Ch.10 - Risk management Flashcards

1
Q

What types of risk are there?

A

Risk = Likelihood * Impact

 Downside (pure) risk – possibility that the outcome will be worse than expected
 Upside (opportunity) risk – possibility that the outcome will be better than expected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does risk management process comprises of?

A
  1. Risk appetite - the extent to which a company is prepared to take on risks in order to achieve its objectives
  2. Risk identification - using PESTEL analysis or Porter’s Five Forces model
  3. Risk analysis (assessment) - establishes the financial consequences of each risk and its likelihood of occurrence
  4. Risk evaluation and response - determines the significance of any risk and whether it needs to be addressed
  5. Risk monitoring and reporting - Risk register - used to document and monitor the risks identified and risk mitigation strategies
  6. Risk process and feeback
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What types of quantitative analysis are there?

A
  1. Break-even analysis
  2. Sensitivity analysis
  3. Expected value
  4. Decision trees
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is risk management process?

A

Risk management is the process of identifying and assessing the risks facing EP’s business and the development, implementation and monitoring of a strategy to respond to those risks, in order to reduce threats to acceptable levels.

When running a business, risk is unavoidable and will include financial, strategic, operational and hazard risks arising from both internal and external sources. Risk
management is a corporate governance issue as there is the danger that directors of companies might take decisions intended to increase profits without giving due regard to the risks. They may also continue to operate without regard to the changing risk profile of
their organisation.

The point of risk management is that risks can be mitigated if management have plans to deal with problems if they occur. Risk management should be carried out by all businesses and involve all levels of staff and management. The aim is to prioritise the risks according to the ones that threaten the business most and then to take action to reduce or otherwise address the risk.

(possibly include any additional IT risk or cyber risk is trading online)

Business should ensure that all staff are trained and fully aware of e-commerce security issues and fraud risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is business continuity planning?

A

Business continuity planning is the process through which a business details how and when it will recover and restore operations interrupted by the occurrence of a massive (but rare) risk event eg, natural disaster such as a warehouse flood or fire or a major breach of security
causing the website to be down for an extended period.

Where risk management is largely pre-emptive, BCP is designed to deal with the consequences of a major realised risk.

A BCP is concerned with crisis management and disaster recovery. It must specify the actions to be taken in order to recover from any unexpected disruptive event.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How to proceed with risk identification?

A

Company must take steps to minimise the risk of systems failure, protect the integrity of its systems, safeguard information and ensure the continuity of its operations.

Risks may be transferred, avoided, reduced or accepted. Where risks cannot be reduced or eliminated it may be possible for EP to transfer them via the following:
 Insurance (however this may be costly and it may be problematic to quantify the extent of business loss)
 Contracting out the management of service to a third party (loss may still occur but the service level agreement can stipulate penalties)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is business risk and what types of business risk are there?

A

Business risk is the variability of returns due to how a business operates, its markets, competitors etc. It can be subdivided into:

  • strategic - relating to company’s strategic position with respect to competitors and environment
  • operational - arising from how the business is managed and controlled on a day to day basis, which also included compliance issues
  • hazard - risk arising from accidents or natural events
  • financial - risk associated from how business is financed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly