All GH Specialty COPY Flashcards

1
Q

Possible reasons why DM studies show improved clinical outcomes but not cost savings

A
  1. The [M]easurement of financial outcomes is not stable enough, or measurement techniques are not sensitive enough, to detect positive financial outcomes
  2. Programs are either not [F]ocused on financial outcomes, or not structured to optimize financial outcomes
  3. Program sponsors do not understand the [E]conomics of DM programs and therefore do not optimize the programs for financial returns
  4. Improvements in quality of care do not always lead to [S]avings. Some improvements may actually increase costs, but still be worth the investment

FEMS

Duncan Ch. 8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Components of the Risk Management Economic Model

A
  1. [P]revalence of different chronic diseases
  2. the [C]ost of the chronic disease
  3. [P]ayer risk - the most savings for the plan will come when the plan is at financial risk for all of the patient’s costs
  4. [T]argeting and risk - members should be prioritized based on the probability of experiencing the targeted event. Those with the highest risk ranks will be selected for the program
  5. [E]stimated cost of the target event
  6. [C]ontact rate - the rate at which the company is able to make contact with targeted members
  7. [E]ngagement or enrollment rate
  8. Member [R]e-stratification rates - the initial risk of the member will be re-stratified after the nurse interacts with the member and assesses the member’s risk. Factors that affect whether the member should be re-stratified include the accuracy of the diagnosis, risk factors present, the ability of the DM program to intervene for the condition, the patient’s readiness to change, and the patient’s self-management skills

CREPT PEC

Duncan Ch. 8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Considerations when scenario and stress testing a capital adequacy assessment

A
  1. [T]ypes of tests would include:
    > Deterministic or stochastic
    > Combination of multiple events happening simultaneously or sequentially
    > Reverse-engineered tests that create an adverse capital event
  2. Level of [A]dversity tested: periods of normal volatility, plausible adverse conditions, and tail events
  3. Sensitivity testing to determine the applicability of the results of scenario and stress tests under changing [C]onditions

CAT

ASOP #55

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Calculation of risk charge for disability income

A

The risk charege is the sum of:
1. A factor multiplied by earned premium. The factors vary by coverage
Coverage Type $0-50 M $50 M +
Non-Canc. Ind 35% 15%
Other Ind 25.00% 7.00%
Group LT 15% 3.00%
Group ST 5.00% 3.00%
> In applying factors, both individual products are combined and both group products are combined, but the individual and group products are not combined with one another
> For each of individual and group, the largest factor is applied first
2. 5% of claim reserves

Skwire Ch. 39

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Risk identification tools

A
  1. SWOT analysis: identifies organization’s:
    > Strengths (e.g., market dominance, economies of scale, and effective leadership)
    > Weaknesses (e.g., high costs, lack of direction, and financial weaknesses)
    > Opportunities (e.g., innovation, additional demand, and cheap funding)
    > Threats (e.g., new competitors, price pressure, falling liquidity, and increased regulation)
  2. Risk checklists: lists that are used as a reference for identifying risks in a particular organization or situation
  3. Risk prompt lists: similar to checklists, but rather than seeking to pre-identify every risk, they simply identify categories of risk that should be considered
  4. Risk taxonomy: more detailed than a prompt list, containing a description and categorization of all risks that might be faced
  5. Risk trigger question: lists of situations or areas in an organization that can lead to risk
  6. Case studies: can suggest specific risks to consider, particularly if there are similarities to the organization in the case study
  7. Risk-focused process analysis: involves constructing flow charts for every process used by the organization and analyzing the points at which risks can occur

Sweeting Ch. 8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Required disclosures for communications subject to ASOP #46 on risk evaluations in ERM

A
  1. The results of the [E]Conomic capital model, their intended use, and any known limitations of the model
  2. The results of the [S]tress and scenario tests, their intended use, and any known limitations of these tests
  3. The methodologies and [S]ources of information for identifying and evaluating emerging risks
  4. Any material [C]hanges in the system, process, methodology, or assumptions from those previously used
  5. Significant [A]ssumptions used in the risk evaluation and interdependencies among risks and statistical distributions
  6. The [R]isks included in the risk evaluation and their relative significance, as well as known material risks not included and the rationale for not including them
  7. Whether and how the modeled future economic conditions have been reviewed and tested for [R]easonableness

SCARERS

ASOP #46

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Reasons that CO-OPs failed

A
  1. Some were unable to sign up a sifficient number of customers to enable them to cover their fixed costs
  2. For most CO-OPs, enrollment was relatively strong, but revenue was insufficient to offset higher-than-expected claims costs
  3. For CO-OPs with very high enrollment, they lacked the capacity to provide good service and they had cash flow problems. They had to rely on federal solvency loans to pay claims, but these loans were limited after Congress slashed program funding
  4. Payments from the ACA premium stabilization programs came much later than when costs were incurred. The payments for the 2014 plan year didn’t come until September 2015, which was too long to wait for one CO-OP that therefore went insolvent
  5. Lower than expected payments from the risk corridor program was the breaking point for one CO-OP

GHS-122-18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Description of the actuarially-adjusted historical control method

A
  1. Objective criteria are used to determine which members will be included in the baseline and intervention populations
    > This is an open group method, since the populations are not identical. A closed group (or cohort) method uses the exact same population in both periods
    > But the populations are comparable, and assumed to be equivalent, because the same selection criteria is used in each period
  2. Savings are not directly measured. They are derived as the difference between
    > An estimated statistic projected from the baseline period. The key component is the health care trend factor used for this projection.
    > The actual statistic from the measurement period
  3. Formulas for calculating savings:
    > Savings = [ChrUtilpy * (1 + tr) - ChrUtilact] * ChrMbrs * Cost/Svc
    > Trend rate comes form the health plan’s non-chronic population
    > Savings PMPM = savings / member months

Duncan Ch. 12

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Methodology used to develop the Arizona Medicaid risk adjustment model

