Module 1 - Unit 1 Concepts And Definitions Of Risk And Risk Management

Question 1

ISO 31000 Definition of Risk

Answer 1

The effect of uncertainty on objectives

Question 2

Definition of Risk Management

Answer 2

Coordinated activities to direct and control an organisation with regard to risk

Question 3

Definition of Key Dependencies

Answer 3

Key things the organisations need to be successful. They can be internal/external.
E.g., : retaining a licence to operate in a particular teritory or maintaining a credit rating

Question 4

What are Core Processes?

Answer 4

Core processes are a collection of activities that deliver stakeholder expectations. They also ensure the continuity of a business.

E.g., deliver healthcare

Question 5

Definition of Stakeholder Expectations

Answer 5

Stakeholders are parties who have an interest in a business or are affected by what it does.

E.g., investors, suppliers, customers

Question 6

What is Credit Risk?

Answer 6

Credit Risk is the risk of loss; a party fails to pay

E.g., counterparty failure

Question 7

What is Market Risk?

Answer 7

Market Risk arises from fluctuations in values or income from assets.

Question 8

What is the difference between Control Risk, Compliance Risk, Opportunity Risk and Hazard Risk?

Answer 8

Control Risk (or uncertainy) - impact is uncertain - e.g., economic recession

Compliance Risk (or mandatory) - mandatory obligations - e.g., breach of Law

Opprtunity Risk (or speculative) - potentially positive impact, embrace benefits - e.g., expansion

Hazard Risk (or pure) - negative impact - e.g., fire in the office

Question 9

What is Operational Risk?

Answer 9

Refers to failure of internal procedures/processes, people or systems - e.g., cyber attack

Question 10

What is Liquidity Risk?

Answer 10

Refers to Insufficient resources to pay out liabilities when due

Question 11

Hopkin’s 4 types of Risk

Answer 11

Compliance Risk
Hazard Risk
Control Risk
Opportunity Risk

Question 12

4 FIRM Risk Categories

Answer 12

Financial risk
Infrastructure risk
Reputational risk
Marketplace risk

Question 13

What are the 3 ways that risk can be attached?

Answer 13

Key dependencies
Core Processes
Stakeholders

Question 14

What does STOC stands for?

Answer 14

Strategy
Tactics
Operations
Compliance

Question 15

What are 4 P’s sources of Hazard Risk?

Answer 15

People - e.g., Lack of skills, resouces

Premises - e.g., damage,, theft

Process - e.g., IT or comms failure

Products - e.g., Poor service quality

Question 16

What is Residual Risk?

Answer 16

A risk AFTER risk management actions have been taken.

Question 17

What is Hazard Risk?

Answer 17

Risk associated with sources of harm

Question 18

5 Principles of a Risk Management Framework (PACED)

Answer 18

Proportionate to the level of risk
Aligned with other b/s activities
Comprehensive, systematic & structured
Embedded within b/s procedures and protocols
Dynamic, interactive and responsive to change

Question 19

What are the aims/benefits of MADE2?

Answer 19

Mandatory obligations are met
Assurance that significant risks are managed
Decisions are properly considered regarding risk
Effective core processes (STOC)

Question 20

What described best the term ‘mandatory’ in MADE2?

Answer 20

To ensure conformity with rules, regulations and obligations

Question 21

What are the 4 T’s?

Answer 21

Tolerate
Treat
Transfer
Terminate

Question 22

What are the 4 Levels of Risk Management Sophistication?

Answer 22

INFORM - unaware of obligations
REFORM - awareness of non-complance
CONFORM - actions to ensure compliance
PERFORM - achieve business opportunities
DEFORM - inactivity caused by obsession

Question 23

What are the 4 E’s of Opportunity Risk Management?

Answer 23

Explore
Expand
Exploit
Exist