Risk Management

Question 1

What is risk management?

Answer 1

The systematic application of management policies, procedures, and practices to identify, analyse, evaluate, treat, and monitor risk.

Question 2

What is the purpose of the Navy Risk Management System?

Answer 2

To identify and treat risks, manage and report on them consistently, supporting sound decision making.

Question 3

True or False: Risk management guarantees that risks will not be realised.

Answer 3

False.

Question 4

Define ‘Risk’.

Answer 4

The effect of uncertainty on objectives.

Question 5

What characterises an event in risk management?

Answer 5

A deviation from the expected - positive and/or negative.

Question 6

Differentiate between Threat and Hazard.

Answer 6

• Threat: Conditions that can negatively impact outcomes
• Hazard: Condition that can cause injury, illness, or damage.

Question 7

What is a ‘Consequence’?

Answer 7

Outcome of an event affecting objectives with positive or negative effects.

Question 8

Fill in the blank: The chance of risk being realised is called _______.

Answer 8

[Likelihood].

Question 9

What is a ‘Control’?

Answer 9

A measure designed to reduce the likelihood of occurrence and/or the consequence of a risk being realised.

Question 10

List the categories of controls within Navy.

Answer 10

• Preventative
• Restorative
• Monitoring.

Question 11

Define ‘Risk Appetite’.

Answer 11

The amount of risk an entity is willing to accept or retain to achieve its objectives.

Question 12

What does ‘Risk Tolerance’ refer to?

Answer 12

Levels of risk taking that are acceptable to achieve a specific objective.

Question 13

What is a ‘Risk Threshold’?

Answer 13

When risks exceed risk appetite or risk tolerance, requiring further treatment or escalation.

Question 14

What does SFARP stand for?

Answer 14

So Far as Reasonably Practical.

Question 15

How must workplace health and safety risks be managed?

Answer 15

In accordance with legislative requirements to eliminate or reduce SFARP.

Question 16

What is ‘Residual Risk’?

Answer 16

The risk remaining after systems of control have been developed and implemented.

Question 17

What are the four characteristics that can define a given risk?

Answer 17

Duration, applicability, recognition, and level of severity.

Question 18

What is a chronic risk?

Answer 18

An enduring risk that is always present and requires continual monitoring and re-assessment.

Question 19

What is a finite risk?

Answer 19

A risk that applies for a specific time or activity and is no longer monitored once that time or activity has passed.

Question 20

Define systemic risk.

Answer 20

A risk that extends across the whole system and cannot be managed exclusively by one part or authority.

Question 21

Define discrete risk.

Answer 21

Risks that can be managed by a single executive authority and do not impact other parts of the system.

Question 22

What is a known risk?

Answer 22

A risk that has been correctly identified, regardless of the ability to evaluate it.

Question 23

What are the two types of unknown risks?

Answer 23

• New (unknown unknowns) * Latent (known unknowns)

Question 24

What is the purpose of the Navy Harmonised Risk Matrix (NHRM)?

Answer 24

To assign a risk’s level of severity through analysis of likelihood and consequence.

Question 25

What is deliberate risk management?

Answer 25

A process designed to identify risks and develop controls to prevent or mitigate them.

Question 26

What is incident management?

Answer 26

The application of restorative controls when a known risk has materialized.

Question 27

What characterizes crisis management?

Answer 27

Urgency, ad hoc decisions, multiple opinions, limited options, and conflicting information.

Question 28

What is the primary objective of the Navy Risk Management System?

Answer 28

To avoid the realization of risk and progression to incident management.

Question 29

What should risk managers do to avoid a crisis management scenario?

Answer 29

Constantly scan the risk horizon for new and latent risks and changes to known risks.

Question 30

List critical factors for monitoring the risk horizon.

Answer 30

• Access to reliable knowledge * Experienced personnel * Avoiding day-to-day distractions * Robust assurance regime * Posting continuity * Effective induction processes * Performance reporting system.

Question 31

How often should risk managers review known risks?

Answer 31

-every six months
- on posting of key personnel
- on changes to regulations
- when a finite risk is due to expire

Question 32

What is a system of controls in risk management?

Answer 32

A hierarchy of preventive, monitoring, and restorative controls needed for effective risk management.

Question 33

What is residual risk?

Answer 33

Risk that remains after preventive controls have been applied.

Question 34

What can cause design flaws in controls?

Answer 34

Resource constraints, unknown risks, interdependencies, new technologies, and lack of knowledge.

Question 35

What human factors can lead to ineffective controls?

Answer 35

Fatigue, carelessness, bravado, inexperience, and poor communication.

Question 36

What must be included in a risk management strategy to ensure effectiveness?

Answer 36

Process and outcome assurance.

Question 37

True or False: Every control can be 100% effective in mitigating risk.

Answer 37

False.

Question 38

What should risk managers do when a finite risk is scheduled to expire?

Answer 38

Review the risk and assess for any new or existing risks.

Question 39

What’s the reference for risk management

Answer 39

ANP3001 CH7

Question 40

What are the types of risk

Answer 40

Safety
Technical
Capability
Mission
Environmental
Reputation