A
  1. Model selected: Symmetry’s Episode Risk Groups (ERG) model
  2. Type of data used: diagnosis codes and procedural information from medical data and NDC codes from pharmacy data
  3. Data timing: three months of claim run-out was used
  4. Eligibility groups: risk adjustment was applied to prospective, non-reconciled risk groups
  5. Model calibration: the model was recalibrated by developing risk weights through a linear regression model based on Arizona Medicaid data, and then credibility weighting those rates with the model’s original risk weights
  6. Geographic issues: risk adjustment will take place at the geographical service area and risk group level
  7. Individual approach: risk scores calculated during the experience period will follow the individual during the rating period. This will accurately reflect movement of individuals between health plans
  8. Risk factors are updated once per year
  9. Risk factors for new members: members with at least six months of enrollment (“long” cohort) during the experience period will be given a claims-based risk factor. Other members (“short” cohort) will be given a risk factor that is the average of an age-gender factor and an adjusted plan factor
    > Adjusted plan factor = (average ERG risk score of long cohort / pure age-gender factor of long cohort) * pure age-gender factor of short cohort
  10. Phase-in: risk adjustment is being phased in such that only 80% of the 2009 rate is risk adjusted
  11. Risk factors for newborns: a different approach is needed because newborns have no prior year claims from which to develop condition-based risk scores. Claims of the prior cohort of newborns in the experience period are used to project newborn experience in the rating period

Duncan Ch. 13 (Risk)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Formulas for calculating final capitation rates for the Arizona Medicaid program

A
  1. Capitation rate to be risk adjusted = base capitation rate - bid risk contingency - bid admin cost - 2% premium tax
  2. Risk-adjusted capitation rate (before retention) = capitation rate to be risk adjusted * risk adjustment factor (relative risk score)
  3. Final risk-adjusted capitation rate - risk-adjusted capitation rate (before retention) + bid contingency + bid admin cost + 2% premium tax

Duncan Ch. 13 (Risk)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Broad areas in the risk-identification process

A
  1. Risk identification tools
  2. Risk identification techniques
  3. Assessment of the nature of the risks
    > Quantifiable risks can be modeled
    > Unquantifiable risks can often be analyzed by the groups that identify them
  4. Recording risks in a risk register: the register details all of the risks faced by the organization. It should be constantly updated to reflect the changing nature of risks and the evolving environment

Sweeting Ch. 8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Information to include for each entry in the risk register

A
  1. A unique identifier
  2. The category in which the risk falls
  3. The date of assessment for the risk
  4. A clear description of the risk
  5. Whether the risk is quantifiable
  6. Information on the likelihood of the risk
  7. Information on the severity of the risk
  8. The period of exposure to the risk
  9. The current status of the risk
  10. Details of the scenarios where the risk is likely to occur
  11. Details of other risks to which this risk is linked
  12. The risk response implemented
  13. The cost of the responses
  14. Details of residual risks
  15. The timetable and process for review of the risk
  16. The risk owner
  17. The entry author

Sweeting Ch. 8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Criteria for a beneficiary to be assigned to a participating ACO

A
  1. The beneficiary must have a record of Medicare [E]nrollment
  2. The beneficiary must have at least one month of [B]oth Part A and B enrollment, and cannot have any months of Part A or Part B only enrollment
  3. The beneficiary cannot have any months of Medicare [G]roup health plan enrollment
  4. The beneficiary must be assigned to only [O]ne Medicare shared savings initiative
  5. The beneficiary must live in the [U]S or US territories and possessions
  6. The beneficiary must have a [P]rimary care service with a physician at the ACO
  7. The beneficiary must receive the largest [S]hare of their primary care services from the participating ACO

BEG SOUP

Duncan Ch. 22 (Risk)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Actuarial standards for the use of data

A
  1. Data that is completely [A]ccurate, appropriate, and comprehensive is frequently not available, so the actuary should use available data that allows the actuary to perform the analysis
  2. [C]onsiderations in selecting data
  3. Review of data: the actuary should review the data for reasonableness, unless such a review is not necessary or practical
  4. The actuary should use [A]ppropriate data
  5. [R]eliance on data and other information supplied by others: the accuracy of this information is the responsibility of those who supply it. The actuary may rely on this information, but should disclose this reliance
  6. [C]onfidentiality: the actuary should handle data containing confidential information consistent with Precept 9 of the CoPC
  7. [L]imitation of the actuary’s responsibility: the actuary is not required to audit the data or determine whether the data supplied by others is intentionally misleading

CAR CARL

ASOP #23

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Considerations when reviewing or recommending a risk mitigation strategy

A
  1. Information relating to qualitative aspects of the organization, such as:
    > The resilience of the organization under duress
    > The operational capabilities of the organization
    > The potential risk to the organization’s reputation
  2. Information relating to the cost of, effectiveness of, and constraints upon risk mitigation activities. This includes various items such as:
    > The availability of risk mitigation instruments
    > The counterparty credit risk inherent in the risk mitigation instruments
    > The degree of confidence that the risk mitigation process can be maintained or repeated over time
    > The variability of outcomes after risk mitigation
    > Regulatory constraints on risk mitigation options

ASOP #47

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Calculation of risk factors

A

Risk factors are part of the formula for Claim Experience Fluctuation Risk charge
1. The factor is based on the type of coverage and the amount of annual underwriting revenue
2. For each coverage type, a weighted average of the following factors is calculated based on the amount of revenue in each tier
Coverage Type $0-3 M $3-25 M $25 M +
Comprehensive 15% 15% 9%
Med Supp 10.50% 6.70% 6.70%
Dental and Vision 12% 7.60% 7.60%
Medicare PD 25.10% 25.10% 15.10%
Other 13% 13% 13%

Skwire Ch. 39

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Common chronic diseases addressed by disease management programs

A
  1. Ischemic heart disease
  2. Heart failure
  3. Chronic obstructive pulmonary disease
  4. Asthma
  5. Diabetes

I CHAD

Duncan Ch. 8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Conditions that would exclude a member from a disease management program

A
  1. End-stage renal disease (ESRD): this condition is excluded because management of the condition may delay cost, but it cannot ultimately reduce or postpone those costs
  2. Transplants: claims are high up to a period shortly after the transplant, at which point the claims are reduced and stabilized
  3. HIV, AIDS, mental health: privacy issues make it difficult or impossible for a vendor to receive complete data feeds, or manage the member
  4. Members who are institutionalized: these members may not be reachable, or may not benefit from disease management interventions
  5. Members with catastrophic claims: these members are not manageable by the DM program, and are often subject to management by another program
  6. Members who are eligible for other management programs

