Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

All Notecards > Risk > Flashcards

Risk Flashcards

1
Q

Risk

A
  • The effect of uncertainty on objectives
  • It is potential - what could happen (not positive or negitive)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Antifragility

A

Ability to not just withstand high-impact events or shocks but to improve and benefit from them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Risk management

A
  • Coordinated activities to direct and control an organization with regard to risk
  • Designed to change the probability of risk event occurring and/or degree of impact on organization’s objectives
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Known knowns

A

Events to be expected and involve little uncertainty

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Known Unknowns

A

Uncertainties we know exist, but don’t know much about their probability or impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Unknown knowns

A
  • Risks we mistakenly think we understand
  • Black swans - unforseen outlier events that are rare and have a major impact
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Types of risk

A
  • Strategy
  • Operations
  • Financial reporting
  • Compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Internal and preventable risks

A
  • Come from inside the organization
  • Could include violations of ethics and failures in routine processes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Strategy risk

A

Risks that affect the organization’s ability to achieve its objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Operations Risk

A

Risks that affect the ways the organization creates value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Financial reporting risk

A

Risks that affect the accuracy and timeliness of information about the organization’s financial performance and condition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Compliance risk

A

Risks associated with meeting the requirements of laws and regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Benefits of risk management

A
  • Aligns risk management process process with the organization’s strategy and objectives
  • More effective and consistent response to risk
  • Losses are reduced and less resources wasted
  • Risks are understood and managed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Barriers to risk managemeng

A
  • Structural
  • Cognitive
  • Cultural
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Structural barrier to risk management

A
  • Silo organizations
  • Respond to risk in operational rather than strategic
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cognitive barrier to risk management

A

Need to think past “if then” scenarios to “what if” scenarios

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Cultural barrier to risk management

A
  • Be aware of the diverse workforce and their beliefs and attitudes toward risk
  • Communicate the organization;s position and appetite for risk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

An effective risk management program should

A
  • Create and protect value
  • Be integral part of all orgnizational process
  • Be apart of decision making
  • Address uncertainty
  • Be systematic, structured and timely
  • Based uponthe best available information
  • Fit an organization’s risk and control environment
  • Take into account human and cultural factors
  • Transparent and inclusive
  • Dynamic, iterative and respond to change
  • Facilitate continual improvement of the organization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Risk Organizational Framework Steps

A
  1. Management commitment
  2. Design a framework for managing risk
  3. Implementing risk management
  4. Periodic monitoring and review of the framework
  5. Continual improvement of the framework
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Risk Management Process

A

1. Establish the context of risk

1. Define risk appetite and set risk management goals 2. Identify and analyze risks 3. Manage risks 4. Evaluate

The circle then goes back to 1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Risk position

A

The organization’s desired gain or acceptable loss in value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Risk appetite

A
  • Also called risk tolerance
  • Amount of uncertainty an organization is willing to pursue or to accept to attain its risk management goals
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Risk appetite/risk tolerance affect

A
  • Amount that risk that will help organization reach or interfere with the strategic goals
  • Characteristic attitude toward risk
  • Resources or risk capacity
  • Externally imposed requirements (fire prevention programs)
  • Loss expectancy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Single loss expectancy (SLE)

A
  • Expected monetary loss every time a risk occurs
  • Single loss expectancy = asset value * exposure factor
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Annualized loss expectancy (ALE)

A
  • Expected monetary loss for an asset due to a risk over a one-year period
  • Annualized loss expectancy = single loss expectancy * annualized rate of occurrence
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Misaligned risks

A
  • Moral hazard
  • Principal-agent problem
  • Conflict of interest
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Moral hazard

A
  • One party engages in risky behavior knowing that it is protected against the risk because another party will incur any resulting loss.
  • Ex: insurance
28
Q

Principal-agent problem

A
  • Situation in which an agent (employee) makes decisions for a principal (employer) potentially on the basis of personal incentives that may not be aligned with the principal’s incentives.
  • Ex: providing incentives
29
Q

Risk control

A
  • An action taken to manage a risk
  • First step when evaluating a risk is to see if risk controls are in place and then if they are effective
  • Ex: safety training, require signitures
30
Q

MECE

A
  • Mutually exclusive and comprehensively exaustive
  • Identify all possible risks and all strategic and operational aspects of the business and avoid duplication or overlapping identification
31
Q

Duty of care

A
  • Principle that organizations should take all steps that are reasonably possible to ensure the health, safety, and well-being of employees and protect them from foreseeable injury
  • Occurs throught the entire employment lifespan
32
Q

Duty of care how to understand the risks

A
  • Consult with experts and information sources
  • Focus groups and individual interviews
  • Surveys
  • Analyzing processes
  • Direct observation
33
Q

Hazard

A
  • Potential for harm
  • Often associated with a condition or activity that, if left uncontrolled, can result in injury or illness.
34
Q

Risk level formula

A

Risk level = probability of occurrence * magnitude of impact

35
Q

Risk scorecard

A
  • Tool used to gather individual assessments of various characteristics of risk and weighs risk more heavily against strategic importance
  • Ex of characteristics of risk (frequency, degree of impact, loss or gain of the organization)
36
Q

Risk Matrix

A
  • Simple grid where horizontal axis is probability and vertical is severity of impact
  • Doesn’t reflect the degree the organization is prepared against the threat
37
Q

