Risk management Flashcards
What is risk? Vs Uncertainty
Risk can be defined as “the possible variation in outcome from what is
expected to happen”.
Uncertainty is “the inability to predict the outcome from an activity due
to a lack of information”
Types of risk
There are two main types of variation that can take place.
Downside risk (pure risk) is the possibility that the outcome will be
worse than expected – i.e. the worst case scenario.
Upside risk (opportunity risk) is the possibility that something could
got better than expected – i.e. the best case scenario
Measuring risk
The degree of risk that an organisation faces can be measured by considering two
main issues.
Risk = Likelihood × Impact
The risk management process
Risk management is the process of identifying and assessing
(analysing and evaluating) risks and the development, implementation
and monitoring of a strategy to respond to those risks.
Risk management process
Strategic objectives
Risk analysis (assessment)
Risk appetite
Risk identification
Risk evaluation and response
Risk monitoring and reporting
Review process and feedback
Risk appetite
Risk appetite is the extent to which a company is prepared to take on
risks in order to achieve its objectives.
Influences of risk appetite
Expectations of shareholders
National culture
Regulatory framework
Nature of ownerships
Personal views of managers
Miles and Snow
Miles and Snow suggested that there are four main types of management attitudes.
Miles and Snow
Type - Definition
Typical characteristics
Approach to risk
Miles and Snow
Type
Reactors
Typical characteristics
Inconsistent
Fail to link technology,
structure and process to
strategies
Approach to risk
Risk averse
Only change if forced to do
so
Strategies often out of date
in changing markets
Miles and Snow
Type
Defenders
Typical characteristics
Specialist provider of a
specific product
Narrow area of
operations
Management expertise
Stable, efficient
Approach to risk
Low risk tolerance
Maintain share of chosen
market
Ignore developments
outside expertise
Grow incrementally
Miles and Snow
Type
Analysers
Typical characteristics
Two business areas –
one stable (c.f.
defenders) and one
innovative (c.f.
prospectors)
Approach to risk
Balanced attitude to risk/return
Wait and see market
reaction to new
developments before
committing
Then establish formal
structures to ensure
efficiency
Miles and Snow
Type
Prospectors
Typical characteristics
Continually changing
structure/technology
Broad approach to
planning
Results orientated
Wide portfolio
Approach to risk
Risk seeking
Entrepreneurial
Responsive to new trends
Seek new markets/products
Risk identification
Risk identification sets out to identify an organisation’s exposure to
risk.
Risks are fundamentally similar to threats
You can use PESTEL analysis and Porter’s Five Forces model to help you to identify
risks in the exam
Risk assessment
Risk assessment establishes the financial consequences of each risk
(severity) and its likelihood of occurrence.
Risk assessment
Financial consequences (Impact)
Likelihood of occurrence
Risk evaluation
Risk evaluation is the process by which a business determines the
significance of any risk and whether those risks need to be addressed.
What is the likely cost?
What are the likely benefits?
Legal or regulatory requirements
Stakeholders views
Socioeconomic and environmental factors
Risk response
The TARA model provides an outline of general risk responses.
Avoidance
Avoid downside by
not undertaking/
terminating risky
activities
Usually lose upside
potential as well
Reduction
Retain the activity
but take action to
limit risk to
acceptable levels
Mitigating controls:
Preventative
Corrective
Directive
Detective
Transfer
Transfer risk to a
third party
e.g. insurance,
hedging
Acceptance/Retention
Tolerating losses
when they arise
For small risks could
be cheaper than
insurance (‘selfinsurance’)
Risk monitoring and reporting
The need for systems
To monitor the effectiveness of the current risk management process.
To monitor whether the risk profile is changing.
Reporting on risk management
Minimum board disclosure:
Existence of a process for managing risks.
How the board has reviewed the effectiveness of the process.
Process accords with Turnbull guidance.
Reporting on risk management
Additional board disclosure:
That they are responsible for the company’s systems of internal control.
That systems have been designed to manage, not eliminate, risk.
How the board have dealt with the internal control aspects of significant
problems highlighted in the accounts.
Any weaknesses in internal control that have resulted in material losses.
Risk registers
Risk registers can be used to document and monitor the risks that have been
identified and the risk mitigation strategies.
Quantitative analysis
Various methods of quantitative analysis can be used to analyse risks.
These include:
Break-even analysis
Sensitivity analysis
Expected values
Decision trees
Statistical analysis.
Break-even analysis
The break-even point is the level of production required for the
business to make neither a profit nor a loss.
The exam often contains calculations which are based on the break-even concept.
Total profit = Total contribution – Total fixed costs
Total contribution = Units sold × Contribution per uni
Break-even point:
Calc
Total contribution = Total fixed costs
Break-even units = Total fixed costs
/ Contribution on per unit
Sensitivity analysis
Sensitivity = Estimated profit / Total value of the cash flow affected
Some exam questions look at how an estimated performance of the company might
change if the variables change.
Expected values
An expected value is a weighted average value, based on
probabilities.
These can offer a helpful guide for management decisions.
A project with a positive expected value should be accepted
A project with a negative expected value should be rejected
Expected value = sum of (outcome × probability)
Limitations of expected values
Evaluating decisions by using expected values has a number of limitations:
The probabilities are themselves estimates and may be inaccurate.
Expected values are long-term averages and therefore less useful for one-off
decisions.
Expected values do not consider the attitudes to risk of the decision makers.
No consideration of the time value of money.
Decision trees
A decision tree is a pictorial method of showing a sequence of
interrelated decisions and their expected outcomes.
Decision trees can incorporate both the probabilities of, and values of,
expected outcomes.
Commonly management will use decision trees to structure the choices
and outcomes of a decision.
Producing a decision tree
Choices will be mapped as squares
Outcomes of those choices will be marked as circles
Statistical analysis
Statistical analysis is the collection and interpretation of data in order to
uncover patterns and trends, to help with decision making and analyse
risks. There are three statistical techniques that you need to be aware
of:
Mean
Standard deviation
Co-efficient of variation
Mean
this is the average value of a data set. For example, if you measure the
height of ten different people at random, what is the average height per person?
Standard deviation
– in order to measure the risk associated with a particular
project, it is helpful to find out how wide-ranging the possible outcomes are. The
conventional measure for this is the standard deviation. A low standard deviation
means low variability and therefore lower risk; a high standard deviation (in relative
terms) shows high variability and so higher relative risk.
Understanding standard deviation can help identify the relative risks of different
projects.
Co-efficient of variation –
this is the ratio of the standard deviation to the mean. It is
useful when comparing the degree of variation from one data series to another, even
if the means are quite different from each other.
In a financial setting, the coefficient of variation allows you to determine how much
risk you are assuming in comparison to the amount of return you can expect from an
investment. The lower the ratio of standard deviation to mean return, the better the
risk-return trade-off will be.