Duncan Ch. 12

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How ERM differs from traditional risk management

A
  1. Traditional health care risk management examines risks individually
    > This approach maintains that risks are best managed within functional silos and that shareholder value is maximized through risk transfer
    > But this approach fails to appreciate relationships among risks. And it lacks the optimization of collective risk management through an enterprise approach
  2. ERM uses common metrics across risk domains to determine the effectiveness of risk management approaches. With an integrated enterprise-wide view of risk, the risk manager focuses on opportunities as well as risks

GHS-123-18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Risk adjustment approaches for updating benchmarks to the performance years for Medicare ACO

A
  1. For newly-assigned beneficiaries: the ACO’s CMS-HCC prospective risk scores are recalculated to adjust for changes in severity and case mix
  2. For continuously assigned beneficiaries: for each performance year, the risk ratio is calculated as the ratio of the HCC score for that year relative to benchmark year 3. An overall risk ratio is calculated as a weighted average of the ratios for the different Medicare enrollment types
    > When the risk ratio is greater than one, demo risk scores are used. This is done to negate some of the effect of diagnosis-driven increases in risk scores.
    > When the risk ratio is less than one, HCC ratios are applied

Duncan Ch. 22 (Risk)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Responsibilities of the CRO

A
  1. [I]dentifying and quantifying risks
  2. [M]anaging the ERM process
  3. [A]nalyzing risk strategically
  4. Facilitating the [A]ctivities of the risk management team
  5. Being a [L]iaison for the CEO, CFO, senior management, and middle management
  6. Developing organizational [P]&Ps
  7. Working on [C]oncept development and implementation
  8. [T]racking key risks
  9. Facilitating continuous risk [A]ssessment

CAT IMPALA

GHS-123-18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Considerations when developing, reviewing, or maintaining risk evaluation models

A

Whether models are fit for the purpose:

  1. The degree to which the models need to be reproducible and [A]daptable to new risks
  2. The [S]ophistication of the models in proportion to the materiality of the risks they cover
  3. The practical considerations for the models, including [U]sability, reliability, and cost efficiency
  4. The statistical and theoretical [L]imitations of the models
  5. The quality of the [D]ata underlying the models
  6. The appropriateness of the methodologies used for the model validation and [C]alibration
  7. The appropriateness of the methodologies used for modeling [D]ependencies among risks
  8. The appropriateness of the [C]ash flow and discounting methods used in the models

Whether the assumptions are appropriate:

  1. Whether the assumptions are [S]upportable and appropriately documented
  2. Whether the assumptions are regularly [R]evisited to determine their appropriateness
  3. Whether the assumptions regarding anticipated [M]anagement actions are supportable and appropriately documented

CUD SCALD
MRS

ASOP #46

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Financial measures for disease management programs

A
  1. Return on investment - this is the most common metric. DM programs typically use Gross ROI
    > Net ROI = (gross savings - cost)/cost
    > Gross ROI = gross savings/cost
    > Program costs generally include direct costs, indirect costs, management costs, overhead costs, and set-up costs
    > Gross savings come from decreased utilization as a result of the DM program or intervention
  2. Total savings - this metric may be more useful, since it represents the dollar savings for the plan
    > Average savings = Total Savings net of Program Cost / Total Population
    > Marginal savings per chronic member equals the increase in savings (net of costs) due to intervention on the marginal population, divided by the number of members in the marginal population

Duncan Ch. 8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Required documentation related to data quality

A
  1. The [S]ource of the data
  2. Any [L]imitations on the use of the actuarial work product due to uncertainty about data quality
  3. Whether the actuary [R]eviewed the data, and any limitations due to data that was not reviewed
  4. A summary of [U]nresolved concerns the actuary may have about questionable data values
  5. A summary of any significant steps the actuary has taken to [I]mprove the data
  6. A summary of significant judgmental [A]djustments or assumptions the actuary applied to the data or to the results
  7. The existence of results that are highly uncertain or potentially [B]iased due to the quality of the data
  8. The [E]xtent of the actuary’s reliance on data and other information supplied by others
  9. [D]isclosures in accordance with ASOP #41 if:
    > Any material assumption or method was prescribed by law
    > The actuary relies on other sources and thereby disclaims responsibility for any material assumption or method
    > The actuary has otherwise deviated materially from the guidance of this ASOP

ABSURD LIE

ASOP #23

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Domains of risk recognized by ERM

A
  1. [O]perational: risk related to the organization’s core business, including its systems and practices. Examples include clinical services and outpatient care
  2. [F]inancial: risks related to the organization’s ability to earn, raise, or access capital, as well as costs associated with its transfer of risk. Examples include bonds and insurance premiums
  3. [H]uman: risks related to recruiting, retaining, and managing the organization’s workforce. Examples include employee turnover and absenteeism
  4. [S]trategic: risks related to the ability of the organization to grow and expand. Examples include joint ventures and customer satisfaction
  5. Legal or [R]egulatory: risks related to health care statutory and regulatory compliance, licensure, and accreditation. Examples include HIPAA compliance and OSHA regulations
  6. [T]echnological: risk associated with biomedical and information technologies, equipment, devices, and telemedicine. Examples include clinical information systems and off-site monitoring of critical care units

FROTHS

GHS-123-18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Purposes of an internal economic capital model

A
  1. To determine how much [C]apital a firm should hold to protect it against adverse events
  2. To [P]rice new products and decide how to allocate capital across business lines
  3. To assess the amount of [E]conomic capital that should be held over time
  4. To assess the impact of changes in [I]nvestment strategy and capital structure
  5. To look at how an organization copes in the face of [E]xtreme events
  6. To help measure [P]erformance
  7. To carry out [D]ue diligence for corporate transactions
  8. To provide information on the financial state of the organization to a [R]egulator

DICE PREP

Sweeting Ch. 18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Key learnings from DM programs that ACOs should apply to be successful

