Chapter 25: Risk governance Flashcards
What are the six stages in the risk management control cycle
- Risk identification
- Risk classification
- Risk measurement
- RIsk control
- Risk financing
- RIsk monitoring
What is involved in the risk identification stage of the RMCC (3)
- Thorough analysis of the risks that can influence the assets and finances of the organisation
- Once determined is the risk systematic or diversifiable
- Once identified identify preliminary measures to reduce the likelihood/impact
What is involved in the risk classification stage of the RMCC (2)
- Identify groups to the risks belong, this aids in cost and diversifying the risks (or concentrated)
- Also aids in risk management as a specific risk type is allocated to a single individual
What is involved in the risk measurement stage of the RMCC (4)
- Measurement involved determining the likelihood/severity of risk occurring
- Consider adverse scenarios
- Allow for correlation between projects and other projects.
- Conduct before and after risk controls are in place to see the effect of controls, i.e. should risk being declined, transferred, mitigated, retained
What is involved in the risk controls stage of the RMCC (3)
- Decide to reject, fully accept or partially accept the risks
- Prioritise risks that are the most exposed
- Consider risk appetite that provides optimal risk strategy
What is involved in the risk financing stage of the RMCC (3)
- Determining the cost of each risk, the mitigation strategy and losses of cost of capital associated with retaining risks
- Ensuring enough funds are available should a risk occur
- Capital requirement can be assessed using the probability of ruin over a certain confidence interval over a specific period
What is involved in the risk monitoring stage of the RMCC (3)
- Regular reviewing and re-assess each stage, especially controls and financing
- Additional risks may be identified
- Effectiveness of current approach
What is the difference between systematic and diversifiable risks
Systematic risk is the risk that affects an entire financial market or system, and not just specific participants. It is not possible to avoid systematic risk through diversification
Diversifiable risk arises from an individual component of a financial market or system. These risks can be diversified away
What is enterprise-wide risk management
Traditionally, the risks facing companies have been managed separately by different people working in different business units based in different locations
ERM takes a more holistic view of risk management. It is a discipline by which an organisation identifies, assesses, controls, exploits, finances and monitor all risks from all sources
What are the disadvantages of traditional risk management
- Failure to capture all risks
- Failure to recognise the interdependencies between risks
- Failure to recognise benefits of portfolio effect (diversification benefits)
- Different measures used to report on different risks, e.g., VaR and outstanding credit exposure
- Senior management cannot develop a complete picture of risks and understanding of the relative extent of each risk
- Represent inefficient way of managing risks
What are the aims of ERM
- Involve all stakeholders in an organisation in the risk management process
- Have a designated risk function at the group level, headed by a chief risk officer (risks are managed all together, instead of all separately)
- Have a similar framework for measuring and reporting risk in each business unit
- Recognise the benefits of portfolio effects and diversification and highlight to management the risk exposures which are unmitigated, where risks need to be transferred to a third party or have capital allocated to them
- Create both short-term and long-term value for shareholders by exploiting risk as an opportunity
