Risk Management Flashcards
What is the payback method of calculation in Risk Management ?
A calculation that simply compares the Annual Loss Expectancy against the expected savings from implementing that control
What is NPV calculation when determining the ROI ?
It considers the cost of the money spent today against the savings that we might see tomorrow.
It uses a discount rate to place a value on money tomorrow it takes into account inflation, opportunity costs etc and each resourcing department has its own discount rate.
What is Risk Acceptance ?
This occurs when it is not financially viable to tackle the risk - This is usually when the control is more expensive than the actual risk. It is not to be viewed as deliberately not taking action.
Often their are exceptions where the risk is acknowledged and is accepted as an exception. An exemption is like an exception but will need a more formal sign off.
What is Risk Avoidance ?
This is where we put in place controls to avoid an identified risks from occurring.
What is Risk Mitigation ?
This is where we reduce risks to an acceptable level
What is Risk Transference ?
This is where a third party accepts the risk for us - an example is insurance
What is a risk exception ?
Any risk that is created due to an exemption being granted or a failure to comply with corporate policy.
What is inherent risk ?
The inherent risk facing an organisation is the original level of risk that exists before implementing any controls.
What is residual risk ?
Is the risk left after controls have been implemented.
What are key risk indicators ?
Metrics to measure and provide early warning for increasing levels of risk.
What should be recorded in a risk register ?
Risk Owner
Risk Threshold Information
Key Risk Indicators
What is Risk Appetite ?
Is the level of risk that is willing to be accepted as the cost of doing business
Appetites can be expansionary, neutral or conservative and they are indicative of the approach the organisation has as a whole to risk. Risk tolerance is the same idea but applied to individual items so it is possible to have a low risk appetite generally but a high risk tolerance on a particularly important asset. Tolerance is a measure on individual items.
What is Risk Tolerance ?
The ability to withstand risk and maintain operations.
What is a risk threshold ?
It is the level at which a risk becomes unacceptable
What is TCO ?
The TCO is a consideration not just of the sticker price but also the other parts of the cost ownership model such as training, support and operations etc
TCO doesnt instantly save you money its savings are realised over time.