Chapter 42: The Risk Management Process (1) Flashcards
What is meant by risk management?
Risk management is the process of ensuring that the risks that an organisation is exposed to are the risks that they think they are exposed to and that they are prepared to be exposed to.
What two roles can risk play in an organisation?
- Material threat to the objectives of the company
- Opportunity to exploit the risk and gain the competitive advantage
What is the aim of risk management?
- Protect policyholder benefits
- Protect solvency position against adverse experience
- Protect other stakeholders against adverse experience
- Manage capital efficiently
What are the 5 stages in the risk management control cycle?
- Risk identification
- Risk measurement or assessment
- Risk control measures
- Risk financing
- Monitoring the risk portfolio
Explain what is done in the Risk Identification stage of the risk management control cycle.
- Risk Identification = recognition of the risks that can threaten the income and assets of the organisation.
1. High-level preliminary risk analysis
2. Brainstorming session - Identification
- Interdependencies
- Initial valuation
- Frequency
- Consequences
- Mitigation options
3. Desktop analysis (further research)
4. Risk register (cross-referencing)
5. Risk matrix - Crime
- Political
- Project
- Economic
- Natural
- Business
- Financial
Risk tolerance: to what extent the company is prepared to be exposed to a risk.
Explain what is done in the Risk Measurement stage of the risk management control cycle.
- Risk measurement is the estimation of the probability that the risk event will occur as well as it’s likely severity.
- It forms the basis for the evaluation and selection of risk control measures and alternative insurance.
Explain what is done in the risk control measurement stage of the risk management control cycle.
- Risk control measurement = systems that aim to mitigate risks or reduce their consequences by reducing the probability of occurrence, the severity if it occurs or the financial impact if the risk event occurs.
- Transfer the risk to a 3rd party
- Reject the need for financial coverage
- Retain the risk
- Insure
- Share (retain + transfer)
- No action (Probability very low, consequences trivial, diversified, unquantifiable)
- Minimise the risk (severity or uncertainty)
- Avoid the risk
What are the benefits of risk management?
- Avoid surprises
- Improve stability and quality of the company
- Increase returns and growth by exploiting risk opportunities
- Increase returns and growth by having better management and better capital allocation
- Identify and take advantage of natural synergies (risks that offset each other)
- Ensure stakeholder confidence in the management of the company
- Consider inherent risks when pricing
- Increase job security and reduce variability in staff related costs (salaries)
- Detect risks earlier so it is cheaper and easier to manage
- Cost-effective way of risk transfer
What are the requirements of a risk management process?
- Include all relevant risks (financial and non-financial)
- Consider all constraints (social, regulatory, political, competitive)
- Evaluate all the risk management strategies
- Exploit hedges and portfolio effects among risks (sell to same population)
- Exploit financial and operational efficiencies in strategies
What factors affect the extent to which risks will be transferred?
- Probability of the event occurring
- Existing resources
- Risk appetite
- Amount of capital required from a 3rd party to take on the risk
- Willingness and existence of a 3rd party
- Ability of the 3rd party (credit rating)
Explain what is done in the risk financing stage of the risk management control cycle.
- Risk financing = determining the cost of the risk and ensuring there are sufficient financial resources to cover the risk.
Tools of risk management for retained risks
- Control measures to reduce likelihood
- Control measures to reduce severity
- Control measured to ensure fair price is paid
- Diversification
- Transfer
Explain what is done in the Risk Monitoring stage of the risk management control cycle.
- Risk monitoring = regular review and re-assessment of all risks previously identified coupled with an overall business review to identify new or omitted risks.
Objective:
- Report on risks that occurred and how well they were managed
- Consider if the risk Appetite has changed
- Determine if any Changes occurred
- Determine if there were changes in the risk Exposure
- Identify New risks
- Determine the Effectiveness of risk management
What is enterprise risk management?
- It is the process during which a company identifies, assesses, mitigates and manages the risks that may interfere with their aim, operations and objectives.
- It is risk management across business units in a way that allows the company to gain competitive advantage and to exploit risk opportunities with upside potential.
Name the ways in which business units can be structured.
- Same activity, different location.
- Same location, different activities
- Different locations, different activities
- Different countries
- Different markets
- Separate companies in a group which all have their own business units
Describe how risk management would be done at unit level.
-> Parent company decides on risk appetites and divides it among subsidiaries.
-> Risk management is done at unit level within the risk budget
-> Can allow for diversification by letting the sum of all risk appetites >100%
- May not be best use of capital
+ Manager involvement
+ Managers may feel responsible
