Chapter 25: Risk governance

Question 1

What is an important input in the risk management process ?

Answer 1

Risk appetite/ risk tolerance level

Question 2

What is risk management

Answer 2

The process of ensuring that the risks that a entitiy is exposed to are the risks that it thinks it is exposed to and are the risks that it id prepared to be exposed to.

Question 3

3

The risk management process

Answer 3

C lassification into groups including allocation of ownership

F iancing - determining the likely cost of each risk, including the effectiveness of control options and availability of capital to cover retained risks
M nitoring - regular review and reassessment of risks together with an overall business review to identify new/previously omitted risks

M easurement of probability and severity
I dentification of risks that threaten a company’s assets and the possible controls
C ontrol - mitigation to reduce severity/probability/ financial and other consequences of loss

Question 4

Risk identification

Answer 4

C lassification into groups including allocation of ownership

F iancing - determining the likely cost of each risk, including the effectiveness of control options and availability of capital to cover retained risks
M nitoring - regular review and reassessment of risks together with an overall business review to identify new/previously omitted risks

M easurement of probability and severity
I dentification of risks that threaten a company’s assets and the possible controls
C ontrol - mitigation to reduce severity/probability/ financial and other consequences of loss

Question 5

Risk classification

Answer 5

C lassification into groups including allocation of ownership

F iancing - determining the likely cost of each risk, including the effectiveness of control options and availability of capital to cover retained risks
M nitoring - regular review and reassessment of risks together with an overall business review to identify new/previously omitted risks

M easurement of probability and severity
I dentification of risks that threaten a company’s assets and the possible controls
C ontrol - mitigation to reduce severity/probability/ financial and other consequences of loss

Question 6

Risk measurement

Answer 6

C lassification into groups including allocation of ownership

F iancing - determining the likely cost of each risk, including the effectiveness of control options and availability of capital to cover retained risks
M nitoring - regular review and reassessment of risks together with an overall business review to identify new/previously omitted risks

M easurement of probability and severity
I dentification of risks that threaten a company’s assets and the possible controls
C ontrol - mitigation to reduce severity/probability/ financial and other consequences of loss

Question 7

Risk control

Answer 7

C lassification into groups including allocation of ownership

F iancing - determining the likely cost of each risk, including the effectiveness of control options and availability of capital to cover retained risks
M nitoring - regular review and reassessment of risks together with an overall business review to identify new/previously omitted risks

M easurement of probability and severity
I dentification of risks that threaten a company’s assets and the possible controls
C ontrol - mitigation to reduce severity/probability/ financial and other consequences of loss

Question 8

Risk financing

Answer 8

C lassification into groups including allocation of ownership

F iancing - determining the likely cost of each risk, including the effectiveness of control options and availability of capital to cover retained risks
M nitoring - regular review and reassessment of risks together with an overall business review to identify new/previously omitted risks

M easurement of probability and severity
I dentification of risks that threaten a company’s assets and the possible controls
C ontrol - mitigation to reduce severity/probability/ financial and other consequences of loss

Question 9

Risk monitoring

Answer 9

C lassification into groups including allocation of ownership

F iancing - determining the likely cost of each risk, including the effectiveness of control options and availability of capital to cover retained risks
M nitoring - regular review and reassessment of risks together with an overall business review to identify new/previously omitted risks

M easurement of probability and severity
I dentification of risks that threaten a company’s assets and the possible controls
C ontrol - mitigation to reduce severity/probability/ financial and other consequences of loss

Question 10

What that risk classification help with

Answer 10

Calculation of cost of risk and value of diversification.

Question 11

Benefits of risk management

Answer 11

S takeholders - confidence that business is weoll managed
I mprove: stability and quality, growth and return (risk opportunities + better mngmnt & allocation of capital)
R eact quickly to emerging risks
I dentify aggeregate risk exposures and interdependencies

A void surprises
I ntergrare risk into business processes and strategic decision making processes

Question 12

Benefits of risk management

Answer 12

S takeholders - confidence that business is weoll managed
I mprove: stability and quality, growth and return (risk opportunities + better mngmnt & allocation of capital)
R eact quickly to emerging risks
I dentify aggeregate risk exposures and interdependencies

A void surprises
I ntergrare risk into business processes and strategic decision making process

D etermine cost-effective means of risk transfer
I dentify opportunities rising from natural synergies
E arlier detection of risk

P rice products
J ob security

Question 13

What do providers need to balance in setting the risk management strategy

Answer 13

Return, growth and consistency

Question 14

What should a good risk management process do ?

Answer 14

R isks - incorporate all risks, both financial and non-financial

E xploit hedges and portfolio effects among the risks + exploit the financial and operational efficiences with the strategies.

C onstraints - consider all relevant constraints , including political social, regulatory and competitive.

S trategies - evaluate all strategies for managing risks, both financial and non-financial

Question 15

What can be the source of complexities in large enterprises?

Answer 15

B usiness units which are separate companies making up the holding company.

C ountries of operations differing
A ctivities done by the company
L ocation
M arkets in which the company operates.

Question 16

two approaches to risk management

Answer 16

Silo approach – each to their own which makes little allowance for diversification.
Enterprise risk management which makes allowance for diversification and minimisation of risk which is required by regulatory framework.

Question 17

Advantages of enterprise risk management over silo approach

Answer 17

Can take advantage of pooling and diversification; better oversight; transparency; company culture w.r.t. risk, etc.

Question 18

Three lines of defence in risk management

Answer 18

First line of defence – line management and staff in the business units
Second line of defence – the CRO, risk management team and compliance team
Third line of defence – the board and the audit function

Question 19

what are the functions of a chief risk officer in an organisation?

Answer 19

• responsible for allocating the risk budget to business units after allowing for diversification
• And for monitoring the group exposure to risks
• And documenting the risks that have materialised and affected the group.

Question 20

What are the key elements of enterprise risk management ?

These assist the line managers with ERM

Answer 20

I ncentives
T axonomy (common)
E ngagement and buy-in from entire business
M onitoring and reporting (up and down)
Clear, transparent, easy to understand and interactive risk dashboards
with drill-down functionality and up-to-date information
S tandard risk processes; well-communicated and documented

Question 21

role of an audit subcommittee/risk managment committee

Answer 21

• Overseeing and challenging management’s treatment of key risks.
• Setting risk policy
• Gathering relevant information on risks

Question 22

what are the different relationships between line managers and the central risk function?

Answer 22

Offence vs defence
* Business units focus on maximising sales, revenue, etc. whereas Risk function aims to minimise losses
* Can result in conflicts and mistrust

Policy vs policing
* Business units operate within rules and policies (enforced by audit and compliance functions).
* Problems include this being reactive rather than proactive, and policies becoming out-of-date, infrequent audits, misunderstandings, and/or reduced incentives to report issues of RM

Partnership
* Risk function integrated in business units – client-consultant type relationship
* Suffers from lack of independence and oversight.
* Engagement and co-operation and mutual respect for the purpose and scope of engagement

Question 23

what are some factors to consider when setting a risk management framework?

Answer 23

A utonomy of business units
R isk management framework(s) currently in place
C osts vs benefits; scope of RM function duties, etc.
S ize of organisation/business units
I ncorporating RM into business processes – Product design, pricing, marketing, monitoring and reward
N ature of the business
S cope of risks faced