The purpose and process of risk management Flashcards
Define Risk Management
The identification, analysis and control of the risks that threaten the operations, assets and other responsibilities of an organisation.
Do risks arise as much from the possibility that opportunities will not be realised as it does from the possibility that threat will materialise or that mistake will be made?
Yes
The potential benefits of Risk Management are…
- Compliance with legislation and regulation
- improved corporate governance (top management control)
- understanding operational risk
- understanding risks associated with opportunities
- improvements in both internal and external risk reports
- avoidance of disasters
- reduction in frequency of incidents
- reduced costs of incidents
What should risk management activities include?
Measurement of benefits in financial terms (if possible) to justify the use of resources and budgets.
Why do published plans only indicate some of the risks assessed?
Does not want to highlight its perceived weakness
Do modern business tend to be leaner than traditional counterparts?
Yes
What are risks?
Anything with the potential to threaten the operations, assets and other responsibilities of an organisation.
What act made it unlawful to employ anyone not legally entitled to work in the UK?
Immigration Act 2016
Are an organisation and their suppliers independent?
No, interdependent
What needs to be done to protect against damage or loss?
- Safety of people
- Safety of assets
- Revenue and cash flow
- Legal obligations
- Delivery of promised goods and services
What are the 6 categories to divide global and political risks?
- Global economic risks
- Global environmental risks
- Global social risks
- Global technology risks
- Geopolitical risks
- Political risks
What is global economic risk?
Financial issues that affect particular market sectors or global trading environments
What are global social risks?
Arise from ease with which people and ideas move
What are technology and cyber risks?
- Data concentration
- Human intervention
- Cyber Crime
What is one class of emerging risk deserving special mention?
Terrorist risk
What is the risk management process?
- Establish Context
- Identify Risks
- Analyse risks
- Evaluate Risks
- Treat Risks
What are the ongoing activities which are at all stages of the risk management process?
- Monitor and review
- Communicate
What does a clear organisation-wide risk management philosophy allow for?
Individual risk work to be done within a framework of long-term objectives and provides an effective benchmark for local decisions and activity.
What specifies the roles and responsibilities of key people involved in the communication and risk reporting structure?
Risk Architecture of an organisation
Who is best able to identify and understand what threats risks carry?
Function managers
What is relevant in analysing risks?
Frequency and severity
Where is the risk management philosophy embedded?
In the risk policy statement
What does evaluating risks entail?
Deciding what risk levels are acceptable based on risk appetite and risk tolerance.
Who sets risk appetite and tolerance in an organisation
Senior management
