Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Institute of Risk management (IRM)/Certificate in ERM / Module 1 > IRM ERM M1U5.1 Risk Culture > Flashcards

IRM ERM M1U5.1 Risk Culture Flashcards

1
Q

IRM Risk Culture definition

A

The IRM (2012) , in their thought leadership paper ‘Risk Culture: Under the microscope guidance for boards,’ has defined risk culture

as the ‘values, beliefs, knowledge and understanding about risk share by a group of people with a common purpose, in particular the employees of an organisation or of teams or groups within an organisation.’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Actions to improve risk culture

A

Good communication of the organisation’s expectations of all staff – this could be through policies, presentations, staff newsletters, induction processes, written documents, posters and job descriptions.

Convincing employees that they will personally benefit from good risk management practices.

Involvement in the risk identification process to achieve greater buy in.

Training programmes that instil the right practices and knowledge.

Investment in the use of effective IT security tools and active and transparent monitoring of IT usage that is made clear to all employees.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a Strong Risk Culture Deloitte (2021)

A

Deloitte (2021), in their paper on ‘Enabling risk intelligent cultures’ note that a

strong risk culture is where people are enabled to, and consistently do, the right thing, the right way

in a rapidly changing, complex and interconnected world. This type of culture supports management in deciding what can be done, while making tough trade-off decisions and balancing the positive and negative impacts of those choices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Examples of Strong Risk Culture / Risk Doctor

A

Recognition of value of risk

Training people to be risk aware and risk competent

Positive risk culture allows individuals and teams to appropriately embed risk management within an organisation, to encourage people to see the value in risk management with an understanding and appreciation of the positive effect it can have.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Different risk culture perspectives

A

Retail banks emphasize customer care and service training to retain business.

Compliance with regulations is vital for banks and other organizations.

Maintaining a ‘compliant culture’ is as crucial as risk management.

Healthcare services focus on stress-free patient experiences to enhance treatment success and foster loyalty.

In industries like airlines, manufacturing, mining, and hotels, safety culture is paramount.

Leadership support and staff training are crucial for ensuring safe working practices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Negative culture example The Barclays Bank LIBOR scandal

A

The Barclays Bank LIBOR scandal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Control of risk cultures

A

For example, is risk management discussed as a value adding process that can help an organisation achieve and / or improve on its objectives, or is it seen as a tick box exercise that is compliance led.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Reason for updating COSO ERM Framework in 2017

A

The COSO ERM Framework was updated in 2017 in part to recognise that having a best-in-class ERM approach does not add value where a positive risk culture does not support it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does a good risk
culture look like? IRM Study

A

Clear leadership commitment:

Ethical principles at the core:

Continuous risk management:

Transparent communication:

Encouragement of reporting and learning:

Understanding of risks:

Encouragement of appropriate risk-taking: Positive risk-taking behaviors should be recognized and promoted, while inappropriate behaviors should be addressed.

Valuing risk management skills: Risk management expertise should be valued and supported, with adequate resources and professional development opportunities provided.

Diversity of perspectives:

Alignment with employee engagement:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

IRM Culture A-B-C
approach

A
  • The Culture of a group arises from the
    repeated Behaviour of its members
  • The Behaviour of the group and its
    constituent individuals is shaped by
    their underlying Attitudes
  • Both Behaviour and Attitudes are influenced
    by the prevailing Culture of the group
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Risk attitude vs Risk behaviour vs Risk culture

A
  • Risk attitude is the chosen position
    adopted by an individual or group towards
    risk, influenced by risk perception and
    pre-disposition
  • Risk behaviour comprises external
    observable risk-related actions, including
    risk-based decision-making, risk processes,
    risk communications etc.
  • Risk culture is the values, beliefs,
    knowledge and understanding about
    risk, shared by a group of people with a
    common intended purpose, in particular
    the leadership and employees of an
    organisation.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Institute of Risk management (IRM)/Certificate in ERM / Module 1 (33 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions