9.1 Evaluating and reporting risk

Question 1

Organisations face a wide range of risks. The purpose of risk i__________ is to determine the nature of these risks, in particular the specific t_____ of risk event that may occur.

Answer 1

identification

types

Question 2

Various risk identification approaches exist, including expert j___________, f_____ groups, surverys and more analytical tools like the D______ technique.

Answer 2

judgement
focus
Delphi

Question 3

E________ risks are significant new risks or risks that were known about previously, but which were not considered significant. An organisation can identify emerging risks using tools like P___ and S___ analysis.

Answer 3

Emerging
PEST
SWOT

Question 4

Qualitiative risk assessment involved a significant degree of j_______. The dominant qualitative technique is to estimate the p__________ and i______ of a rusk using an ordinal scale.

Answer 4

judgement
probability
impact

Question 5

Quantitative assessment is concerned with applying a standard of m________ to probability and impact. This enables a more precise and o_________ analysis of risk. Quantitative assessment requires large amounts of historical d___ to work effectively and may not be effective when data is an unreliable p__________ of the future.

Answer 5

measurement
objective
data
predictor

Question 6

Most organisations have risk r_______. These may be spreadsheets or database applications and are used to store information on the risks that have been identified and assessed. Organisations may use risk and control self-assessments to collect information on the e__________ of their controls.

Answer 6

registers

effectiveness

Question 7

Risk r_________ is an important element of risk management. Effective risk reporting exists to support d_________-making.

Answer 7

reporting

decision

Question 8

A wide range of risk reporting t______ are available including RAG reports, h____ maps, risk and control indicator reports and risk event and near m___ reports

Answer 8

tools
heat
miss

Question 9

Report design if important. Reports must meet r________ requirements and the needs of their intended audience. Reports must be produced with an appropraite level of f__________.

Answer 9

regulatory

frequency