Module 5 - Mid-term Pt 2 Flashcards
Types of Underestimating Risk
- Optimism Bias
- Normalcy Bias
- Overconfidence Bias
- Gambler’s Fallacy
- Status Quo Bias
- Hindsight Bias
Hindsight Bias
Once an event has occurred, people tend to believe that they “knew it all along,” which can lead to
underestimating the risks they perceived before the event and failing to prepare for future similar risks.
Status Quo Bias
People tend to prefer things to remain the same and underestimate the risks associated with not changing
or adapting, such as maintaining outdated security protocols.
Gambler’s Fallacy
This bias involves the mistaken belief that past events affect the likelihood of future outcomes, such
as underestimating the risk of an event because it hasn’t happened for a while (e.g., “we haven’t had
an earthquake in years, so it won’t happen now”).
Overconfidence Bias
This occurs when people overestimate their own knowledge or abilities, leading them to underestimate risks they don’t fully understand or have not adequately prepared for.
Normalcy Bias
Individuals often underestimate risks by assuming that things will continue to go as they always have,
ignoring the possibility of disruptive events (e.g., natural disasters or financial crises).
Optimism Bias
People tend to believe they are less likely to experience negative events compared to others,
underestimating risks like health problems, accidents, or financial losses. This bias makes them more
prone to taking on risk without adequate precaution.
Heat Maps
Two-dimensional representations of impact (y-axis) and likelihood (x-axis)
Some common features of heat maps are
- Prioritize risks by designating a risk level for each area of the graph
- The higher the combined impact and likelihood ratings, the higher the overall risk level
- Boundaries between levels vary from entity to entity, depending on various factors
Heat maps have to be a uniform set of squares (True/False)
FALSE: Heat maps do not have to be a uniform set of squares
Principle 12
Prioritizes Risk
Prioritizes Risk
When prioritizing risks, entities should focus efforts/resources on those risks that are the most relevant to the achievement of its strategy and business objectives.
The factors that influence risk prioritization are
- Velocity
- The speed at which a risk impacts the entity - Vulnerability
- The entity’s preparedness, agility, and adaptability - Persistence
- Once a risk has materialized, the length of time it impacts the entity - Complexity
- The degree of risk interdependencies - Adaptability
- The ability to address risk in a timely manner - Recovery
- The level of entity resilience - Risk Appetite levels
Principle 13
Implements Risk Response
Implements Risk Response
to achieve targeted performance while remaining within risk appetite
