Module 1 - Unit 2 Risk Management Standards

Question 1

What is the definition of Risk Management Framework?

Answer 1

Also known as the risk management context. Consist in activities to do to manage the risk across the organisation. This comprises the (RASP)
Risk
Architecture
Strategy and
Protocols

Question 2

What is Risk Management Process?

Answer 2

The process to follow to minimise risk in the organisation which is driven by how the framework is set up (it can also be affected by internal/external environment)

Question 3

What is Risk Standard?

Answer 3

A published guide for managing risk. Usually comprising a risk Framework and a risk Process.

Question 4

What Is Risk Architecture?

Answer 4

Risk Architecture - focuses on answering the question of who does what in relation to risk management.

Question 5

What is Risk Strategy?

Answer 5

Risk Strategy - the agreed overriding purpose and aims of risk management in the organisation

Question 6

What is Risk Protocols?

Answer 6

Risk Protocols - the set tools, procedures and instructions that the organisation has for managing risk. Involves publication of risk policy document and setting of risk appetite.

Question 7

What is Risk Context?

Answer 7

Risk Context - described as RASP or the risk management framework within the organisation.

Question 8

What are the 3 elements relating to risk context?

Answer 8

RASP

Internal context - relates to the organisation’s structure, objectives, policies, strategies, process and culture.
a) the org. divisions, departments,structures
b) internal stakeholders
c) corporate governance
d) factors that influence how the org will set and achieve its objectives

External context - is the environment within which the organisation exists.
a) social and cultural
b) the industry, products
c) key drivers
d) relationship with stakeholders

Question 9

Basel III (3 Pillars) - applies to banks

Answer 9

Pillar 1 - Capital adequacy
Pillar 2 - Supervisory requirements to review Risk Capital (ICAAP)
Pillar 3 - Disclosure of information (Market discipline)

Question 10

Solvency II (3 Pillars) - applies to insurers

Answer 10

Pillar 1 - Quantitative Requirement (Solvency Capital Requirement (SCR)
Pillar 2 - Qualitative Requirements (Governance, supervisory Review (ORSA)
Pillar 3 - Reporting & Disclosure Requirements

Question 11

What does ICAAP stands for?

Answer 11

Internal Capital Adequacy Assessment Process

Question 12

What does ORSA stands for?

Answer 12

Own Risk and Solvency Assessment

Question 13

What are the 3 Risk Management Standards?

Answer 13

IRM
COSO ERM CUBE
ISO31000 (2018)

Question 14

Name 3 steps in Risk Management Process

Answer 14

1. Identify risks
2. Evaluate risk
3. Manage risk

Question 15

COSO 4 categories of organisational objectives

Answer 15

Strategy
Operations
Reporting
Compliance

Question 16

ISO31000 - 3 components

Answer 16

Principles + Framework + Process

Question 17

ISO31000 - 8 Principles

Answer 17

1. Customised to the organisation
2. Inclusive
3. Structured & Comprehensive approach
4. Integrated approach
5. Dynamic
6. Best available information
7. Human & cultural factors influence all aspects of RM
8. Continual Improvement through learning and experience

Question 18

What are the steps to implement ISO31000 Framework?

Answer 18

Leadership & commitment at board
Design of framework
Implement risk management
Monitor and review framework
Improve framework

Question 19

What are the elements of the ISO31000 risk management process?

Answer 19

1. Scope, context, criteria
2. Risk Assessment ( identify, analise, evaluate)
3. Risk Treatment

These are bordered by communication, monitoring and recording.

Question 20

COSO ERM cube sides

Answer 20

Front - RM process
Top - Organisational objectives
Side - Implementation process

Question 21

COSO 4 implementation elements

Answer 21

1. Entity level
2. Division
3. Business Unit
4. Subsidiary