Principles

Question 1

How does an organisation align risk management with its objectives?

Answer 1

It determines it’s risk management appetite after assessing its capacity for risk.

Question 2

Define Risk Management Capacity

Answer 2

The maximum amount of risk an organisation can bear

Question 3

Define Risk Management Appetite

Answer 3

The amount of risk an organisation is willing to accept.

Question 4

What is the primary outcome of aligning with objectives?

Answer 4

Suitable risks are identified and that appropriate priority for action is given to individual risks and the overall risk associated with the activity.

Question 5

To align with objectives an organisation must.

Answer 5

• Clearly state and agree strategy and policy
• Have clear objectives for the organisation
• Understand appetite and capacity for risk
• Have clear risk balance levels

Question 6

In Fits the context. What are external contexts?

Answer 6

• Sector
• Markets
• Locations
• Regulatory regimes

Question 7

Expand PESTLE for external context

Answer 7

Political
Economic 
Sociology
Technological
Legal 
Environmental

Question 8

Fits the context, expand the internal context

Answer 8

Culture
Structures
Stakeholder relationships
Processes deployed

Question 9

Expand POTI for internal contexts

Answer 9

Processes and business models
Organisations Roles, responsibilities and cultures
Technology and tools
Information

Question 10

Primary outcome of fits the context

Answer 10

Money is not wasted, either on an over engineered approach that wastes money because it cannot effectively deal with the risks posed by the external an internal environment within the risk capacity and appetite.

Question 11

What’s are the ‘trigger categories’ within Engage stakeholders?

Answer 11

Users/beneficiaries (Customers/staff)
Those in governance (Board/regulators)
Influencers (Press/media)
Providers (Suppliers of goods)

Question 12

Primary outcome of Engaging stakeholders?

Answer 12

The risk identification step of the process is thorough and the differences are understood and resolved as far as possible so that time and money are not wasted on misunderstandings which could be avoided.

Question 13

Primary outcome of Provides Clear Guidance

Answer 13

The organisation can compare results with plans and make judgements about whether resources are being deployments optimally

Question 14

Define Risk Tolerance?

Answer 14

The threshold levels of risk exposure which when exceeded will trigger an escalation

Question 15

Primary outcome of Informs Decision Making

Answer 15

Important decisions are taken with explicit consideration of the impacts of risks and the status of risk management

Question 16

Primary outcome of Facilitates Continual Improvement

Answer 16

The organisation does not waste its valuable resources by making the same mistake twice or failing to seize opportunities

Question 17

Primary Outcome for Achieves measurable value

Answer 17

Baselines and process to measure performance must be established. These will ensure that the investment in risk management across the organisation can be justified on an ongoing basis.