CH 5: Risk Management framework and processes

Question 1

Compare and contrast ERM and traditional RM. (write it down)

Answer 1

Similarities:

1. Both processes are cyclical and provide for continuous improvements
2. Both have similar steps in identifying, analyzing, and treating risk

Differences:
1. Type of risk addressed:
TRM– hazard risk only w/ negative outcomes only
ERM– all 4 quadrants addressed w/ negative and positive potential.

2. The development of an understanding of an organizational environment:
   TRM– this understanding is implicit in the evaluation of risk
   ERM– this understanding is the first step in its process.

Prompt for comparison: If fire damages the main corp. headquarters, how would that be assessed under both standards?

Question 2

What is the purpose of framework?

Answer 2

Integrate RM throughout the organization!

Question 3

What are the 4 components of COSO framework model?

Answer 3

1. Lead and establish accountability
2. Align and integrate
3. Allocate resources
4. Communicate and report

Question 4

what are the 5 steps of the COSO process model (or enterprise-wide risk management process)?

Answer 4

1. Scan the environment
2. Identify risk
3. Analyze risk
4. Treat risk
5. Monitor and review

Question 5

List the techniques used to establish accountability!

Answer 5

1. Identify risk owners and their role in the organization
2. Establish key performance indicator (KPI)
3. Establish key risk indicators (KRI)
4. Develop risk criteria to evaluate the significance of risk.

Question 6

Who is a risk owner?

Answer 6

An individual accountable identification, assessment, treatment, and monitoring of risk in specific environment.

Question 7

What is key performance indicator?

Answer 7

it is a financial or non-financial measurement that defines how successful an organization is progressing towards it long term goals.

Question 8

What is key risk indicator, bro?

Answer 8

It measures the uncertainty of meeting a strategic business objective.

Question 9

Do please list the stages in designing and implementing a risk management framework and process?

Answer 9

1. GAP analysis: gaps are the international framework and process components that are not found in the organization.
2. Evaluation of internal and external environment
3. Integration into existing processes
4. Commitment of resources
5. Communication and reporting
6. Monitoring and improvement

Question 10

What are the ways you can evaluate the internal environment of your organization?

Answer 10

1. map the org. and identify
2. Evaluate the resources needed to sustain the RM framework
3. Evaluate communication channels and corp. culture

Question 11

What is risk appetite?

Answer 11

The total exposed amount that an org. wishes to undertake on the basis of risk-return trade-offs for one or more desired and expected outcomes.

Question 12

Give examples of external environment.

Answer 12

Economic
Political
Legal
Technological
Natural 
Competitive landscape

Question 13

Under ERM process,and as a part of scanning the environment, what are the factors considered in defining risk criteria?

Answer 13

Causes of risk
Effects of risk
Measures of the effect of risk
Timeframe of potential effect
Methods to determine level of risk

Question 14

Under ERM process, identifying risk might include what types of risks?

Answer 14

Existing risk
Key risk
Emerging risk

Question 15

Under ERM process, list the various ways we can treat risk.

Answer 15

1. Avoid the risk
2. Modify the likelihood and impact of the risk
3. Finance the risk (*- mentioned during session)
4. Transfer risk*
5. Retain the risk*
6. Exploit the risk

Question 16

TRM process steps:

Answer 16

1. Identifying loss exposure
2. Analyzing loss exposure
3. Examining feasibility of RM techniques
4. Selecting the RM technique
5. Implementing RM technique
6. Monitoring and revising.