Risk

Question 1

What is the difference between Strategic Risks and Operational Risks?

Answer 1

Strategic - affect the long-term direction and prospects of the business

Operational - more immediate and day-to-day (IT failure, human error, fraud)

Question 2

What is Risk Appetite?

Answer 2

How much risk you are prepared to accept?

Question 3

What is the Risk Management Process (5 steps) ?

Answer 3

1. Identify Risks - continuously make list of potential risks

2. Clarify Organs Risk Appetite - Risk Averse (don't take as many risks, less returns)
Risk Seeking (take more riskier risks and maximises the company's returns) 

3. Analyse Risks - Prioritise according to threat/likelihood
4. Plan for Risk - Look at how the impact of these Risks can be minimised. (TARA)
5. Monitor Risk - Assess Risks continuously.

Question 4

What does the TARA model represent?

Answer 4

Transfer - High Impact/Low Prob (often transferred/shared)
Accept - Low Impact/Low Prob (accepted/tolerated)
Reduce - Low Impact/High Prob (typically reduced)
Avoid - High Impact/High Prob (take immediate action to reduce severity and frequency of losses)

Question 5

What does ALARP mean?

Answer 5

….as low as reasonably practicable.

Risks cannot be eliminated entirely, so each risk is managed so as to be as low as reasonably practicable because we can never say that a risk has zero value.

Question 6

What are related and correlated Risks?

Answer 6

These are Risks that vary because of the presence of another risk.

They DO NOT exist independently and they are likely to rise and fall in importance along with the related one.