PAPA model includes

A
  • Prepare
  • Act
  • Park
  • Adapt
38
Q

PAPA Prepare

A
  • Low likelihood and fast speed of change
  • Contingency plans must be in place and early indicators defined
39
Q

PAPA Act

A
  • High likelyhood and fast speed of change
  • Threats and opportunities require immediate response to threat occuring or significant damage
40
Q

PAPA park

A
  • Low likelihood and slow speed of change
  • Good time to monitor changes, but not be involved in mitigation or contingencies
41
Q

PAPA Adapt

A
  • High likelihood and slow speed of change
  • May affect the organization signifiantly
  • Ex: hiring disabled new hires and should update the office accordingly but not necessary immedately
42
Q

Key risk indicators (KRIs)

A
  • Metrics that provide an early signal of increasing risk exposures for an enterprise.
  • Changes the way risks are prioritized or management actions
  • Need to be strategically aligned
43
Q

Risk register

A
  • Lists the information and responsibilitys for managing specific risks
  • Increases transparency and accountability for risk management process
  • Can be developed incrementally as part of risk management process
44
Q

Risk management tactics include

A
  • Lists the information and responsibilitys for managing specific risks
  • Increases transparency and accountability for risk management process
  • Can be developed incrementally as part of risk management process
45
Q

Upside risk management tactics

A
  • Optimize
  • Share
  • Enhance
  • Ignore
46
Q

Downside risk management tactics

A
  • Avoid
  • Transfer
  • Mitigate
  • Accept
47
Q

Avoidance Risk Treatment

A

Decision not to become involved in or action to withdraw from risk situation

48
Q

Retention Risk Treatment

A

Acceptance of buden of loss or benefit of gain for a risk

49
Q

Residual risk

A

Amount of uncertainty that remains after all risk management efforts have been exhausted.

50
Q

Risk management objectives should

A
  • Be strategically focused
  • Combine activities and results
  • Combine lagging and leading metrics
  • Modifying risks related to noncompliance
  • Instilling risk management principles in organization’s members and processes
51
Q

Lagging metrics

A

Look backward at what has been accomplished

52
Q

Leading metrics

A

Measure performance that will affect results in the future

53
Q

Emergency preparedness and business continuity require:

A
  • Contingency plan
  • Response capability to secure employee health and safety and continue productivity
54
Q

Contingency plan and its goals

A
  • Protocol that an organization implements when an identified risk event occurs.
  • Include time frames
  • Supported with training and opportunities for practice
  • Developed with specific goals in mind
    • Immediate security for employees, company assets and stakeholders
    • Comply with local laws and regulations
    • Document and report as required
55
Q

HR involvement in contingency plans

A
  • Policies
    • Define and communicate policies to avoid or mitigate risk
  • Evacuation and relocation
    • Maintain rosters
  • Communication
  • Training
  • Continuity
56
Q

Crisis Management and Readiness Process (No Crisis)

A
  1. Identify and manage risks
  2. Develop crisis management plan
  3. Train, test, drill
  4. Learn
  5. Evaluate and revise plans as needed

Then goes back to step 1

57
Q

Crisis Management and Readiness Process (Crisis)

A
  1. Identify and manage risks
  2. Develop crisis management plan
  3. Crisis
  4. Activate plans
  5. Recover, learn, improve
  6. Evaluate and revise plans as needed

Then goes back to step 1

58
Q

Workplace voilence protection

A
  • Policy outlining organizational stance towards workplace voilence and outlining response procedures to prevent response from escelating
  • Create a response team
  • Conduct drils (including active shooter drills)
59
Q

IT threat prevention

A
  • Create policies and procedures to prevent and respond
  • Have rules regarding technology use
  • Should be in the employee handbook
  • IT training should be required
60
Q

Communicating a disease risk in the workplace includes

A
  • Notification and verification of disease risk
  • Understanding the disease and resources
  • Identify the scope of the risk
  • Determine the employer risk
  • Handle internal and HR compliance matters
61
Q

Goals of evolution in risk management

A
  • Increase transparency and accountability by measuring and reporting risk management results
  • Make sure of compliance with requirements
  • Assess the effectiveness of individual risk management strategies
  • Assess effectiveness of organization’s risk management framework (values, policies, processes and culture)
  • Continually improve by investigating incidents and identifying opportunities for improving strategies and framework
62
Q

Frequency of evaluating risk management

A
  • After every major incident
  • Agreed intervalls (ex: annually)
63
Q

After-action debriefs

A
  • Meetings to examine the effectiveness of a risk response strategy
  • Ex: workplace evacuations, in-place lockdowns for security reasons, a workplace injury or act of violence, or temporary relocation of operations.
64
Q

Incident investigations

A
  • Meetings that are more limited than after-action debriefs but similar approach
  • Ex: angry dispute that becomes physical and needs intervention, workplace injury
65
Q

Documentation of incidents

A
  • Must be well documented and reported to external parties
  • Often legally required
66
Q

Whistleblowing

A
  • Reporting of an organization’s violations of policies and processes by employees
  • Some countries protect whistelblowers from retaliation
67
Q

Quality Assurance (QA)

A

Actions organization takes to be sure it is performing work according to standards it has set and uses specified processes correctly and completly

All Notecards (32 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions