Risk Management Flashcards
Define Risk
No consensus
Different context/disciplines
Uncertainty and potential loss
Uncertainty = lack of complete information about the future
Predisposition to focus on “easy to understand“ risks vs “ harder to understand” risks
Traditional vs contemporary stance
What needs to be considered in risk management
Risk – the extent to which the outcomes of a strategy can be predicted
Opportunities and strategies, e.g. new customers, new markets, new countries, new competencies… all imply risk
The greater the potential impact (downside) of what could go wrong, the greater risk
If organization moves away from “what it knows“ ➡️ risk increases (more unknown factors)
Risk management – strategic issue BUT some organizations treat risk tactically and piecemeal
Define risk management (Rejda & McNamara, 2018)
A process that identifies loss exposures faced by an organization and selects the most appropriate techniques for treating such exposures
Define Loss exposure
Any situation or circumstance, in which a loss is possible, regardless of whether a loss occurs
E.g. plant may be damaged by fire; car may be damaged in a collision
List pre-loss objectives
Prepare for potential losses in the most economical way
Reduce anxiety
Any legal obligations
List post-loss objectives
Survival of the firm
Continue operating
Stability of earnings
Continued growth of the firm
Minimize the effects that a loss will have on other persons and on society
What are the 3 categories of risk
Preventable risks - risks arising from within the company that generates no strategic benefits
Strategy risks – risks taken for superior strategic returns
External risks – external, uncontrollable risks
What is the risk management process
Risk identification – what are the risks involved?
Risk analysis
Risk mitigation – strategies for managing risk
Risk monitoring
What is risk identification?
Identifying the different possible risks involved
Strategic risk
Financial and reporting risk
Compliance and governance risk
Operational risk
What is risk analysis?
Analyzing the possible risks involved
Examine the likelihood and impact of each risk
Rank each risk
What is risk mitigation?
Identifying strategies for managing risk
Risk acceptance – prepare for possible consequences
Risk avoidance
Risk transference; switching it, diluting it, ensure against it
Risk reduction (invest to reduce risk)
What is risk monitoring?
Monitor and track the effectiveness of the risk management program and adjust where necessary
NB report results – communicate the results to each key stakeholders
What is enterprise risk management (ERM)
A comprehensive risk management program that addresses all risks faced by an organization.
List the benefits to ERM
An integrated response to a range of risks
Improved risk assessment and risk awareness
Less operational “surprises”
Heightened competitive advantage
Improved compliance with corporate governance guidelines
Higher quality data for decision-making
Provide a holistic view of risk to C-suite management
Healthier financials
Creation of a more risk focused culture
List the challenges of ERM
Lack of risk mindset/risk culture
Lack of risk leadership
Lack of ability to identify risks
Underestimating risks or difficulty in communicating concerns
Measurement of known risks
“Turf wars” departments/SBUs over responsibilities
Lack of formal framework and lack of commitment to ERM
Limited visibility into risks due to lack of information sharing and transparency across the business
New risk factors emerge
Requires time and capital investment to be successful
Lack of perceived value of ERM
Lack of training
Lack of change management/resistance
More sophisticated use of technology and AI to manage risk required
