Risk Types

Question 1

What is strategic risk?

Answer 1

Current and prospective risk to earnings and capital arising from changes in the business environment and from adverse business decisions, improper implementation of decisions or lack of responsiveness to changes in the business environment.

Question 2

What forms can strategic risk take?

Answer 2

1. Wrong strategy

2. Failure to implement strategy correctly

Question 3

What is operational risk?

Answer 3

The risk of loss arising from processes, people, systems or external events.

Question 4

What is financial risk?

Answer 4

The risk of loss arising from revenues not matching or exceeding costs.

Question 5

What is gearing?

Answer 5

Aka leverage - ratio of firm’s debts to the value of its equity. A highly geared company can suffer if interest rates rise or if revenues fall too low to repay debts.

Question 6

What is PESTLE analysis?

Answer 6

Analysis of external macro environment - political, economic, social, technical, legal, environmental.

Question 7

What is business process analysis?

Answer 7

Analysing each high level business process and describing the internal processes and external factors which can influence those processes.

Question 8

What is the formula for risk score?

Answer 8

Risk Score = Likelihood score x impact score

Question 9

How may external risks be analysed?

Answer 9

• PESTLE analysis
• Business continuity/disaster recovery planning
• Business process analysis

Question 10

How many internal risks be analysed?

Answer 10

• Structured brainstorming - SWOT analysis
• Industry best practice benchmarking
• Scenario analysis - stress testing, reverse stress testing
• Risk assessment workshops - what factors could impede attainment of business objectives.
• Discussions with external auditors

Question 11

What is risk appetite?

Answer 11

The level of loss that a firm is willing to accept in its different businesses over a specified time horizon at a given level of confidence.

Question 12

How might risk appetite be defined for quantifiable risks like credit or market risk?

Answer 12

• a monetary tolerance for direct financial loss

- specific risk measures such as credit or market value at risk (VaR) metrics.

Question 13

For non quantifiable risks, how might a risk policy address these?

Answer 13

Non financial statements e.g. regarding disaster recovery in the event of loss of main premises, the firm can reopen within 8 hours

The firm has no appetite for reputation risk. All external communications need sign-off.

Question 14

What is a group risk profile?

Answer 14

Current default risk tolerance and level of available risk capital.

Question 15

With setting a risk tolerance, how might this occur?

Answer 15

Top down and bottom up approach

Question 16

What would a top down approach to setting a risk tolerance be?

Answer 16

• identifying threats to firm objectives
• relating them to the coverage available from firm’s capital, earnings, assets and
• recognising that holding capital is not always the best mitigant for every risk and using scenario analysis to enable appropriate responses to be devised for each threat.

Question 17

What might a bottom up approach to setting a risk tolerance be?

Answer 17

• set of departmental ‘acceptable occurrence’ levels for errors and losses.
• appropriate set of key risk indicators which can be tracked against predefined tolerances.
• Escalation process to feed the bottom up approach into the the top down approach.

Question 18

What does the 2009 Walker Review on Corporate Governance suggest?

Answer 18

The risk management function is accountable to the board risk committee/