Assessing and managing risk Flashcards
(25 cards)
Risk
Fundamental risks
Particular risks
Speculative Risks
Pure risks
Embedding risk
Ensuring that the approach to managing risk is considered at all times and in all roles by making it a part of the culture and values of an organisation.
Risk management process
Risk committee
Risk manager
A role that supports the board by taking the lead on risk and developing policy and practice on managing risks
Risk appetite
Risk attitude
Risk averse
Risk seeker
Risk capacity
Identifying risks
Risk factors
Can impact the successful implementation of strategy or the achievement of a firms objectives.
Strategic Risk
The risk that arises from long term decisions
Operational risk
The risk that arises from the normal day to day activity of a company
Categories of risk
Climate Risk
Risk register
Shows the risk levels before and after action, who is responsible and the actions taken.
Assess risks - techniques
Statistical - value at risk, regression analysis and simulation.
Sensitivity analysis, accounting ratios and expected values.
Epected Value of loss =
Probability of loss X impact or size of potential loss.
P = probability
X = Value of the outcome (profit or cost)
Risk maps
Show risks in a visual way by plotting them on a chart according to their impact and likelyhood.
The solid line represents the risk tolerance boundary and reflects the companies risk appetite. This allows the company to prioritise its treatment of different risks.
Subjectivity
One problem with risk assessment is subjectivity. Like assessing the risk of getting a head when flipping a coin can be assessed objectivly but estimating the risk of an accident is heavily influenced by subjectivity.
TARA
the model referred to when considering responses to risks.
Means of matching a suitable strategy to a given risk.
Gross risks, response and residual risk
Gross risks without any mitigation - risk response (safety wear eg) = residual risk (acceptable)
Assurance mapping
A mechanism for linking assurances from various sources to the risks that threaten the achievement of an organisations outcomes and objectives.
Four lines of defence is one of the most recognised.
Four lines of defence
Enables an organisation to take a holistic view of it’s entire risk management process and identify how different sources of assurance can help to manage and control risk.
Works on the assumption that all risks that crop up in the first. line of defence will sooner or later turn into financial risks if they are not dealt with
By building in more controls into the first and second lines of defence, problems can be detected and resolved sooner, thus improving effectiveness of controls.
First line owns the controls necessary. Second line is a. manegement oversight. third line is unrelate dto management as it would effect objectivity. Reports to the. board. Fourth line can add important assurances relating to the first 3 lines of defence within an organisation.
ALARP
As low as reasonably practical. Balancing cost and benefit. Risk is always present and a business will fail to deliver to shareholders if the cost of reducing risk is too great. There. may even be instances when risk is high due to the nature of operations such as providing fire or rescue services.
Diversification of risks
Spreading risks - portfolio
Correllated risks
Related risks
Diversification
