Risk Management Flashcards
What is risk management?
The process of measuring or assessing risk and developing strategies to manage it.
What does ISO 31000 define as risk management?
The identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor and control the probability and/or impact of unfortunate events.
List the basic principles of risk management.
- Create value
- Address uncertainty and assumptions
- Be an integral part of organizational processes and decision-making
- Be dynamic, iterative, transparent, tailorable, and responsive to change
- Create capability of continual improvement and enhancement
- Be systematic, structured, and continually or periodically reassessed
What is the first step in the process of risk management?
Establishing the Context.
What are common risk identification methods?
- Objective-based risk
- Scenario-based risk
- Taxonomy-based risk
- Common-risk checking
- Risk charting
What must be assessed after risks have been identified?
The potential severity of impact and the probability of occurrence.
Define business risk.
The risk associated with the overall operation of a business.
What is liquidity risk?
The risk that an entity will not be able to meet its short-term financial obligations.
What are the types of risks associated with manufacturing, trading, and service concerns?
- Market Risk
- Operations Risk
- Financial Risk
- Business Risk
What is risk avoidance?
Performing an activity that could carry risk, such as not buying a property to avoid legal liability.
What does risk reduction involve?
Reducing the severity of the loss or the likelihood of the loss from occurring.
What is risk sharing?
Sharing with another party the burden of loss or the benefit of gain from a risk.
What is risk retention?
Accepting the loss or benefit of gain from a risk when it occurs.
List the commonly encountered areas of risk management.
- Enterprise risk management
- Risk management activities in project management
- Risk management for megaprojects
- Risk management of information technology
- Risk management techniques in petroleum and natural gas
What does the SEC Code of Governance Recommendations state about enterprise risk management?
The Board should oversee that a sound enterprise risk management framework is in place to effectively identify, monitor, assess, and manage key business risks.
What is the purpose of the Board Risk Oversight Committee (BROC)?
To ensure the functionality and effectiveness of a company’s Enterprise Risk Management system.
True or False: The Chairman of the Board can also be the Chairman of the Board Risk Oversight Committee.
False.
What is required of at least one member of the Board Risk Oversight Committee?
Relevant thorough knowledge and experience on risk and risk management.
