Unit 2

Question 1

ISO 31000 Principles (8)

Answer 1

What good risk management looks like? value creation and Protection, 10 principles:
1. Integrated
2.Structured and Comprehensive
3. Customised
4. Inclusive
5.Dynamic
6. Best Available info
7. Human and culture factors
8. Continual improvement

Question 2

Orange Book explores
- what does it describe?
5 main principles of Risk Management
- Process: 4 subprocesses

Answer 2

It describes only the what and why, not the how (procedures)
Principles:
1.Governance and Leadership
2.Integration
3.Collaboration and Best Information
4.Risk Management Processes
5.Continual Improvement.
Process supported by info and insight as input, output:
- RI and RA
- Risk treatment
- Risk monitoring
-Risk reporting
Output: Coms and consultation

Question 3

Orange Book: 2020 Principles (5)

Answer 3

A) Governance and Leadership
B) Integration
C) Collaboration and Best Information
D) Risk Management Processes
E) Continual Improvement.

Question 4

Agency Theory

Answer 4

The concept used to explain the important relationships between principals and their relative agent. In the most basic sense, the principal is someone who heavily relies on an agent to execute specific financial decisions and transactions that can result in fluctuating outcomes

Question 5

risk appetite

Answer 5

the acceptable level for the risk, where no further action is required other than monitoring and reviewing for changes in the context, risk and controls

Question 6

risk tolerance

Answer 6

– the level of risk that you can accept for a short period of time, and which you will be actively managing to bring to an acceptable level

Question 7

risk capacity

Answer 7

– the level of risk that is unacceptable. This is the tipping point that the organisation cannot or does not wish to go over