Risk Management and Compliance Analysis in Accounting Practice: A Case Study of VetStarz ACC4035

Introduction

Being entrusted with the responsibility of a Chartered Accountant and management accountant at VetStarz, the following report is prepared for the upcoming Board meeting. This report will concentrate upon the pivotal risk indicators (KRIs) as well as controls for each risk category in VetStarzs risk appetite statement (RAS). The study also discerned the alignment between risk appetite levels and risk attitudes. The proof-of-concept for PetSuccess software in terms of compliance and potential faults are also reviewed simultaneously (Rupeika-Apoga & Thalassinos 2020).

1. Key Risk Indicators and Controls

(a) Identification and Justification of KRIs

Environmental, Social, and Governance (ESG)

1. Percentage of pet product suppliers who operate outside of Australia and New Zealand

o Justification: This KRI is instrumental as sourcing from international suppliers increases the risk of modern slavery and poor environmental practices, which VetStarz aims to avert integrally.

2. Likelihood of procurement staff practicing bribery or corruption, as determined by the investigations made by a hired external organization

o Justification: Monitoring bribery and corruption within the procurement process is essential to maintain ethical standards and avoid legal repercussions.

Operational

1.Number of staff injuries in a given period of time

o Justification: High staff injury rates inevitably posits inadequate internal processes along with the exigency for better risk management to affirm the safety and efficacy of operations.

2. Number of customer complaints

o Justification: Customer complaints furnish direct feedback on operational issues that necessitates to be addressed to maintain service quality.

Investment, Capital, and Liquidity

1. Market fluctuation (e.g., interest rate increases) variations from benchmarks

o Justification: Meticulously ascertaining market fluctuations aids to discern the ramification on the investment portfolio. This affirms financial stability.

2. Investment activities that are measured to be outside of set limits

o Justification: The reason being that investment activities should be affirmed to stay within set limits is crucial to maintaining a conservative financial strategy. This satiates financial obligations.

Work, Health, and Safety (WHS)

1. Likelihood of workplace injury, as determined by inspections of personal protective equipment for damage

o Justification: Regular inspections of PPE aid to prevent workplace injuries. This affirms a safe working ambiances.

2.Rate of staff encountering instances of bribery, as determined through interviewing and investigating all staff

o Justification: Addressing bribery and corruption within the workplace necessarily advocates a safe and ethical work culture.

(b) Controls for Each Risk Category

Environmental, Social, and Governance (ESG)

• Control: A rigorous supplier vetting process needs to be inculcated that also entails audits of environmental practices and compliance with anti-slavery laws.

Operational

• Control: A comprehensive staff training program on safety protocols and customer service can be set forth to lessen operational risks. This augments service quality.

Investment, Capital, and Liquidity

• Control: Conservative investment strategy with regular portfolio reviews to ensure alignment with market conditions and financial goals.

Work, Health, and Safety (WHS)

• Control: Regularly schedule and document inspections of PPE and conduct mandatory training sessions on workplace safety for all staff.

2. Risk Appetite and Attitude Alignment

(a) Realignment Recommendations

Environmental, Social, and Governance (ESG)

• Recommendation: Align the risk appetite level with a strict "Low" tolerance, reinforcing the zero-tolerance policy for ethical breaches (Crofts, 2020).

Operational

• Recommendation: It is necessary to maintain the "Low" risk appetite.

Investment, Capital, and Liquidity

• Recommendation: Adjust the risk appetite to "Low" from "Moderate".

Work, Health, and Safety (WHS)

• Recommendation: Maintain the "Moderate" risk appetite.

(b) Justification for Recommendations

1. Environmental, Social, and Governance (ESG):

o Given VetStarz's zero-tolerance policy towards unethical practices, maintaining a low-risk appetite is apt.

2. Investment, Capital, and Liquidity:

o A lower risk appetite will inherently safeguard the firm from financial instability as well (Bradbury & Scott, 2021).

3. Work, Health, and Safety:

• A moderate risk appetite level is appropriate as it indicates that while some risk is acceptable, the company places high importance on staff safety and wellbeing.

4. Operational:

• It is prudent to keep a low risk appetite since it would affirm that operational risks are managed promptly.

3. Review of PetSuccess Software

(a) Privacy Compliance Issues

Australian Privacy Principles

1.Data Storage Location

o Issue: Storing customer data on hard drives in the lead developer's home does not comply with the Australian Privacy Principles (APPs) which require secure storage of personal information.

o Recommendation: A secure and centralized storage must be installed with appropriate encryption and access controls (Xiang & Birt, 2020).

2. Unexpected Data Sharing

o Issue: Displaying the location of other registered pets without user consent violates the APPs regarding the use and disclosure of personal information.

o Recommendation: Users are informed before their data is shared.

(b) Non-Privacy Faults

1. Two-Factor Authentication Bypass During Maintenance

o Fault: Skipping two-factor authentication (2FA) during maintenance poses a significant security risk.

o Recommendation: Augment a secure maintenance protocol that does not compromise 2FA.

2. Insufficient Data Backup and Recovery Measures

o Fault: Relying on hard drives without robust backup and recovery solutions risks data loss.

o Recommendation: A comprehensive backup strategy with regular off-site backups and a disaster recovery plan is imperative.

(c) Recommendations for Addressing Risks

1. Two-Factor Authentication Bypass

o Recommendation: Work with PetSuccess to ameliorate a robust maintenance protocol that maintains 2FA security.

2. Insufficient Data Backup and Recovery Measures

o Recommendation: VetStarz should require PetSuccess to implement a cloud-based backup solution with automatic and a clear data recovery plan. This affirms data integrity as well as availability.

Conclusion

It can be concurred that the study successfully discerned risk indicators for VetStarz and justified it accordingly. In order to propose controls so that associated risks can be managed.

Are you struggling to keep up with the demands of your academic journey? Don't worry, we've got your back!
Exam Question Bank is your trusted partner in achieving academic excellence for all kind of technical and non-technical subjects. Our comprehensive range of academic services is designed to cater to students at every level. Whether you're a high school student, a college undergraduate, or pursuing advanced studies, we have the expertise and resources to support you.

To connect with expert and ask your query click here Exam Question Bank