Chapter 16: Valuable ORM Flashcards
What is the purpose of maturity models in ORM?
What do they assess?
To assess the performance of risk management frameworks on a scale from “beginner” to “expert.”
How do firms use self-assessment in ORM maturity?
Do they need expert in all areas?
Firms self-assess maturity based on their objectives and don’t need to aim for “expert” in all areas.
What is an alternative to using maturity models?
A list of what?
A list of quality criteria for each part of the risk management framework.
What challenge do risk managers face in demonstrating ORM value?
Proving what?
Proving the tangible benefits of their work to the business.
How can ORM demonstrate business value?
By focusing on business stability, profitability, and productivity improvements.
What is a risk-based approach to ORM?
Focusing on which risks first?
Focusing on top risks first before deploying an ORM framework across departments.
What is a “deadly sin” for risk managers?
Being pushed into where?
Being ignored or pushed back, making them irrelevant to the organization.
What should ORM focus on to avoid wasting resources?
Instead focus less on what? daily?
Top risks and their mitigation, not minor issues or daily volatility.
How does ORM improve decision-making and improve stability?
Large losses?
By reducing large losses and recurrent incidents, leading to better business stability.
What metrics can demonstrate ORM’s impact on profitability?
LFSV
Trends in loss frequency, severity and profitability volatility.
How does effective ORM increase productivity?
By freeing up what?
By freeing resources from remediation tasks and preventing project failures.
What is a key priority for starter firms in ORM?
Not implementing where and why
Conducting firm-wide screening to identify high-risk areas, not implementing everywhere for the sake of it.
How should high residual risks be addressed?
Case by case, or a full investigation on everything first?
By mitigating them as they are identified, rather than waiting for a full assessment.
How can ORM reporting lead to actionable insights?
So what?
By ensuring reporting leads to decision-making and not just status updates.
What is the importance of LOB risk training in ORM?
what does this allow management to focus on?
To train business units on specific risk management, with central teams focused on methodology.
When should IT ORM solutions be implemented? Why is this the case?
Only after reaching ORM maturity to ensure integration with existing systems, doing before hand can be expensive and cause extra issues.
How does ORM support regulatory compliance?
Is this usually by default?
By aligning with mature, risk-based practices that ensure adherence to standards.
Yes
How can ORM align with industry standards?
COSO and ISO what?
By following frameworks like ISO 31000 and COSO ERM.
How can ORM reduce large losses?
By leading to a more stable business environment and reducing P&L volatility.
What is the impact of ORM on share price volatility?
It can reduce share price volatility compared to market volatility.
What is the importance of strategic advice in ORM?
To aid in balancing risk with reward, supporting strategic decisions.
How can ORM demonstrate value beyond compliance?
Aligning its role with what?
By aligning its role with business goals and improving decision-making.
What is the significance of peer comparisons in ORM?
In the industry.
To compare tail risk losses and large incidents with industry peers.
How can ORM support long-term growth?
Strategic?
By guiding strategic decisions that balance risk with reward for better outcomes.