A
  1. Any DM program needs to employ high-quality data [A]nalytics, as close to real time as possible
  2. Medical [R]ecords need to have the analytical sophistication and workflow capabilities to support the program. ACOs emphasize electronic medical or health records, but many of these are simply a repository of data and are not universally used by providers
  3. [S]ystems need to be aggregated before they can usefully support the ACO
  4. The importance of [E]conomics:
    > Changing patient behavior in a way that produces a measurable financial outcome is a long and difficult undertaking
    > Programs need to be focused on the patients who represent the greatest opportunity for cost reduction
  5. The importance of [P]lanning and understanding the opportunity: economically successful programs must be focused, e.g. they must identify what patients and what conditions will be managed

PARSE

Duncan Ch. 22 (Risk)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Calculation of risk charge for LTC

A

The risk charge is the sum of:

  1. For earned premium, 10% of the first $50M, 3% of the excess, and an additional 10% for non-cancelable premiums
  2. For incurred claims, one factor (usually 25%) for the first $35M, and another factor (usually 8%) for the excess
  3. 5% of claim reserves

Skwire Ch. 39

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Additional challenges faced by CO-OPs when they began operations

A
  1. To meet regulatory requirements on short deadlines, CO-OPs had to outsource critical functions such as claims adjudication, customer call centers, and provider networks
  2. CO-OPs had to decide whether to offer platinum-level coverage, which has lower cost sharing and therefore attracts consumers with significant health needs. Half of the CO-OPs studient offered these plans initially, but then later reversed this decision
  3. CO-OPs were at a pricing disadvantage since they did not have historical claims data with which to price. And many of them did not have experienced actuaries on staff
  4. CO-OPs may also be at a disadvantage in the risk adjustment program. To be successful with risk adjustment, an insurer must record every diagnosis of every member, but this is a challenge for CO-OPs who have not yet built the data capacity needed

GHS-122-18

30
Q

Calculation of average per capita expenditure for ACOs

A
  1. Expenditures are calculated for ACO-assigned beneficiaries separately for the following Medicare enrollment types:
    > ESRD
    > Disabled
    > Aged/dual
    > Aged/non-dual
  2. Expenditures are defined as total Med Part A and B FFS payments from any provider for SSP-eligible months
  3. Claims are assessed after three months of run-out. And a CF is applied by CMS
  4. Average per capita expenditure = SUM(claims^k * t^k)/SUM(t^k)
    > The k values represent the different beneficiaries, and t^k is the exposure period of the kth ben
    > This calc is done separately for each combo of Medicare enrollment type and benchmark and performance year

Duncan Ch. 22 (Risk)

31
Q

Steps for developing a risk map

A

This is a visual aid to depict the frequency of occurrence and possible severity of an organization’s risks

  1. [I]dentify the risks to be analyzed and their correlation to all other risks
  2. [D]evelop the threshold of acceptable exposure: this often varies based on the specific risk. And it relates to risk appetite
  3. [E]valuate the [s]everity of impact if a risk event occurred and identify what percentage of the organization would be impacted

IDEs

GHS-123-18

32
Q

Considerations when designing, developing, and reviewing an economic capital model

A
  1. The [A]ppropriateness of the selected time frame, basis of measuring loss, and risk metric underlying the organization’s definitions of economic capital
  2. The degree to which the model reflects the significant [R]isks of the organization and their interdependencies
  3. The appropriateness of the [M]ethod used to model each risk

RAM

ASOP #46

33
Q

Formulas for calculating an MCO’s risk score for the Arizona Medicaid program

A
  1. Average ERG risk score for long cohort
    > An unadjusted risk score is calculated as the sum over all risk factors and demographics of the risk weights multiplied by frequencies. The frequencies are the portion of the cohort with each risk factor or demographic
    > For the Transitional Aid to Needy Families (TANF) group, the final risk score equals the unadjusted risk score divided by a scaling factor
  2. Total average risk score = % of members in long cohort * average ERG risk score for long cohort + % of members in short cohort * risk factor for short cohort
    > Risk factor for short cohort + 50% * adjusted plan factor for short cohort + 50% * pure age-gender factor of short cohort
  3. The above formulas are calculated for the given MCO and for all MCOs in total. The MCO’s relative risk score = MCO total average risk score / average risk score for all MCOs
  4. Relative risk score with phase-in = 80% * relative risk score + 20% * 1.0000
  5. A budget neutrality adjustment may also be applied to get the final relative risk score

Duncan Ch. 13 (Risk)

34
Q

Considerations when performing services related to risk evaluation

A
  1. Information about the financial strength, risk profile, and risk environment of the organization. For example, the nature and complexity of the risks faced by the organization, and the degree to which the organization’s different risks interact with one another
  2. Information about the organization’s risk management system, including:
    > The risk tolerance of the org
    > The risk appetite of the org
    > The components of the org’s ERM control cycle
    > The knowledge and experience of management and the board of directors regarding risk assessment and risk management
    > The actual execution of the org’s ERM control cycle
  3. The relationship between the organization’s financial strength, risk profile, and risk environment and the organization’s risk management system
  4. The intended purpose and uses of the actuarial work product

ASOP #46

35
Q

Considerations in selecting data to use in an actuarial analysis

A
  1. The [S]cope of the assignment and the intended use of the analysis
  2. The desired data [E]lements and possible alternative data elements
  3. Whether the data is [A]ppropriate and sufficiently current
  4. Whether the data is internally [C]onsistent
  5. Whether the data is [R]easonable given relevant external information that is readily available
  6. The degree to which the data is [S]ufficient for the analysis
  7. Any known significant [L]imitations of the data
  8. The availability of [A]lternative data, and the benefit and practicality of obtaining this data
  9. [S]ampling methods that were used to collect the data

CRASS SEAL

ASOP #23

36
Q

Processes included in the ERM control cycle

A
  1. Risks are [I]dentified
  2. Risks are [E]valuated
  3. Risk appetites are [C]hosen
  4. Risk [L]imits are set
  5. Risks are [A]ccepted or avoided
  6. Risk [M]itigation activities are performed
  7. Actions are taken when risk limits are [B]reached

