Chapter 2 - Risk management Flashcards
What is risk management
The identification, forecasting and evaluation of sources of risk; the necessary action to eliminate or minimize their impact
List the stages of risk management
- Planning
- Identification
- Qualitative analysis
- Quantitative analysis
- Risk response planning
- Monitoring and controlling
What does the planning stage of risk management entail
- setting the scope and detailing management activities to be undertaken
- Developing the policies and procedures for managing risk
- Defining the risk tolerance for various risks (what the organization is able and willing to bear)
What is identification in risk management
- Identifying the risk facing organization
- Defining main risks and their characteristics in terms of whether they are threats or opportunities
- Analyse exposure to risks and to prioritize - subject to analysis, additional action or contingency plan
- Group risks as financial or non-financial risk
What is qualitative risk
Process:
assessing each individual risk probability of occurrence and their impact against a predefined scale
Purpose: to
- Prioritize risk
- improve risk understanding
- identify main exposure areas
What is quantitative risk
Numeric analysis of the level of risk and their impact on an organization
What is risk response planning
- creating actions and options to increase opportunity and reduce risk
When is risk adjusted?
- Upward when the organization has an advantage
2. Downward when the organization is faced with risk
Outline how risk adjustment is done
- Using derivatives and other instruments to change the level of risk
- Identify the most appropriate transactions for any given objective
- Considering the cost of any transaction
- Executing each transaction
List the key steps in monitoring and controlling
- Implementing a response plan
- Tracking and monitoring identified risks
- Identifying and responding to new risks
- Improving risks management process
What is risk governance
The use of good governance principles for the:
- identification
- assessment
- management
- communication of risk
Formal structure for risk-based decision making and oversight across all operations of the organization
What the two types of risk management
- Enterprise (centralized) risk
2. Decentralized risk
What is enterprise risk management
responsibility of execution is placed within one unit of the organization
What is decentralized risk management
The responsibility of execution is placed within the units where the work is being done
What are the advantages of enterprise risk management
- Provides a better view of how each unit’s risk affects the overall risk borne by the organization
- locates the responsibility closer to management who bear ultimate obligation
