Date of Publication


Document Type

Master's Thesis

Degree Name

Master of Science in Accountancy

Subject Categories



Ramon V. Del Rosario College of Business



Defense Panel Chair

Tereso S. Tullao, Jr.

Defense Panel Member

Cesar C. Rufino Wilfredo A. Baltazar


The Committee of Sponsoring Organizations of the National Commission on Fraudulent Financial Reporting in the U.S. issued in 1992 a comprehensive document, Internal Control: Integrated Framework, which has become the authority on internal controls worldwide. The COSO Report, as it is commonly called, identifies five interrelated components of internal control that should be integrated within the management process: control environment, risk assessment, control activities, information and communication and monitoring. Risk management and monitoring are new components, while the other three had always been part of the former, rather fragmented definitions of internal control, although monitoring is just a new generic name for the daily supervision of employees by managers and supervisors, internal audit and external or independent audits. Thus, risk assessment is the entirely and truly new component--which is the main focus of this study. Using the descriptive research design and purposive sampling, this study looks into the risk assessment process of the University of San Carlos, a 408-year-old non-stock, non-profit catholic institution in Cebu City. Since risk assessment cannot be done without predetermined objectives, the study also inquires into USC's objective-setting process, before proceeding to determine the relevant objectives and critical risks, as perceived by the survey respondents coming from a cross section of university administrators, rank-and-file employees and the faculty. Primary data were gathered through two sets of survey questionnaires, with 5-point Likert scales: one set for the Board of Trustees, to determine the objective-setting and risk-assessment processes at their level, while the other set was for the rest of the target survey respondents - to get their views about the same processes from their standpoint, and their perceptions as to which university-wide objectives were relevant and which risks were critical to their attainment. Survey results indicated that USC has a well-sequenced objective-setting process, participated in by the BOT, top administrators and representatives of the rest of the employees. The university, however, does not have any formal risk-assessment process. There were both similarities and disparities noted in the perceptions on the relevance of certain objectives and criticality of certain risks among and between the survey respondents. Some limited association was shown between the perceived relevant objectives and perceived critical risks but was not consistently manifested. Confusion in perceiving events or circumstances as either objectives or risks and impression in describing them were likewise demonstrated.

Abstract Format



Title from title screen.





Accession Number


Shelf Location

Archives, The Learning Commons, 12F Henry Sy Sr. Hall


Financial institutions--Risk management; Financial risk management; Risk management

Upload Full Text