ICE BALM

ASOP #46

37
Q

Categories of appropriateness of data used in an actuarial analysis

A
  1. The data is of acceptable quality to perform the analysis
  2. The data requires enhancement before the analysis can be performed, and it is practical to obtain additional or corrected data
  3. Judgmental adjustments or assumptions can be applied to the data, or the analysis results, to allow the actuary to perform the analysis
  4. The data is likely to have significant defects
  5. The data is so inadequate that it cannot be used to satisfy the purpose of the assignment

ASOP #23

38
Q

Considerations for designing an economic capital model

A
  1. Must agree on what the model will be used for
  2. Must agree on what risks will be modeled
  3. Must decide which approach to use
    > Factor table: requires a certain amount of capital to be held for each unit of a particular activity
    > Deterministic approach: stress test that considers the amount a firm would lose under different scenarios
    > Stochastic approach: use a stochastic, parametric, or empirical model to produce a large number of simulated results
  4. Decide whether the model will be run on an enterprise-wide basis, or whether individual models will be run for each business line with the results being combined later
  5. Consider what output is required from the model

UR BOA

Sweeting Ch. 18

39
Q

Steps in the process for CMS to assign beneficiaries to an ACO

A
  1. Step 1 - the beneficiary is assigned to a participating ACO when:
    > The beneficiary has at least one primary care service furnished by a PCP, and
    > More primary care services are furnished by PCPs at the participating ACO than from the same types of providers at any other ACO
  2. Step 2: for a beneficiary who has not received any primary care services from a PCP, the beneficiary is assigned to the participating ACO if:
    > The beneficiary received at least one primary care service from a specialist physician utilized in assignment at the participating ACO, and
    > More primary care services are furnished by specialist physicians utilized in assignment at a participating ACO than from any other ACO

Duncan Ch. 22 (Risk)

40
Q

Risks and responsibilities in the ERM framework

A
  1. [C]hief risk officer (CRO) [separate list]
  2. [B]oard of directors: should provide oversight of ERM, regularly discussing organizational risks and risk responses with senior management
  3. [C]hief executive officer (CEO) or president: mold the corporate culture and make sure the ERM functions effectively, including:
    > Assess the organization’s ERM capabilities
    > Communicate the organization’s risk philosophy and risk tolerances
    > Communicate regularly with the CRO and CFO to track the implementation and success of the ERM model
    > Report on ERM to the board of directors
    > Continuously reevaluate risks facing the organization and modify strategy accordingly
  4. [C]hief financial officer (CFO)
    > Provide the analytical insight to determine the organization’s risk appetite
    > View the prioritized list of risks and determine what resources and financing options are available to address them
    > Communicate with the CRO as new risks become apparent
  5. Health care risk [M]anager: focus on daily operations, developing strategies in line with business goals and objectives
  6. Middle managers and [O]ther employees: manage risks within the entity’s approved risk tolerances

C3 MOB

GHS-123-18

41
Q

Recommended practices for actuarial communications

A
  1. Actuarial communications should meet the following [R]equirements:
    > The form and content of the communication must be appropriate for the given circumstance
    > The communication should be clear
    > Each communication should be issued within a reasonable time period
    > All actuaries responsible for the communication should be clearly identified
  2. The actuary should complete an actuarial report if the actuary intends the findings to be [R]elied upon by any intended user
  3. Some circumstances (such as regulations) may [C]onstrain the content of an actuarial report. In these cases, the actuary should follow the guidance of this standard to the extent reasonably possible
  4. The actuary should recognize the risk of unintended [U]sers misusing an actuarial document, and should take reasonable steps to ensure it is clear and presented fairly

CURR

ASOP #41

42
Q

Economic capital and risk optimization measures

A

Definition of economic capital: the additional value of funds needed to cover potential outgoings, falls in asset values, and rises in liabilities at some given risk tolerance over a specified time horizon

  1. Risk-adjusted return on capital (ra) = risk-adjusted return / economic capital. Is well suited for comparing different lines of business within a firm
  2. Economic income created (EIC) = (ra - rh) * EC, where rh is the hurdle rate of return and EC is the economic capital. Is the rate of return that each unit of a product sold must earn to cover the additional amount of risk it generates
  3. Shareholder value (SV) = EC * (ra - rg) /(rh - rg), where rg is the rate of growth of the cash flows. Represents the discounted present value of all future cash flows
  4. Shareholder value added (SVA) = EC * [(ra - rg) /(rh - rg) - 1] = SV - EC

Sweeting Ch. 18

43
Q

Regulatory action levels for health RBC ratios

A
  1. Company Action Level (ratio between 150% and 200%) - requires that a company submit a corrective action plan
  2. Regulatory Action Level (ratio between 100% and 150%) - allows the commissioner to examine the company and issue an order specifying corrective actions
  3. Authorized Control Level (ratio between 70% and 100%) - allows the commissioner to place the company under regulatory control if deemed to be in the best interest of policyholders and creditors
  4. Mandatory Control Level (ratio less than 70%) - requires the commissioner to take regulatory control of the company
    Due to a trend test, insurers who have an RBC ratio between 200% and 300% and a combined ratio greater than 105% could trigger a company action level event

CRAM

Skwire Ch. 39

44
Q

Formulas for the H2 (Underwriting Risk) component of Health RBC

A
  1. Underwriting Risk = Claim Experience Fluctuation Risk + Other UW Risk
  2. Claim Experience Fluctuation Risk is the sum of risk charges for five product groupings (comprehensive, Med Supp, dental and vision, Med PD, and other)
    > For each grouping, the risk charge = premium * ratio of incurred claims to premium * risk factor * managed care risk adjustment factor
  3. Other UW Risk includes:
    > Coverages not included in claim experience fluctuation risk, such as
    – Disability income
    – LTC
    – Miscellaneous coverage types, such as stop loss, hospital indemnity, and AD&D
    > Adjustments for rate guarantees and premium stabilization reserves

