Section 9.81 Risk Management

Question 1

Risk Management

Answer 1

Fundamental process involving identification, analysis, treatment, monitoring, and reporting of risks to ensure an organisations obejctives are achieved in a manor consistent with its risk apetite.

Question 2

Risk Management Lifecycle

Risk Identification

Answer 2

Proactive process recognizing potential risks that could impact organisations objectives

Goal
○ Create a comprehensive list based on events hindering objectives

Question 3

Risk Management Lifecycle

Risk Analysis

Answer 3

Evaluate the likelihood and potential impact of the evaluated risks

● Qualitative e.g Catagories or quantitative methods e.g numerical values

Outcome
○ Prioritised list based on severity for guiding risk treatment

Question 4

Develop strategies

Risk Treatment

Answer 4

Develop strategies to manage identified risks…

○ Avoidance
○ Reduction
○ Sharing
○ Acceptance

Goal
○ Reduce potential impact to an acceptable level

Question 5

Risk Monitoring

Answer 5

● Ongoing process tracking identified risks

● Monitor residual risks, identify new risks, and review risk management
effectiveness

● Ensures dynamic responsiveness to organizational changes

Question 6

Risk Reporting

Answer 6

● Communicate risk information and effectiveness of risk management to
stakeholders

● Various forms:
○ Dashboards
○ Heat Maps
○ Detailed Reports

● Crucial for accountability and informed decision-making