Ch. 3: Risk in an Organization

Question 1

The start of the ERM process should involve assessing the ____ and ___ environments

Answer 1

Internal; external

Question 2

As the organization grows, it may benefit from risk ___, each with a risk ____

Answer 2

Risk centers; risk owner

Question 3

Risk owner responsibilities

Answer 3

Identify, assess, treat, monitor

Question 4

True or false: not all risk owners are internal

Answer 4

True; some may be external

Question 5

Org culture is defined by its shared

Answer 5

Values, beliefs, and accepted behaviors

Question 6

What influences an org’s attitude toward risk?

Answer 6

Culture

Question 7

How do social responsibilities differ from org governance

Answer 7

Governance involves legal and regulatory parameters, not just org beliefs

Question 8

Code of ethics

Answer 8

minimum standards of expected behavior

Question 9

What is a disadvantage of formal communication channels>

Answer 9

Messages could be delayed or become distorted

Question 10

What is a disadvantage of informal communication channels?

Answer 10

The message may need to be verified for accuracy

Question 11

Three management styles (DDS)

Answer 11

1. Directive
2. Delegating
3. Supportive

Question 12

Three risk attitudes

Answer 12

1. Risk seeking
2. Risk avoiding
3. Risk optimizing

Question 13

Risk seeking attitude

Answer 13

Risk naive; believe risk-taking will reap significant rewards worth the risk

Question 14

Risk avoiding attitude

Answer 14

Risk obsessed; focus on the negative side of risks

Question 15

Risk optimizing attitude

Answer 15

Risk managed; balanced risk attitude; assess risks based on the vision, mission, and values of the company

Question 16

Hierarchy - culture

Answer 16

Decision-making authority is well defined

Question 17

Market - culture

Answer 17

Org is primarily concerned with outward relationships

Question 18

Clan - culture

Answer 18

Org is seen as a family; teamwork

Question 19

Adhocracy - culture

Answer 19

Adaptability is key; authority is decentralized and moves as needed

Question 20

Benefits of risk centers (3)

Answer 20

1. Involvement of operational managers
2. Focuses risk analysis on the org’s strategic goals
3. Risk managed at the appropriate level

Question 21

Risk center

Answer 21

Discrete unit within the organization, having a leader and specific objectives, at which level a particular risk is most appropriately and effectively managed

Question 22

Which of the following would be considered an internal stakeholder?

1. Stockholders
2. Unions
3. Suppliers
4. General public

Answer 22

Stockholders