Module 1 - Unit 1: Concepts and definitions of risk and risk management

Question 1

The ISO 31000 definition of a risk is?

Answer 1

The effect of uncertainty on objectives

Question 2

Describe the development of risk management

Answer 2

1950s: Escalating insurance costs

1960s-70s: Financial/Insurance based, hazard focused (e.g. H&S)

1980s: RM techniques applied to project management
1990s: Orgs consider ‘operational’ risks 2000s:

Rise of holistic ERM approach and specialisation e.g. clinical/energy,IT

Question 3

The difference between hazard, opportunity and control risks?

Answer 3

HAZARD: Pure - impact will be negative

OPPORTUNITY: Speculative - potentially positive impact

CONTROL: Speculative - impact is uncertain

Question 4

Three ways that risks can be attached?

Answer 4

1. Objectives/stakeholder expectation (e.g. growth)
2. Core processes (e.g. deliver healthcare)
3. Key dependencies (e.g. commissioning arrangements)

Question 5

5 benefits of good RM?

Answer 5

MADE2!

1. MANDATORY obligations are met
2. ASSURANCE that significant risks are being managed
3. DECISIONS are properly considered re. risk
4. EFFECTIVE STOC processes
5. EFFICIENT STOC processes

Question 6

RM helps improve an org’s STOC core processes. What does STOC stand for?

Answer 6

Strategy

Tactics

Operations

Compliance

Question 7

5 principles of an RM framework?

Answer 7

PACED!

1. PROPORTIONATE to the level of risk
2. ALIGNED with other b/s activities
3. COMPREHENSIVE, systematic & structured
4. EMBEDDED within b/s procedures and protocols
5. DYNAMIC, iterative and responsive to change

Question 8

What 4Ps are the sources of hazard risks?

Answer 8

People

Premises

Processes

Products

Question 9

Give an example for each of the 4Ps

Answer 9

People: Lack of skill mix, resources

Premises: Damage, contamination, theft

Processes: IT or comms failure

Products: Poor service quality, suppliers

Question 10

Which of these best describes ‘residual’ (or net, current) risks:

A) A risk before any actions have been taken to manage it

B) A risk associated with speculative opportunities

C) A risk after risk management actions have been taken

Answer 10

C) A risk after risk management actions have been taken

Question 11

Which of these best describes ‘hazard’ risks?

A. Risks associated with the benefits of speculative opportunities

B. Risks associated with sources of harm

C. Risks associated with the management of uncertainty

Answer 11

B. Risks associated with sources of harm

Question 12

What are core processes?

A. Key components of a firm’s business model

B. The key things that the organisation needs to be successful

C. Operational requirements that impact a business’s significant risks

Answer 12

A. Key components of a firm’s business model

Question 13

Which of these best describes the term ‘mandatory’ in relation to risk management objectives as set out in MADE2?

A. To ensure that risk management complies with the five principles of PACED

B. To ensure that appropriate risk-management information is available

C. To ensure conformity with rules, regulations and obligations

Answer 13

C. To ensure conformity with rules, regulations and obligations