Module 2 - Unit 3: Risk Culture, Appetite & Tolerance Flashcards Preview

International Certificate In Risk Management (IRM) > Module 2 - Unit 3: Risk Culture, Appetite & Tolerance > Flashcards

Flashcards in Module 2 - Unit 3: Risk Culture, Appetite & Tolerance Deck (8)
Loading flashcards...
1

Define "risk culture"

Risk culture is a term describing the values, beliefs, knowledge and understanding about risk shared by a group of people with a common purpose, in particular the employees of an organisation or of teams or groups within an organisation.

2

Describe the difference between risk appetite and risk tolerance.

Risk appetite relates to the risks a business is willing or unwilling to take.
e.g. We will not tolerate high levels of staff turnover

Risk tolerance is the variance a business will allow around this appetite
e.g. We will tolerate staff turnover of up to 15%

3

How does IRM’s Risk Culture report indicate how a risk culture may be reinforced?

The report notes that risk culture may be reinforced in a virtuous cycle of positive actions and behaviours over time that match the organisation's desired risk culture.

4

What are the three attributes of management and staff that are central to risk culture management?

The three attributes are:

attitudes,
behaviour
competencies

5

How can senior management embed the risk culture messages most effectively?

Organisations that take on a proactive communication programme will more effectively embed the risk culture messages.

6

Describe two skills of a risk manager associated with implementing a risk management architecture.

The two skills can be selected from: technical analytical skills, influencing skills and presentation skills (oral and written).

7

Provide the definition of a 'significant risk'

A significant risk is a risk with the ability to impact above the established benchmark for that type of risk.

8

A risk aware culture is achieved by LILAC. What does LILAC stand for?

Leadership - must be strong across org
Involvement - all stakeholders in all stages of RM process
Learning - RM training and learning from events
Accountability - no automatic blame culture, accountability for actions
Communication - communication and openness on all risk management issues an lessons learnt