Module 1: What is ERM?

Question 1

Define what is meant by (ordinary/traditional) risk management

Answer 1

Risk management is the process of:

• IDENTIFYING the risks faced by an organisation.
• ASSESSING how likely these risks are to materialise and what their impact could be.
• DECIDING how to deal with each risk (keep / remove / reduce / transfer).

Question 2

Objective of risk management

Answer 2

To optimise risk-adjusted returns.

i.e. to maximise returns for a given level of risk.

Question 3

Key elements that distinguish ERM from (ordinary/traditional) risk management

Answer 3

HOLISTIC APPROACH

• applying risk management techniques consistently across the whole business / enterprise
• led by the Board, co-coordinated through a Risk Management Function, let by a Chief Risk Officer, and incorporated into the day-to-day operations of all personnel.
• recognition that risks interact (concentration of risk and diversification / portfolio effects) and that risks are dynamic (ongoing approach needed)

VALUE CREATION

• integrating risk management and measurement into business processes and strategic decision making
• considering not only downside risks but also upside risks.

Question 4

Key problem with a silo approach

Answer 4

It misses the interactions and interdependencies between risks faced by different business units.

These interrelationships between risks may serve to reduce their impact (diversification), or may work to increase their effect (concentration).

Question 5

4 Responses to a risk

Answer 5

RETAIN

• the risk is small
• a type of risk that the company is well-placed, or in business, to deal with.
• other options to dealing with the risk are unfeasible / unpalatable.

REMOVE
e.g. cease production of a risky product line

REDUCE
Take action to reduce its potential impact or the frequency.

TRANSFER
By insuring the risk, or outsourcing the operation.

Question 6

Risk refers to

Answer 6

• the uncertainty over the range of possible outcomes

- the problems and opportunities that arise because outcomes are not as expected.

Question 7

Risk can be (3)

Answer 7

• upside or downside
• quantifiable or non-quantifiable
• in relation to past, current or future events

Question 8

Risk management process

Answer 8

The process of:

• identifying the risks faced by an organisation
• assessing how likely these risks are and what their impact could be
• deciding how to respond to each risk and taking appropriate action

Question 9

Key concepts of ERM

Answer 9

HOLISTIC APPROACH (rather than silo)

• – consider all risks, and both upside and downside risks
• – interactions between dynamic risks
• – consistency of treatment
• – central coordination

RISK MEASUREMENT
- quantifiable and non-quantifiable

RISK RESPONSES
retain / remove / reduce / transfer

Question 10

Lam definition of ERM

Answer 10

Risk is a variable that can cause deviation from an expected outcome.

ERM is a comprehensive and integrated framework for managing key risks
… in order to
- achieve business objectives,
- minimise unexpected earnings volatility and
- maximise firm value.

Question 11

ERM concepts:

The holistic approach

Answer 11

ERM involves considering the risks of the enterprise as a whole, rather than considering individual risks in isolation.

This allows

• the concentration of risk arising from a variety of sources within the enterprise to be appreciated, and
• for the diversifying effects of risks to be allowed for.