Chapter 42: Risk management process (1) Flashcards
Risk management
the process of ensuring that the risks to which an organisation is exposed
- are the risks to which it THINKS it is exposed
- and to which it is PREPARED to be exposed.
The risk management process consists of (5)
risk
- identification
- measurement
- control
- financing
- monitoring
- Cycle back
Risk management process:
- risk identification
identifying the risks that THREATEN the
- INCOME
- or ASSETS
of an organisation
Risk management process:
- risk measurement
measuring the PROBABILITY AND SEVERITY of a risk
It gives the BASIS for evaluating and selecting methods of a following step ‘risk control’
Risk management process:
- Risk financing
Determining the likely cost of a risk
… and ensuring the availability of adequate financial resources to cover the risk
Risk management process:
- Risk control
Mitigation to reduce the probability / severity of a loss.
Risk management process:
- Risk monitoring
Regular review and re-assessment of risks together with an overall business review to identify new / previously omitted risks.
Through risk management a provider will be able to (10)
- avoid surprises
- improve the stability and quality of their business
- improve their growth and returns by exploiting risk opportunities
- improve their growth and returns through better management and allocation of capital
- identify opportunities arising from natural synergies
- give stakeholders in their business confidence that the business is well managed
- price products to reflect the inherent level of risk
- improve job security and reduce variability in employee costs
- detect risks earlier meaning they are cheaper and easier to deal with
- determine cost-effective means of risk transfer
The risk management process should ideally: (5)
- incorporate all risk (both financial and non-financial)
- evaluate all relevant strategies for managing risk
- consider all relevant constraints
- exploit hedges and portfolio effects
- exploit financial and operational efficiencies
Each stakeholder needs to decide upon which risks to (5)
- avoid the risk altogether
- reject the need for financial cover (eg if the risk is trivial)
- retain, in part or fully
- transfer (insure or subcontract all the risk)
- share
The extent of risk transfer will depend on (4)
- the probability and severity of the risk occurring
- existing resources of the stakeholder (reinsurance reduces capital adequacy requirements)
- cost of transferring the risk
- availability of a market for transfer
- willingness of a 3rd party to accept the risk
5 Main tools for risk management
- diversification
- Reinsurance
- ART
- Management control systems
- Claims control systems
A company’s business unit might (6)
- carry out the same activity but in different locations
- carry out different activities at the same location
- carry out different activities at different locations
- operate in different companies
- operate in different markets
- be separate companies in a group, which each have their own business units.
Reports and systems at the enterprise level
If risks are managed and budgeted at enterprise level then companies need a system of risk reporting across the whole enterprise.
It is important to understand whether the business units are using the risk exposure allocated to them so that expected diversification benefits are actually realised.
4 Objectives of risk monitoring
- determine if the exposure to risk and/or the risk appetite of the organisation has changed
- identify new risks or changes in the nature of existing risks
- report on risks that have actually occurred and how they were managed
- assess whether the existing risk management process is effective.