Establishing the Context

Question 1

What are the characteristics of a risk framework according to ISO 31000?

Answer 1

RASP - Risk Architecture, Strategy and Protocols

Question 2

What is the risk appetite according to ISO 31000?

Answer 2

The amount and type of risk that an organisation is willing to pursue or retain.

Question 3

What are the 3 components to the risk management context?

Answer 3

1. Internal Context - Culture, activities, skills, resources, structure, decision making processes - FIRM Risk Scorecard
2. External Context - business sector, external stakeholders, external economic environment, opportunities and threats facing the firm - SWOT or PESTLE
3. Risk Management context - RASP

Question 4

What are the key questions to ask when establishing the risk management context - 6 key questions?

Answer 4

1. What is the risk management process expected to achieve?
2. Who will be responsible?
3. What resources are required?
4. What is the risk appetite or risk criteria?
5. What is the overall total risk exposure and how does this compare to risk appetite?
6. How capable is the firm at withstanding/managing the risk?

Question 5

What is the risk radar?

Answer 5

Emerging risks that have to be identified in timely way. It should also look out for opportunities that can be exploited in the future.

Question 6

What are the benefits of establishing the context?

Answer 6

1. Helps define objectives.
2. Identifies scope, responsibilities and resources for risk management.
3. Creates a methodology for evaluating success.