Module 1 - Unit 5: Risk assessment 2: risk analysis and evaluation Flashcards Preview

International Certificate In Risk Management (IRM) > Module 1 - Unit 5: Risk assessment 2: risk analysis and evaluation > Flashcards

Flashcards in Module 1 - Unit 5: Risk assessment 2: risk analysis and evaluation Deck (8)
Loading flashcards...

Define risk analysis

The process to comprehend the nature of risk and to determine the level of risk


List four reasons why organisations do risk analysis

1. Prioritise risks for treatment
2. Achieve consistency about the perception of significance across the org
3. Inform decisions on how resources are allocated
4. Inform decisions about whether to proceed with a new strategy, project or investment


Distinguish the meanings of the following terms:

Risk probability
Risk frequency


Likelihood expressed numerically between 0 and 1 (or 0% and 100%) to measure probability


Frequency measurement calculated using available data from previous occurrences and a defined timeframe.


Which is the best formula for calculating the severity of a risk?

A) inherent impact x residual likelihood
B) frequency x probability
C) outcome x probability
D) appetite - residual risk

C) outcome (impact) x probability


Distinguish the meaning of the following terms:

A) consequence
B) magnitude
C) impact

A) Consequence: effect on the Strategic, Tactical, Operational and Compliance (STOC) core processes

B) Magnitude: size or severity of the event when it materialises, inherent risk

C) Impact: effect on the finances, infrastructure, reputation and marketplace (FIRM) when a risk materialises


Outline the importance of risk appetite as a planning tool in the implementation of a RM initiative

Board agreed trigger point at which the org responds to a risk or risk exposure rather than tolerating it.


Describe the relationship between risk appetite, exposure and capacity

Appetite: total value of the corporate resources that the board is willing to put at risk

Exposure: cumulative total of the individual values at risk associated with the risks faced by the org

Capacity: the capability of an org to take risk


Provide the IRM's definition of the 'universe of risk'

The full range of risks which could impact, either positively or negatively on the ability of the organisation to achieve its long term objectives.