss how the company should change, and the incremental risks (including financial reporting) that may come with the change. It will then be up to Ms. Koziak and the chief audit executive to consider the implications of the company's new vision and the effects it will have on the external financial reporting objectives.

Consecutive Corp., a multi-billion-dollar technology equipment manufacturer that has historically focused on sales in the United States, has decided to expand internationally with both sales and manufacturing. As part of the expansion plans, Consecutive has assessed several factors:

Each of these factors presents incremental risks to financial reporting and processes that need to be managed. Therefore, Consecutive's corporate controller is performing a risk assessment with the finance teams in the international locations to ensure these new risks are identified and to help management determine how best to respond.

Industrial products giant Wilson & Zachary recently acquired another multi-billion-dollar company. During the due diligence process, the company performed a risk assessment on the new business and updated its own risk assessment considering the following items:

A project team has been formed for the transition to ensure that all risks are appropriately identified across all business units and functional areas. Any identified risks are passed on for assessment to senior management, including the company's chief operating officer and chief financial officer.

As part of the overall succession process, management reviews planned changes in management and leadership positions and the attitudes and values portrayed by the incumbents to those positions through interviews with personnel within the entity.

The board of Turnball Insurance annually reviews the transition plans for key executive leadership in the company. As part of this review, the board discusses with the chief audit executive the perceived attitudes and values of those individuals who have been identified as successors. Such considerations may include focusing on attaining profit expectations versus maintaining effective control, including any concerns about the potential management override of controls.

If the transition for a particular position is expected to occur within the next two years, representatives of the audit committee interview the candidates to ensure that their views on internal control are consistent with those expected by the audit committee.

The board considers that feedback attained when making any decisions within the scope of its responsibility. The audit committee communicates its findings to the CEO and other members of senior management, who ultimately will make a decision on successors.

The desired qualities relating to attitudes towards risk, risk tolerance, and internal controls are compiled as part of a comprehensive leadership profile to identify the "ideal" future CEO. This leadership profile is used to evaluate the potential candidates considered for the position. As part of recruiting for the CEO and other executive team members, the audit committee asks candidates to articulate its views on the importance of internal control and how it would balance the need for effective control with other pressures for performance and cost considerations. When assessing the internal candidates, the audit committee also considers the candidates’ track record on maintaining control and effectively managing the pressure to perform.

As part of the recent interview process for a new CEO, the board of directors of Mills and Associates, an industrial products company, asked all candidates their perspectives on risk, risk tolerance, and internal control, including current areas of emphasis.

The successful candidate, Jenny Acosta, has a strong background and focus on cost management and streamlining operations. However she agrees with the audit committee that this streamlining could result in fewer processes and controls, especially those viewed to be labor intensive, and that such changes could erode the quality of reporting and increase certain financial reporting risks.

With this in mind, the audit committee has begun to request quarterly updates of controls that have been removed by management and the potential impact on financial reporting. In addition, this information is incorporated by the internal audit group into its internal audit planning process.