Introduction to Risk Management Flashcards
What is risk and uncertainty?
Risk - variation in outcome from what is expected
Uncertainty - cannot predict
What are upside and downside, pure and speculative risks?
U - likely to go right
D - likely to go wrong
P - something will go wrong
S - could go better than expected
What are controllable and uncontrollable risks?
C - adequate internal controls, finance, ESG
U - trading conditions, environmental events
What are the risks to lenders and shareholders?
L - default of debt repayments, interest rate higher
S - share prices, volatility of returns
What are the 3 risk attitudes?
Risk averse
Risk neutral
Risk seeking
What is included in business risk?
Strategy risk, Enterprise risk, product risk, financial risk, Sustainability and climate change risk, operational risk
What is included in financial risk?
Gearing risk - debt v equity
Credit risk - customers don’t pay
Liquidity risk - over-trading
Market risk
What is included in operational risk?
Process risk
People risk
System risk
Event risk
Cyber risk
What key risk concepts should businesses rely on?
Exposure
Impact
Volatility
Probability
What are the advantages and disadvantages of mean, median and mode?
Mean - easy, represents everything
Not value in data set, distorted
Median - easy, outliers don’t matter
Not value in data set, hard to identify
Mode - easy, is value in data set, qualitative data too
Not all observations, more than one
How do you calculate the expected value?
Sum of (Probability x Expected return)
What is the standard deviation?
Square root of variance - how far from mean
What is the co-efficient of variation?
Standard deviation/mean x 100
Higher = riskier
What are the percentages for the normal distribution?
Middle = mean, mode, median
34.1% - 1 standard dev
13.6% - 2 standard dev
2.1% - 3 standard dev
0.1% - 4 standard dev
What is the order of mean, median, mode for a skewed distribution?
Mode at peak, then median, then mean furthest away
What is the order of the risk management process?
Awareness and identification
Analysis
Response and control
Monitoring and reporting
How is gross risk calculated?
Probability x impact
What are the 4 responses to manage risk?
Transfer - share risk
Avoidance - eliminate risk
Reduction - minimise impact
Accept or retain - cost outweighs impact
What are the types of crisis?
Natural event
Industrial accident
Product/service failure
PR disaster
How should businesses manage a crisis?
Try to prevent crisis
Make a contingency plan
What is a disaster and what will a plan provide for?
Breakdown leading to loss
Standby procedure
Recovery procedures
Personnel management policies
What is business resilience?
Ability to manage and survive against shocks and disruptions to operations
What 4 metrics are used to measure resilience?
Compliance
Completeness
Value
Capability
What does a business continuity plan include?
Responsibilities
Priorities
Backup/standby arrangements
Communication with staff
Public relations
Risk assessment