Skwire Ch. 39

45
Q

Options for allocating the benefits of diversification

A
  1. Allocating the full stand-alone capital requirement to each line and retaining the diversification benefit centrally
  2. Giving the full benefit of diversification to the new line of business that triggers the benefits
  3. Allocate the benefit in proportion to the stand-alone capital requirements by LOB
  4. Euler capital allocation principle: consider the marginal contribution of each additional unit of business to the overall capital required. For example: if the required economic capital is proportional to the SD of a loss, then allocate risk capital for a given line of business in proportion to the following ratio:
    > The cov. between the loss in that line and total loss
    > Divided by the SD for the total loss

Sweeting Ch. 18

46
Q

ASOP definition of enterprise risk management

A

ERM is the discipline by which an organization in any industry assesses, controls, exploits, finances, and monitors risks from all sources for the purpose of increasing the organization’s short- and long-term value to its stakeholders

ASOP #46

47
Q

Key processes for transitioning to ERM

A
  1. Setting management [O]bjectives: these should relate to organizational strategy, operations, reporting, and compliance
  2. Achieving [S]tructure and organization: the risk committee should be formed, responsibilities should be defined, and performance metrics should be established
  3. Employing [M]ethods, information, and reports: this includes the event identification process and the enhancement of risk response decisions
  4. Establishing the [I]nformation technology infrastructure to ensure prompt communication throughout the organization
  5. [R]ecognizing roles and responsibilities: determining who is responsible for responding to risks, mitigating risk, and carrying out the strategic plan
  6. [M]onitoring: this ongoing activity is undertaken at all levels of the organization to ensure early identification of risk

MM… SORI

GHS-123-18

48
Q

Goals of risk adjustment for the Arizona Medicaid program

A
  1. Align [P]ayment with the relative health risk of members at each health plan
  2. Be accurate and unbiased
    > [A]ccurate: should be a relatively high correlation between the projected cost of the population and the actual cost
    > [U]nbiased: the methodology should not overcompensate for some risk factors at the expense of others
  3. Be as [S]imple as possible while accomplishing other goals
  4. [M]inimize the administrative burden of developing and implementing the methodology
  5. Be [B]udget neutral

BUS MAP

Duncan Ch. 13 (Risk)

49
Q

Characteristics and skills of a CRO

A
  1. CROs come from various disciplines, including legal, auditing, strategic planning, investor relations, line-operation management, and hazard risk management
  2. For insurance organizations, insurance, actuarial, and accounting backgrounds are assets
  3. Excellent communication skills are important
  4. Key background skills center on math, statistics, finance, and accounting
  5. A recent survey rated the ability to understand business issues as the most important skill
  6. A broad health care and business background is also important

GHS-123-18

50
Q

Key metrics in the design of disease management programs

A
  1. The number and [R]isk-intensity of members to be targeted - the number must be large enough to produce savings that offset implementation costs, but not so large that marginal costs exceed marginal savings
  2. Types of [I]nterventions to be used in the program - such as mail or automated outbound dialing
  3. The number of nurses and other [S]taff needed for the program, and program costs
  4. The methodology for contacting and [E]nrolling members
  5. The [R]ules for integrating the program with the rest of the care management system
  6. The [T]iming and number of contacts, enrollments, and interventions
  7. The [P]redicted behavior of the target population if there were no intervention, and the predicted effectiveness of the intervention at modifying that behavior

STRIPER

Duncan Ch. 8

51
Q

Considerations related to stress and scenario testing

A
  1. The extent to which various stress tests reflect similar or different degrees of [A]dversity
  2. Any items in the organization’s business plan that describe how the organization will function during an [E]xtreme event
  3. That an extreme event scenario may be a single event or a [S]eries of events
  4. How actions of various stakeholders and markets during extreme events may differ from those during “[N]ormal” times
  5. Whether assumed [I]nterdependencies are appropriate under the stress or scenario testing assumptions
  6. How to define situations that result in a [N]on-quantifiable risk
  7. Some stress and scenario tests will be [H]ypothetical situations for which the actuary will not need to determine whether the scenario is realistic

HI DANES

ASOP #46

52
Q

Definition and key principles of enterprise risk management (ERM)

A

Definition: ERM is a structured analytical process that focuses on identifying and eliminating the financial impact and volatility of a portfolio of risks, rather than focusing on risk avoidance alone. It is integrated risk management

Essential principles of ERM

  1. ERM recognizes a broad range of risks confronted by the organization and acknowledges that those risks represent either sources of capital or potential losses
  2. A comprehensive or “holistic” approach is critical for managing diverse risks. An enterprise-wide view recognizes all of the potential threats to the organization’s objectives and recognizes that risks are not isolated

GHS-123-18

53
Q

Considerations when reviewing or recommending parameters of risk tolerance, risk appetite, and risk limits

A
  1. The financial and non-financial benefits associated with each risk-taking activity
  2. The degree of concentration of the risks of the organization
  3. The opportunities available to mitigate breaches of risk limits and risk tolerance, and the cost and effectiveness of such mitigation strategies
  4. Regulatory or accounting constraints that may affect the risk environment
  5. The relationship between the risk tolerance, risk appetite, and risk limits
  6. The historical volatility of the org’s results in the context of its current risk profile

VAC BRO

ASOP #47

54
Q

Risk identification techniques

A
  1. [B]rainstorming: this is an unrestrained or unstructured group discussion
  2. [I]ndependent group analysis: without collaboration, all participants write down ideas on risks that might arise. These ideas are aggregated and there is a discussion. Risks are then anonymously ranked
  3. [S]urveys: participants are given a list of questions about different aspects of the organization to try to draw out the risks faced
  4. [G]ap analysis: consists of a survey that asks two types of questions: the desired level of risk exposure and the actual level of exposure
  5. [D]elphi technique: begins with an initial survey of experts who comment on risks anonymously and independently. Is followed by subsequent surveys that are based on earlier responses. Continues until there is a consensus or stalemate.
  6. [I]nterviews: individuals are interviewed independently to identify the organization’s risks
  7. [W]orking groups: comprised of a small number of individuals who have familiarity with the risks identified. They investigate more fully the risks which have been identified already.

