lecture 1 - intro

Question 1

what is the definition of risk?

Answer 1

the condition in which there exists a quantifiable dispersion in the possible outcomes of any activity. ‘threat’ based on experience or likelihood

Question 2

what are the two risk perspectives?

Answer 2

upside risk - outcome is better than expected

downside risk - something goes wrong and effect is damaging

Question 3

what is the key purpose of risk mgment?

Answer 3

minimise downside and maximise upside risks of the business (therefore, an optimisation issue)

Question 4

what are the three options once a risk is identified?

Answer 4

accept it, manage it, reject it

Question 5

how is profit tied to risk?

Answer 5

profit is a return for risk taking. mge risk to generate profits

Question 6

what is uncertainty?

Answer 6

the inability to predict an outcome from an activity due to a lack of info about the input/output relationship or about environment the activity takes place in.

cannot measure with precision. can manage it with modelling/simulation, scenario planning and uncertainty analysis

Question 7

what are organisational risks?

Answer 7

inevitable risks faced as fact of life of running whatever business you have.

Question 8

what is a company’s risk appetite? how does it affect risk management techniques.

Answer 8

the level of risk a company deems acceptable.

risk mgment techniques should be matched to the appetite of the org., as individual risks may be offset e.g. currency risks being offset by multinational operations.

Question 9

what is risk strategy?

Answer 9

a plan for how risks should be effectively managed

Question 10

what are product, macro environment and technological risk? what umbrella do they fall under?

Answer 10

fall under business risk

product = new tech changing/writing off products potential, like phones wiping out calculators. could be smaller like materials ruled environmentally unviable etc

macro env = e.g. wars in other countries, introduces geopolitical risk

technological - developments can make processes obsolete.

Question 11

what is financial and event risk? what umbrella do they fall under?

Answer 11

fall under non-business risk

financial = currency, interest rate, stock price fluctuations. doesn’t just affect company but also customers’ lives.

event = flood/fire/earthquake etc.

Question 12

what are internal systems, human error, compliance, fraud risk? what umbrella do they fall under?

Answer 12

fall under operational risk

internal systems - controls risk, may result in quality errors

human error - everybody makes mistakes

compliance - to tax laws and compliance

fraud - can break down an org or bank

Question 13

do investors expect higher returns from debt capital or equity?

Answer 13

equity - they bear a higher risk so expect higher returns in the long term.

Question 14

what should be considered when costing risk mgment techniques?

Answer 14

these techniques cost shareholder money, so must take care not to overinsure to maximise value. economic function, so evaluate cost vs benefit.

Question 15

what are the 7 stages to risk based management?

Answer 15

risk appetite

risk identification

risk assessment

risk profiling

risk quantification

risk management

review process and feedback

ITERATIVE PROCESS.

Question 16

how does risk assessment work in risk based management?

Answer 16

once identified, must consider the nature of risk and implications. type of risk: key person/natural disaster/regulatory etc., but also the severity of the impact. is it business critical or a temporary annoyance. finally, consider the frequency/probability that the risk will occur.

Question 17

how does risk profiling work in risk based management?

Answer 17

like prioritising. can use diagrams or risk maps (x axis shows severity of loss, y axis frequency. manage risks depending on position). generally, need to evaluate severity vs frequency and understand which risks are more ‘dangerous’

Question 18

how does risk quantification work in risk based management?

Answer 18

put real numbers to probability and financial impact. usually best to quantify risks overall in monetary terms. can use: stats, financial modelling, decision trees/matrices, computer simulations, sensitivity analysis

Question 19

how does the risk management step work in terms of risk based management?

Answer 19

can either accept, abandon, control or transfer the risk.

accept low freq/low severity (costs of dealing unlikely to be worth benefits)

control high freq/low severity risks (control system/contingency plan)

transfer low freq/high severity risks (insure or contingency plan)

abandon or avoid high freq/high severity risks (change major supplier, abandon activity).

Question 20

what happens in the review and feedback stage of risk based management?

Answer 20

start an embedded system of continual risk management.

elements - full support from board of directors, culture of risk awareness amongst employees, continual process of reviewing and reassessing risks, early warning indicators to detect shifts in risks since previous assessment.

residual risk - once known risks have been accounted for. non-diversifiable.

Question 21

what are some of the characteristics of effective risk management strategies?

Answer 21

process intertwined with existing operations

operated by staff at every level of org

applied in strategy setting

applied across enterprise

identify risk events within risk appetite

provides reasonable assurance to mgment

geared to achievement of objectives

Question 22

what is enterprise risk management?

Answer 22

ISO 31000 - coordinated activities to direct and control an organisation with regard to risk.

specifically, an org-wide top down system for cost-effectively identifying, evaluating and management all financial and other business risks. under ERM mgrs are risk owners, with responsibilities for ensuring value-based risk management

holistic, with focus on value creation. minimise downsides, while recognising risk needed to generate future cash flows.

recognises risk hedging is costly, motivates mgrs to identify natural hedges to minimise cost of risk mgment.

incorporates risk appetite - varies across orgs, industries and socio-economic contexts.

Question 22

how can risks be controlled?

Answer 22

orgs should consider appropriate forms of control to manage risks:

organisational structure, governance, mgment accounting controls, audit, ethical codes, financial policies, info systems

implement controls and checks

Question 23

how can ERM be implemented well?

Answer 23

know the org

where does risk add or detract from value?

what is needed to successfully implement (education, training etc)

how is ERM success measured and evaluated over short and long terms

how much to invest in ERM and where to invest.

Question 24

what are the benefits of ERM?

Answer 24

Increases risk awareness

Assists effective audit & governance

Fosters wider organizational understanding & ethical behaviour (e.g., by promoting the ‘corporate good’)

Promotes regulatory compliance (important in financial firms)

Can improve firm value (e.g., by encouraging cost-benefit analyses)

Facilitates strategic/operational change in change business environments

Question 25

what are the limitations of ERM?

Answer 25

Can be costly

Difficulty in ‘winning over’ managers & staff

Organizations may say they have ERM, but do not implement & operate it effectively

May engender intra-organizational frictions – e.g., between risk-takers & the risk-averse.