1. Introduction to Enterprise Risk Management Flashcards
Define risk appetite
Describes the target level of risk under normal circumstances
Define risk tolerance
Sets the upper and lower limits of the risk corridor
Define risk capacity
Maximum amount of risk the firm can support
Define risk governance
Risk governance refers to the way that the Board an management of an organization work together to manage risk
Define risk profile
Snapshot of risk exposure at a moment in time
Define quantitative risk management
Mathematical methods used in ERM
What are the 5 main ways to manage pure risk?
(Once you are exposed to a risk, what can you do?)
- Transfer
- Mitigate the likelyhood
- Mitigate the severity
- Avoid
- Retain by informed decision
How can quantitative risk management be useful?
- By modelling extreme events
- By aggregating risks and understanding dependence
- By calculating risk measures (VaR and ES) to follow regulations
- etc.
What are the three lines of defense?
- Risk owner: owners of the risk, managers at the front line
- Oversight: specialist responsible for risk management across the firm
- Audit: independant committee that reports to the board
What does SWOT stand for?
Strengths, weaknesses, opportunities, and threats
What are a few events that could create an environmental risk?
Pandemics, extreme weather events and other natural hazards, and climate change
What are legal areas that could affect ERM?
- Consumer protection
- Intellectual property rights
- Antitrust
- Laws relating to corporate liability
- Employement laws
What are social factors that affect ERM?
- Culture
- Lifestyle
- Demographic trends
- Use of technology
- Education levels
- Provision of health services
What are economic factors that affect ERM?
- Capital markets
- Availability and cost of capital
- Volatility of local and global markets
- Macroeconomic factors (GDP, inflation, unemployement, etc.)
What are political issues that could create risk for an enterprise?
- Government policy
- Public sentiment
- Civil unrest
- Tax policies
- Trade restrictions
In risk analysis and risk evaluation, what does PESTLE stand for?
Political
Economic
Social
Technical
Legal
Environmental
What is a risk map and what is it used for?
The risk map is a qualitative assessment in diagram form of the likelyhood of a risk event occurring and the potential severity of loss if the event does occur.
What are typical metrics used in a risk appetite statement?
- Share price
- Earnings volatility
- Excess capital over regulatory minimum requirements
- Credit rating
- Credit risk
- Customer satisfaction
- Reputation
What are the 4 stages of the ERM Process (cycle)?
- Risk appetite and risk tolerance
- Risk identification
- Risk analysis and evaluation
- Risk treatment
How can ERM help generate revenues?
By understanding and exploiting risks that can offer an acceptable risk-return trade-off and by treating the allocation of the firm’s risk budget
How can ERM be both top-down AND bottom-up in an enterprise?
Although the risk appetite and risk culture are communicated from the top down, the identification of key organizations risks will usually involve a combination of top-down and bottom-up analysis.
Define Enterprise Risk Management
Enterprise risk management is a process effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity and manage risk to be within its risk appetite.
What is operationnal risk management?
ORM is concerned with ensuring that the day-to-day operations of a firm run smoothly
What is project risk management?
PRM is the analysis and management of risks inherent in implementing business projects
