ERM and Performance Flashcards
Who identifies risk?
Usually there is a individual or team who identifies risk
When do you identify risk?
Ongoing process (budgeting, planning and reviews)
What are methods of risk identify?
Cognitive computing
Data tracking and external sources
Interviews and surveys
Key risk indicators
Process analysis
Workshops
Surfacing Assumptions
In your risk statement, do you want to discuss root causes?
That is not desirable. You don’t want to have the cause or source unspecified.
What is the prospect theory?
Losses more consequential than gains
Framing (gain vs loss) influences assessment
Example: Risk framed as gain (i.e. getting a sure thing vs likelihood of getting money), pick the sure thing (risk-averse choice)
T/F: Risks at higher levels are more likely to influence overall reputation? (Severity)
TRUE
Risk can have different effects at different levels of the organization
Risk assessments may be in words or numbers?
TRUE
Risk assessment should be on the same continuum of strategy and business objectives?
TRUE
T/F: Risk with similar severity may receive differing priorities?
TRUE
T/F: Different risk priorities may be assigned to different levels?
TRUE
What are acceptable risk response categories?
1) Accept
2) Avoid
3) Pursue- Increase the risk
4) Reduce- Decrease the risk
5) Share risk- Insurance or hedging strategies
Make sure you’re operating in your risk appetite and below capacity
What is the four levels of integration?
1) Minimal integration- The risk View
2) Limited Integration- Risk category View
3) Partial Integration- Risk Profile View
4) Full Integration View- Portfolio View
