9.6 Risk reporting

Question 1

Effective risk reporting exists to support d________ m______ in an organisation.

Answer 1

decision making

Question 2

What is RAG reporting?

Answer 2

Reporting on a scale of Red Amber and Green to indicate risk exposure.

Question 3

List 5 risk reporting tools.

Answer 3

Heat maps
Loss and near miss databases
Risk control and performance indicators
Risk dashboards and balanced scorecards
Narrative reporting

Question 4

What is a heat map?

Answer 4

A diagram showing risks on a colour scale (often RAG ratings)

Question 5

What types of indicators may be reported to boards and senior management?

Answer 5

Indicators showing exposure to one or more risks.

Control indicators showing effectiveness of controls.

Question 6

Give 3 examples of common risk indicators.

Answer 6

Staff turnover
IT firewall breaches
Credit scores of suppliers
etc.

Question 7

Give 3 examples of common control indicators.

Answer 7

Frequency of electrical testing
Unresolved audit indicators
Number of policy breaches.

Question 8

What is a risk dashboard?

Answer 8

A method of reporting various risk and control indicators, heat maps, and other reporting into a single spread.

Question 9

What is a balanced scorecard?

Answer 9

A method of reporting that focusses on multiple sources of value/risk (rather than just financial measures)

Question 10

What are the four most common rsk factors for balanced scorecards?

Answer 10

Financial performance
Operationl efficiency
Human resources
Compliance

Question 11

What is narrative reporting (in the context of risk)?

Answer 11

Use of words to explain how risk exposure is changing.

Question 12

What are Ashby’s 4 key considerations when designing and implementing risk reports?

Answer 12

1 Audience and its requirements
2 Size of the report and level of detail
3 Degree of statistical complexity
4 Reporting frequency