WIGDIBS

Sweeting Ch. 8

55
Q

Issues related to determining and controlling exposure for a disease management study

A
  1. Managed versus measured populations: the population to be measured does not need to be the same population that is being managed
  2. Eligible members: eligibility is first determined for health plan membership, then for DM services
  3. Member months: in any given month, a member is uniquely classified into a single category. Members can move between categories from one month to the next
  4. Chronic and non-chronic (index) members: the assignment of chronic status is determined monthly
  5. Excluded members: some members are eligible for health plan membership but are not eligible for inclusion in the DM program
  6. Measured and non-measured members: tests for inclusion in the measurement population may include the continuous coverage test and a claim-free period
  7. Enrolled, targeted, and reachable members: to avoid bias in the results, outcomes should be measured for all targeted members (whether enrolled, not enrolled, or unreachable)

Duncan Ch. 12

56
Q

Ways in which provider group-based ACOs are expected to generate savings

A
  1. The practice should implement “[C]are coordination” to manage the care of the patients who need additional services
  2. [A]ccess to integrated medical records and consistent management by the physician should reduce the need for tests
  3. The ACO should develop a [N]etwork of efficient providers and limit the use of less efficient providers
  4. The focus on quality should result in fewer [U]nnecessary services and better population health

CAN U

Duncan Ch. 22 (Risk)

57
Q

Policy barriers that make it difficult for CO-OPs to compete in the health insurance market

A

ACA provisions:
> CO-OPs are prohibited from using federal funds for marketing
> “Substantially all” business must be derived from the individual and small-group markets. This makes it harder for CO-OPs to enter the large employer market, which tends to be a bigger and more stable source of revenue

Decisions made by federal policymakers during implementation of this program
> Budget agreements with Congress slashed the program’s $6 B allotment down to $2.4 B
> States were allowed to permit individuals and small employers to remain enrolled, for a transitional period, in their pre-ACA policies. As healthy enrollees stayed on their plans, a sicker risk pool was left for insurers selling on the marketplaces
3. Another budget agreement late in 2014 disabled the ACA’s risk corridor program by requiring it to be budget neutral. As a result, payouts to insurers with losses were only 12.6% of what had been expected

GHS-122-18

58
Q

Definition and aspects of risk treatment

A
  1. Definition of risk treatment: the process of selecting actions and making decisions to transfer, retain, limit, and avoid risk
  2. Aspects of risk treatment:
    > Determining risk [T]olerance
    > Choosing risk [A]ppetites
    > Setting risk [L]imits
    > Performing [R]isk mitigation activities
    > Optimizing organizational [O]bjectives relative to risk

TORAL

ASOP #47

59
Q

Structure of Medicare ACOs

A
  1. An ACO is a network that is either physician-practice based or hospital based that shares the responsibility for providing care to patients
  2. The MSSP has two models of gainsharing:
    > One-sided: ACO and CMS share 50/50 in gains
    > Two-sided: ACO shares in more, but also shares in losses
  3. The ACO must meet certain requirements to be allowed to share savings with CMS:
    > The ACO must meet certain quality standards in the following domains: patient/caregiver experience, care coordination/patient safety, preventative health, and at-risk population
    > Savings must surpass a hurdle rate, which ranges between 2% for the largest ACOs and 4% for smaller ACOs
  4. The ACO must manage all of the medical health care needs of at least 5,000 Medicare beneficiaries for at least 3 years
  5. Patients do not enroll in the ACO, they are “attributed” to an ACO because they have received the plurality of their primary care from an ACO provider
    > The patient is assigned to a PCP who is accountable for providing quality care, reducing util, and convincing the patient not to seek care outside the ACO network

Duncan Ch. 22 (Risk)

60
Q

Key tasks of the CRO

A
  1. Coordinates all risk management activities
  2. Introduces an integrated framework
  3. Improves risk communication with internal and external partners
  4. Chairs the ERM committee
  5. Develops a framework for the organization’s risk management activities
  6. Ensures that the organization is in full compliance with regulations
  7. Policy assessment
  8. Assures business continuity through risk assessment, planning, financing, and risk transfer
  9. Identifies and monitors emergent risks
  10. Extends risk principles into the wider business strategy
  11. Develops the data strategy required to build an accurate picture of operational risk
  12. Educates the investment community on the organization’s risk management strategy
  13. Disclosures (internal and external)
  14. Informs the board of significant risk issues
  15. Delivers an integrated picture of risk across the enterprise
  16. Determines the organization’s tolerance for risk
  17. Evaluates insurance coverage
  18. Develops alternative risk strategies
  19. Trains and communicates with the workforce on risk management policies and structures

GHS-123-18

61
Q

Formula for health RBC after covariance

A
  1. RBCAC = H0 + (H1^2 + H2^2 + H3^2 + H4^2)^.5
    > H0 is the Asset Risk for Affiliates: the risk that a stock investment in an affiliate may lose value
    > H1 is the Asset Risk for Other Assets: the risk that investments may default or decrease in value
    > H2 is the Underwriting Risk: the risk of having inadequate premiums in the future
    > H3 is the Credit Risk: the risk of not recovering the amounts owed to the insurer
    > H4 is the Business Risk: includes several miscellaneous types of risk, such as administrative expense risk and excessive growth risk
  2. Authorized control level capital + RBCAC/2
  3. Health RBC ratio = total adjusted capital/authorized control level capital

Skwire Ch. 39

62
Q

General considerations when designing, performing, or reviewing a capital adequacy assessment

A
  1. The insurer’s risk [P]rofile and capital
  2. The business and risk [D]rivers
  3. The insurer’s plans and [S]trategies
  4. The timing and variability of projected liability and asset related cash [F]lows
  5. The timing and [I]ntensity of future calls on capital, and the ability to replenish capital
  6. [E]xisting or accessible resources
  7. The effect of [C]hanges in the risk profile
  8. Correlation, concentration, diversification, and interdependence between risks ([R]elationships)
  9. Projections of future [E]conomic conditions
  10. Parameter [U]ncertainty
  11. The [M]ethodology used to assess the adequacy of capital
  12. The insurer’s specifics regarding risks [I]dentified: definition of, metrics used, identification process, relevant reports, and limitations of tools to evaluate
  13. The insurer’s risk [A]ppetite and tolerance
  14. Prior capital [A]dequacy assessments, including underlying assumptions

UP FIR ACADEMIES

ASOP #55

63
Q

Reasons a member may be excluded from a disease management program

A
  1. The member class is not receptive to disease management
  2. The member is a candidate for a program administered by another vendor (such as mental health)
  3. The pattern of claims that the member exhibits is subject to sharp discontinuity, and can thus distort a trend calculation
  4. The member’s claims are significant, and the experience is likely to dominate the group, or introduce noise to the calculation

Duncan Ch. 12

64
Q

Disclosure requirements for assumptions and methods used in an actuarial report

A
  1. The communication should identify the party [R]esponsible for each material assumption and method
  2. If the assumption or method is prescribed by [L]aw, disclose the applicable law, the assumptions or methods affected, and that the report was prepared in accordance with the law
  3. If a material assumption or method is selected by another party, the actuary has three choices:
    > If it does not [C]onflict with the actuary’s professional judgment, no disclosure is needed
    > If it significantly conflicts with the actuary’s professional judgment, then disclose this fact
    > If the actuary is unable or not qualified to judge its reasonableness, then disclose this fact
    In the case of either b or c, also disclose the affected assumption or method, the party who set it, and the reason it was set by the party, rather than the actuary

CLR

ASOP #41

65
Q

Considerations when designing risk capital targets or risk capital thresholds

A
  1. [V]aluation bases
  2. Principal’s [O]bjectives for capital
  3. Normal and adverse [E]nvironments
  4. Time [H]orizon over which the capital is assessed
  5. [M]ethods used to aggregate results: including diversification of benefits and interdependence among the risks
  6. Alignment with any existing risk [A]ppetite and risk tolerance
  7. Approach used to determine “[S]ufficient” level of capital
  8. Merits of using a [R]ange for the risk capital targets versus a single number
  9. Whether the insurer will be able to [A]ccess additional capital if and when needed
  10. The [R]elationship of risk capital targets or risk capital thresholds relevant to the current capital and risks

HER SAMOVAR

ASOP #55

66
Q

Considerations when performing services regarding the evaluation of emerging risks

A
  1. The potential impact of emerging risks across various time horizons
  2. The potential secondary effects from an organization’s assumed actions in light of the onset of an emerging risk

ASOP #46

67
Q

Disclosures required in an actuarial report

A

This report states the actuarial findings and identifies the methods, procedures, assumptions, and data used

  1. The intended [U]sers of the report
  2. The [S]cope and intended purpose of the assignment
  3. The [A]cknowledgement of qualification as specified in the Qualification Standards
  4. Any caution about risk and [U]ncertainty
  5. Any [L]imitations or constraints on the use or applicability of the findings
  6. Any [C]onflict of interest
  7. Any information on which the actuary [R]elied that has a material impact on the findings and for which the actuary does not assume responsibility
  8. The information [D]ate (date through which data and other information has been considered)
  9. [S]ubsequent events (may have a material effect on actuarial findings)
  10. If appropriate, the [D]ocuments comprising the actuarial report

DAD CURLS US

ASOP #41

68
Q

Phases of an ERM process

A
  1. Assessment: educate all appropriate staff about the ERM concept and why it is the right approach
  2. Define the organization’s goals and objectives
  3. Define the organization’s risk tolerance, which is the amount of risk exposure the organization is willing to bear.
  4. Event identification: identify all events that could affect the achievement of goals. Differentiate between risks (with potential for a negative impact) and opportunities (may have a positive impact)
    > Causes of risk include people, processes in place, and management decisions
    > Risk events include a loss of assets, business interruption, and fraud and abuse
  5. Risk assessment: evaluate all potential events to determine their impact and likelihood of occurrence. Prioritize risks based on their potential impact
  6. Risk response: identify, evaluate, and develop options to deal with risk. The categories of risk handling solutions are risk avoidance, acceptance, reduction, and sharing
  7. Take a portfolio view of risk. This allows leadership to catalog all risks and look at the totality of organizational risk. It also involves understanding how corporate objectives and risks interrelate and affect the achievement of goals

GHS-123-18

69
Q

Considerations when performing risk treatment activities

A
  1. Information about the financial strength, risk profile, and risk environment of the organization. This includes various items such as:
    > The financial flexibility of the organization
    > The nature, scale, and complexity of the risks faced by the organization
    > The organization’s strategic cgoals
    > The degree to which the organization’s different risks interact with one another
  2. Information about the organization’s own risk management system. This also includes various items, such as:
    > The risk tolerance and risk appetite of the org
    > The components and execution of the org’s ERM control cycle
    > The knowledge and experience of management regarding risk assessment and risk management
  3. The relationship between the org’s financial strength, risk profile, and risk environment and the org’s risk management system
  4. The intended purpose and uses of the actuarial work product

ASOP #47

70
Q

Description of the Consumer Operated and Oriented Plan (CO-OP) Program

A
  1. This program was created by the ACA with the intent of increasing competition among health plans and giving consumers the option of a nonprofit insurer
  2. The ACA requires that a majority of each CO-OP’s board be composed of plan members. And profits must be reinvested to the benefit of the members
  3. The ACA created the following loan programs, which were critical for these start-up plans to compete with established insurers:
    > Start-up loans to help CO-OPs create the infrastructure necessary to operate
    > Solvency loans to help CO-OPs establish sufficient capital to meet state solvency standards

GHS-122-18

71
Q

Groups in which the CRO should participate

A
  1. The [B]oard or a board risk review committee: the board expects the CRO to identify and review the major areas of risk. The CRO will usually report directly to the board or a committee
  2. Executive [R]isk committee: may be chaired by the CRO, and includes the CEO and CFO. IT provides oversight of risk, reviews compliance with risk policies, and monitors breaches of risk tolerance limits.
  3. [E]RM committee: consists of the CEO, COO, chief nursing officer, CFO, CRO, CMO, chair of the investment committee, and chair of the audit committee. Is responsible for ongoing identification and assessment of risk
  4. [O]rganization risk leaders (such as risk management, legal, and finance leaders): the CRO is responsible for training and, in some organizations, supervision of some members of this group

BORE

GHS-123-18